Apply custom permission template automatically for sonarqube new project report using sonar-runner

Question

How to configure sonar.projectKey under sonar-project.properties so that we can get apply custom permission template for new project report automatically. Does anyone try that? I was trying all type of combination with project key in sonarqube permission template and sonar-runner properties file. But couldn't achieve the result.

Does sonar permission template really support this from sonar-runner.

Below are screenshot attached to the link for my use case:

I have created mfg-desktop permission template and there is also present a default template provided by sonar

When I checked under project permission, I found that default permission template is getting applied in each time

Answer 1

Create a new permission Template and assign the regex to the Project Key Pattern.

For example: Regex : (prod)-\w+

It will apply the template to the new projects created with Project Key starting with 'prod-'. Sonar needs the key of the new projects to 'fully' match the regex of the permission template key. Using * might not work.

Then link the desired permissions of the users/group on the template. Also make sure the Global Permissions for the users/group are also set appropriately else permissions wont work.

Additional Info: All projects will still be visible to all users. Make your project 'Private' to make it visible only to the required group. This works on CE v7.6

Answer 2

There's nothing to do on the sonar-project.properties side.

As described in the docs, set up your permission template with a project key pattern regular expression. All new projects with keys that match the regex will have that permission template applied.

For example, if in the "Manufacturing Group" template I set my Project Key Pattern to:

 mfg-*

and analyze a new project with a key of mfg-extrusion, then the "Manufacturing Group" template will be applied. And when I analyze front-office-billing for the first time, it will not.