Skip to content

fix: make sonar_token_variable_name parameter work #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
YaraslauZhylko wants to merge 1 commit into from
Closed

fix: make sonar_token_variable_name parameter work #40

YaraslauZhylko wants to merge 1 commit into from

Conversation

@YaraslauZhylko
Copy link

@YaraslauZhylko YaraslauZhylko commented Oct 1, 2025

Problem

The sonar_token_variable_name parameter is declared in the docs but is not actually used by the orb. The script still strictly requires the token to be stored in SONAR_TOKEN variable.

Solution

Make the script use SONAR_TOKEN_VARIABLE_NAME all the time.
If the user does not provide the value, it defaults to SONAR_TOKEN as planned.

@antoine-vinot-sonarsource
Copy link
Contributor

antoine-vinot-sonarsource commented Oct 6, 2025
edited
Loading

Hi @YaraslauZhylko ,

Thank you very much for this fix 🚀

I have a question regarding the usage of this parameter. We are wondering how useful it is, like what is your test case? Could you name your variable SONAR_TOKEN or do you have a specific reason not to?
We are thinking about deprecating and removing this parameter if it appears unneeded.

In the meantime, I have open another PR where I cherry picked your fix and added a test for the param as well as a couple of minor fixes to your change.

@YaraslauZhylko
Copy link
Author

YaraslauZhylko commented Oct 6, 2025

Hi @antoine-vinot-sonarsource!

I have a question regarding the usage of this parameter. We are wondering how useful it is, like what is your test case? Could you name your variable SONAR_TOKEN or do you have a specific reason not to?

We have a single CircelCI context called sonarcloud that contains tokens for different projects. Like PROJECT_1_SONAR_TOKEN, PROJECT_2_SONAR_TOKEN, etc.

So we need an extra step to pass the token to the scanner like this:

- run:
  name: Export PROJECT_SONAR_TOKEN as SONAR_TOKEN
  command: echo "export SONAR_TOKEN=${PROJECT_SONAR_TOKEN}" >> "$BASH_ENV"

Instead of doing:

- sonarcloud/scan
  sonar_token_environment_variable: PROJECT_SONAR_TOKEN

If you remove the parameter, we'll just keep doing this or split this particular context ito project-oriented ones.
The PR was mainly created to fix the discrepancy between the docs and the actual behaviour.

@antoine-vinot-sonarsource
Copy link
Contributor

antoine-vinot-sonarsource commented Oct 6, 2025
edited
Loading

@YaraslauZhylko Thank you for the clarification.
Given what you said it's most likely that we will drop this parameter because:

  1. It never worked previously
  2. For consistency: Other similar CI tool we provide, like our GitHub action for example, don't have this capability.

So, all in all, we don't believe the use case for this parameter is worth maintaining it.
I am going to close both Pull Request, and I created a ticket on our side to drop the parameter.

@antoine-vinot-sonarsource antoine-vinot-sonarsource mentioned this pull request Oct 6, 2025
Closed
@YaraslauZhylko YaraslauZhylko deleted the fix/pass-sonar-token-variable-name branch October 11, 2025 05:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@antoine-vinot-sonarsource antoine-vinot-sonarsource Awaiting requested review from antoine-vinot-sonarsource

Assignees

@antoine-vinot-sonarsource antoine-vinot-sonarsource

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@YaraslauZhylko @antoine-vinot-sonarsource