My question: I’ve done some Googling and I understand from other topics in this Sonar Community that SonarCloud does not provide fixed public IP addresses. If we enable this feature then will SonarCloud continue to work for us, or is there something we can/need to do in order to enable the aforementioned feature without encountering adverse side effects?
Background info: For each Bitbucket repo that we do sonar scans for, we have the repo bound/linked to a corresponding project in our organization in SonarCloud. When we login to SonarCloud via a web browser we click “BITBUCKET”. We do scans for each repo from our CI/CD tool (which is Bamboo) by utilizing the features described on SonarScanner for Gradle & SonarCloud and https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/other-cis/.
I’m happy to answer questions, and thanks in advance for the help.
In SonarCloud we have bound our SonarCloud organization to our Bitbucket Cloud workspace.
On a somewhat different note, at Managing your Organization | SonarCloud Docs I found that SonarCloud provides a list of domain URLs to allow for requests going in to SonarCloud.
The URL I shared above for Atlassian Support is a page that states that only IP addresses or network blocks can be added to a Bitbucket Cloud allowlist, so unfortunately I cannot add sonarcloud.io to an allowlist.
But that page also mentions “users won’t be able to clone, push, or pull a private repository”, so maybe there won’t be any issue for us with SonarCloud by enabling the allowlist feature? Given that I believe there is no git clone/push/pull being done between SonarCloud and Bitbucket Cloud.
SonarCloud needs to be able to communicate with Bitbucket to perform activities like Pull Request Decoration. SonarCloud does not need to clone, push, or pull a private repository.