Disable Auto Analysis for new projects

We’ve recently started using SonarCloud using the GitHub app however our new projects don’t use Automated Analysis so they can provide code coverage information, this is all triggered as part of our Circle CI pipeline.

Is it possible to disable Auto Analysis at either the organisation level or within the properties file?

As we create our new services from templates that including SonarCloud via Circle CI the sonar step always fails the initial builds. This is because the project is either unknown to SonarCloud or if you add it manually via the UI it enable Auto Analysis by default.

We don’t provide all our users with Admin rights so asking them to manually disable it per project isn’t an option.

This is a real pain point for us and means we’ve had to disable SonarCloud in our project templates.

I know this question has been asked many times before but the disable it using the admin menu isn’t an acceptable approach for us.

Hello @timReynolds!

May I ask you a few questions about your context? Like:

  • What languages do you have on your repos?
  • When you say “As we create our new services from templates”, do you infer that you do not use the “Analyze Projects” page and that you run a first analysis without activating it on SonarCloud first?
  • How often do you create new projects on SonarCloud?

Thanks in advance for the details!

To answer your questions;

  • TypeScript in this instance, we don’t use the auto code analysis as it doesn’t support code coverage
  • “first analysis without activating it on SonarCloud first” - correct, teams create new projects from the template and CI runs automatically on master before they’ve created the project in SonarCloud. We could change some of this flow or look to automate the creation of projects in SonarCloud if there is an API
  • Currently we’re ramping up new projects so a couple of times a week for just this one template, this will slow but for now it happens often

What I was hoping for is the project to be auto created in SonarCloud or a way for teams to later activate the project/github repo without auto analysis being enabled by default.

Hi, I was wondering if this was solved yet? We would like to do the same

OK, I understand. How do you run the analysis? I guess using a sonar-project.properties file and the SonarScanner CLI?

I’ve not looked but I’d guess that is what happens under the hood of your circleci orb.

https://circleci.com/orbs/registry/orb/sonarsource/sonarcloud

Sorry replying by email didn’t reply correctly, see;

I’ve not looked but I’d guess that is what happens under the hood of your circleci orb.
https://circleci.com/orbs/registry/orb/sonarsource/sonarcloud

Thanks for your answer @timReynolds, I’ve created SCCOMM-35 to track your request.

Hi!

We also absolutely need this because our CI tool fails on running the analysis on new projects as every new project is configured for automatic analysis upon import from GitHub and it seems that one needs to have Organization Admin privileges to disable automatic analysis. And this cannot be automated since there’s no API for this.

So, effectively, it means that if we want to run analyses from a CI tool, our developers need to have Organization Admin privileges on SonarCloud.

Is there any other way we can solve this problem? Thanks.

1 Like

Hello @jgracindexcom,

As a workaround, you can create a sonar-project.properties file in your project. This should disable automatic analysis right from the start.

On SonarCloud you can go to Administration > Analysis Method and there will be a toggle switch at the top which will allow you to enable/disable SonarCloud Automatic Analysis

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Hey @timReynolds and @jgracindexcom @j-mcgregor

We recently launched SonarCloud Enterprise, which includes support for organizaiton-wide config like disabling Automatic Analysis for new projects.