Disable Auto Analysis for new projects

timReynolds · June 18, 2020, 7:17am

We’ve recently started using SonarCloud using the GitHub app however our new projects don’t use Automated Analysis so they can provide code coverage information, this is all triggered as part of our Circle CI pipeline.

Is it possible to disable Auto Analysis at either the organisation level or within the properties file?

As we create our new services from templates that including SonarCloud via Circle CI the sonar step always fails the initial builds. This is because the project is either unknown to SonarCloud or if you add it manually via the UI it enable Auto Analysis by default.

We don’t provide all our users with Admin rights so asking them to manually disable it per project isn’t an option.

This is a real pain point for us and means we’ve had to disable SonarCloud in our project templates.

I know this question has been asked many times before but the disable it using the admin menu isn’t an acceptable approach for us.

Fabrice_Bellingard · June 4, 2020, 4:33pm

Hello @timReynolds!

May I ask you a few questions about your context? Like:

What languages do you have on your repos?
When you say “As we create our new services from templates”, do you infer that you do not use the “Analyze Projects” page and that you run a first analysis without activating it on SonarCloud first?
How often do you create new projects on SonarCloud?

Thanks in advance for the details!

timReynolds · June 5, 2020, 7:38am

To answer your questions;

TypeScript in this instance, we don’t use the auto code analysis as it doesn’t support code coverage
“first analysis without activating it on SonarCloud first” - correct, teams create new projects from the template and CI runs automatically on master before they’ve created the project in SonarCloud. We could change some of this flow or look to automate the creation of projects in SonarCloud if there is an API
Currently we’re ramping up new projects so a couple of times a week for just this one template, this will slow but for now it happens often

What I was hoping for is the project to be auto created in SonarCloud or a way for teams to later activate the project/github repo without auto analysis being enabled by default.

j-mcgregor · June 13, 2020, 6:54pm

Hi, I was wondering if this was solved yet? We would like to do the same

Fabrice_Bellingard · June 15, 2020, 4:33pm

OK, I understand. How do you run the analysis? I guess using a sonar-project.properties file and the SonarScanner CLI?

timReynolds · June 15, 2020, 4:45pm

I’ve not looked but I’d guess that is what happens under the hood of your circleci orb.

https://circleci.com/orbs/registry/orb/sonarsource/sonarcloud

timReynolds · June 26, 2020, 11:29am

Sorry replying by email didn’t reply correctly, see;

I’ve not looked but I’d guess that is what happens under the hood of your circleci orb.
https://circleci.com/orbs/registry/orb/sonarsource/sonarcloud

Fabrice_Bellingard · June 29, 2020, 8:15am

Thanks for your answer @timReynolds, I’ve created SCCOMM-35 to track your request.

jgracindexcom · November 4, 2020, 8:53am

Hi!

We also absolutely need this because our CI tool fails on running the analysis on new projects as every new project is configured for automatic analysis upon import from GitHub and it seems that one needs to have Organization Admin privileges to disable automatic analysis. And this cannot be automated since there’s no API for this.

So, effectively, it means that if we want to run analyses from a CI tool, our developers need to have Organization Admin privileges on SonarCloud.

Is there any other way we can solve this problem? Thanks.

Martin_Bednorz · November 4, 2020, 4:54pm

Hello @jgracindexcom,

As a workaround, you can create a sonar-project.properties file in your project. This should disable automatic analysis right from the start.