Disabling public project in Azure DevOps

sonarcloud

(Sea) #1

Hi,

Each user account is getting one public organization by default. When we connect to SonarCloud from Azure DevOps we get one public organization and one private organization listed, because the connected account has both. (The one that it gets by default and our organizations private organization)

When setting up a new analysis anyone with the right rights can unintentionally select the public project. This is very unconvenient for a private organization.

Is there a way to prevent the public organization from popping up there? Or to prevent a project to be added etc?


(Fabrice Bellingard) #2

Hi,

I understand your situation, and there is currently no simple way to prevent this. I’ve created the following ticket to track this need because your point is very relevant: VSTS-187.

Meanwhile, here’s what you could do to mitigate this problem:

  1. Contact each user who is supposed to define some build definition that trigger a SonarCloud analyses
  2. Ask them to remove the “Execute Analysis” permission on their personal organization (i.e. the one you call “public organization”):

This way, they won’t be able to mistakenly publish private code on their public personal org.