Importing project from GitHub organization

SonarCloud
1

I am trying to import my first project and use SonarCloud. With a large organization with hundreds of projects, is it possible for the admin of a project to import their project into SonarCloud with the permission of the organization owner but without being the owner of the organization? (and have them bound for PR decoration)

Th following scenario is where I am stuck:

  • The GitHub project is public, and part of an organization.
  • I am the admin on the GitHub project but not the owner of the GitHub organization.
  • I am the owner of the SonarCloud account attempting the import.
  • The owner of the GitHub organization can see the request from SonarCloud requesting access to the project (and approves it).
  • The import from SonarCloud redirects to the application integration GitHub page to finish the import, https://github.com/apps/sonarcloud/installations/xxxxxxx.
  • Attempts to finish that import result in permissions errors “not the owner of the organization”.

Note: After failing to import the projects that I actually wanted to import from an org, I verified that I was able to import a personal dummy project without any issues.

2

Hey there.

Thanks for reaching out to us on this.

  • It’s a little unclear to me – what exactly is returning this error: SonarCloud or GitHub? A screenshot could be really helpful.
  • Have you tried having the owner of the GitHub organization complete the initial binding on SonarClou themselves, and then trying to personally add the repos?
    • For what it’s worth I just tried a setup where I create an organization on SonarCloud after requesting from another user (the owner of a GitHub organization) that the SonarCloud application be installed and once the installation was accepted by the owner, had no issue adding repos to the new organization (as the non-owner user)

Were these projects in the same organization you were having issues with, or a seperate personal organization?

3

I will need to get with the organization owner today and try out your idea. I will reply when I have more details.

4

The organization owner is telling me that the “update” step is requiring her to import ALL projects from the organization and will not okay the use of SonarCloud this way.

I opened a GitHub support ticket, and they reported back “Once an organization owner approves the request to install a GitHub App in the organization, that should be the end of the installation process. GitHub doesn’t support third-party apps.” GitHub shows that the SonarCloud app is approved for the organization, and the GitHub team believes that the issue is in the way that SonarCloud is requesting the update. We asked GitHub for the logs associated with this SonarCloud app installation so that we could provide them to you.

5

It would be really helpful if she could share some screenshots of what she’s seeing.

There’s also a few questions in my previous response it would be good to have an answer to.

6

Response to Collin:

  1. GitHub is returning the error.

    Screen Shot 2022-03-09 at 3.10.20 PM
    Screen Shot 2022-03-09 at 3.10.20 PM1145Ă—1172 85.4 KB

  2. The projects that were successfully imported were not in this organization. They were personal projects (other than work).

7

And what happens when your owner selects Only select repositories and selects the repository you want to import to SonarCloud?

I still don’t understand this – if there’s a screenshot demonstrating this, it would make things more clear.

8

I tried an experiment similar to yours. I created a reproducer using a new GitHub org and projects. The issue occurs if the GitHub organization owner does not press the last button in the approval process to import the project. The user starts the import on SonarCloud, which triggers a request to the GitHub organization owner. The GitHub org owner receives an email with a clickable link. Following that link, the GitHub org owner allows installation of the SonarCloud app into GitHub and permission to import that project(s) with the first screen on GitHub. The org owner is then redirected to SonarCloud and gives them a warning that they are importing all users from the GitHub organization. That last step creates the organization in SonarCloud, imports the GitHub project, and imports all the users from the GitHub organization. That warning message prevented the GitHub org owner from pressing the last button and finishing the import.

GitHub support looked at the configuration on their side and believes everything looks as it should. But without the org owner finishing that final step, it doesn’t appear that I (the initiating user) can finish the import of the project(s). Is there a way to NOT import every user from the GitHub organization?

9

Can you please share a screenshot of this? This did not happen when I tried this.

10

Screen Shot 2022-03-11 at 3.55.03 PM
Screen Shot 2022-03-11 at 3.55.03 PM1021Ă—728 166 KB

11

Hey there.

I think there may just be a misunderstanding about what this message means. See the documentation on Member Synchronization and GitHub.

  • Existing GitHub users in your organization with a SonarCloud account will be added as members to your SonarCloud organization
  • Any future GitHub users in your organization who sign up for SonarCloud will automatically be added as members to your SonarCloud organization

Clicking Configure will not, for example, create a new SonarCloud account for each of your users. This is about organization membership when members of your GitHub organization login.

This can also be toggled off, and (whether or not member synchronization is turned on) permissions can still be assigned to projects granularly (not giving access to everyone).

I hope this helps your administrator feel more comfortable approving the request.

12

Colin - Thank you. You have been a great help.

1 Like