Keeping SonarCloud analysis private!

I am a newbie and non technical but commissioned to carry to some research. Please be kind!

My organisation uses github for code and wishes to use SonarCloud. We want to keep the analysis private

How, in non technical language but as much detail as possible!, do we achieve that? Is it a SonarCloud configuration or is it in github?

Help!

Hey there.

I think the documentation on Payment and Visibility will help you understand.

In summary: on paid plans, the analysis results of private repos are private by default.

Thanks Colin. I think that page and another page ( (Managing Permissions | SonarCloud Docs) have given me the answer.

On a free plan the code and analysis are public in Sonarcloud.

On a paid plan with Github linked to Sonarcloud, Sonarcloud inherits the permissions for Github. So by default:

  • if the Github repo is public, the code and analysis in Sonarcloud are also public; and
  • if the Github repo is private the code and analysis in Sonarcloud are also private

In Project>Administration > Permissions under Project Visibility, you can then make:

  • a private Sonarcloud project public; and
  • a public Sonarcloud project private, even if the Github repo is public.

Is that all correct?

Yes, that’s perfectly correct!

Many Thanks Colin :smiley: