Org-level protection around excessive Lines-of-Code consumption

SonarQube is licensed by the consumption against a lines-of-code budget.

A few projects can accidentally consume millions of LoC. In enterprise, it is difficult to monitor or control the output of app teams. There is a risk that a few undiciplined projects can quickly result in a platform running out of LoC. Since SonarQube is integral to CI/CD, this may result in an global outage as teams would not be able to continue building software.

To contain the blast radius of too many LoC, allow the platform admin to:

1. At the organization-level, set a global threshold that will notify when a project exceeds an admin-defined budget. This will allow for review and corrective action if necessary.
2. At the organization-level, set a global threshold that will deactivate a project exceeds an admin-defined budget. This will help mitigate the concern of a single project taking out the organization
3. Provide a mechanism to allow admin to allow specific projects to surpass the blocking threshold.

Hi,

You’ve tagged this with SonarQube Cloud. Is that your context? At an enterprise level, the admin can give an allotment of License LOC per child-organization. It sounds like you want to extend the metaphor (so to speak) down to the project level as well?

 
Thx,
Ann