I want to ask regarding how to manage permissions or teams in Sonar Cloud. I use github as the authentication layer where I also create a organization. What I see is that there is a synchronization from Sonar Cloud that makes anyone who is in the team automatically can be a member in Sonar Cloud as long as the permission is fine. But then, in my github orgs, there is several teams so that not every projects in Sonar Cloud should be accessible by everyone. Can Sonar Cloud also see the teams who has access to that repository and assign the permissions base on that? If not, how to properly handle the permission? Are there any best practices that you can give to me?
While membership in your organization can be synced with SonarCloud, specific permissions aren’t at this stage. I would suggest using permission templates to define what the default permissions should be. Unfortunately, that’s all we really have to offer today.
We recently did work on this for SonarQube (to mirror permissions in GitHub), and I expect we’ll see something similar come to SonarCloud eventually.