Public Project Access in Self-Hosted SonarQube (Compared to SonarCloud)

Self-hosting SonarQube (Community Edition) I noticed something that feels a bit inconsistent compared to SonarCloud, and I’d like clarification.

On SonarCloud, I distinctly remember being able to set individual projects as public or private, and that would control whether their dashboards, metrics, and badges were accessible without authentication.

However, on SonarQube (self-hosted), even after setting a project to public visibility, it still appears that:

  • The UI (dashboard) requires login
  • The badges, usually wrapped around a link (to the project) when clicked ask for log in
  • Setting project visibility to “Public” seems to have no effect unless I globally disable sonar.forceAuthentication

Seems that disabling sonar.forceAuthentication allows public access - but that affects all projects, not just the intended one

Is there no way to make just a single project public in SonarQube, while keeping others private?
I’d like to keep the majority of my projects private (without making them private on GH), but expose a badge and dashboard (scans results in detail) publicly for a specific projects without opening up everything else.

Hope that makes sense, thanks!

Hi,

Yup.

Once you’ve disabled forceAuthentication then your public/private settings kick in, and require authentication (and permissions) to see the private projects.

 
HTH,
Ann

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.