Questions about GitLab API & projects handling in SonarCloud

Hello,

Hope everyone is safe and healthy!

A couple of questions I wanted to ask here, would be of great help to get some answers.

Does SonarCloud require read only or both read & write API access to the main GitLab group and all its sub-projects?
I’m also curious about how SonarCloud handles projects that are not explicitly imported into its platform for analysis. Specifically, does SonarCloud automatically analyze and/or retain data for all projects within the GitLab group, even those that are not imported into SonarCloud, or does it exclusively analyze and retain data for projects that are explicitly imported for analysis?

Thanks in advance!

Hey there.

Read/Write API access (the api scope) is required. You can read more about this here.

I’ve bolded the correct interpretation at the end.

Hi, thanks for your reply. Would you please clarify what you meant for the second question, I did not understand it correctly:
“I’m also curious about how SonarCloud handles projects that are not explicitly imported into its platform for analysis. Specifically, does SonarCloud automatically analyze and/or retain data for all projects within the GitLab group, even those that are not imported into SonarCloud, or does it exclusively analyze and retain data for projects that are explicitly imported for analysis?”

Sonarcloud exclusively analyzes and retains data only for projects that are explicitly imported for analysis.