Managing Your Organization - Overview
Projects on a repository platform are typically grouped into organizations. This enables teams to work together, define different permissions for different users and configure common settings and features.
SonarCloud uses the same organization-based structure.
What is a SonarCloud organization?
Each SonarCloud organization represents a corresponding organization on the repository platform side. The two organizations are bound one-to-one.
In GitHub and Azure DevOps collections of projects are called organizations, in BitBucket Cloud, workspaces, and in GitLab, groups. For simplicity, we will refer to all of these generically as organizations.
An organization in SonarCloud is composed of:
- The connection to the corresponding organization on the repository platform side.
- The projects from that repository platform organization that have been imported.
- The members of the organization. Each member has a set of permissions that govern which operations they may perform.
- Organization-level configurations such as the new code definition default, the quality gate definition, and the quality profiles.
- Whether the organization is free or paid and if it is paid, the payment information and tier of the paid plan.
Creating an organization
When you sign in to SonarCloud for the first time, it will prompt you to choose one of your existing organizations (or your personal account) on the repository service to import. On import, a corresponding organization is created on the SonarCloud side.
SonarCloud will then let you choose which repositories to import from your platform-side organization (or personal account) to the SonarCloud-side organization.
Later, you can create additional SonarCloud organizations by clicking + > Create New Organization (under the plus sign in the top bar) and specifying an organization on the repository platform side to import.
Organizations cannot be re-bound
Once an organization is created on the SonarCloud side it is bound to its peer organization on the repository platform until one or the other is deleted. The SonarCloud organization cannot be re-bound to another organization.
If you are migrating projects to another organization (either on the same repository platform), you will need to create a new SonarCloud organization to bind to the new platform organization and re-import the projects you want to analyze.
Organization keys can be changed
Although an organization cannot be rebound, its key can be changed.
The organization key is used in CI-based analysis setups to link the analysis produced by the scanner in your local or cloud-based build environment with the correct organization in SonarCloud. It appears as the value of the
sonar.organization parameter in your analysis configuration.
The key is set when you import the organization into SonarCloud. At that point, you can choose your own key or accept the suggested key.
In some cases, you may later wish to change this key (for example, if a new naming convention is adopted at your company, or if you initially chose a bad key by accident).
To change the key, go to Your Organization > Administration > Organization settings > Edit organization key.
If you change the key of your organization you must also make the same change to the
sonar.organization setting of every project in the organization that is configured for CI-based analysis.
Deleting an organization
You can delete an organization under Administration > Organization settings > Delete Organization.
Payment and visibility
In SonarCloud, an organization can be on either a free plan or a paid plan. Free organizations allow the import of only public projects. Paid organizations allow the import of public and private projects.
Members can collaborate on the projects in the organizations to which they belong. Depending on their permissions within the organization, members can:
- Analyze projects.
- Manage project settings (permissions, visibility, etc.).
- Update issues.
- Manage quality gates and quality profiles.
- Administer the organization itself.
See Managing Members.
Organizations and IP filtering
SonarCloud is currently not compatible with the IP filtering feature offered by GitHub and other DevOps and CI providers. SonarCloud cannot guarantee the use of static IP addresses or when or how often the addresses used may change. We therefore strongly advise against configuring an allow list for the application that specifies the IP addresses at which the SonarCloud application runs. If you do, SonarCloud will not be able to communicate with GitHub which will negatively affect pull request decoration in SonarCloud and ultimately your quality gate result.
If you can't access SonarCloud on your network and your pipeline is hosted within an organization that is secured with a firewall or proxy server, you must add certain IP addresses and domain URLs to the allowlist. To update this, you need to add an outbound rule to your firewall.
Ensure the following domain URLs are allowed for SonarCloud: