Manage Project Visibility
This manual offers detailed guidance on configuring permissions for SonarQube projects, ensuring that only authorized personnel can access and interact with the data on the SonarQube platform. It caters to both new and existing SonarQube projects, providing a clear pathway to refine visibility settings for enhanced security.
By leveraging the OpenID Connect mechanism for login, users are automatically assigned to the sonar-users
group, granting them access to all projects by default. This document outlines methods to alter these default permissions, enhancing the platform's security and data confidentiality. It is structured into two main sections: one focusing on restricting access to new projects, and the other on reconfiguring access settings for existing projects.
Restrict Access for New Projects​
In its default configuration, SonarQube does not restrict access to newly created projects, making them accessible to all instance users. To modify this behavior and set new projects to private by default, follow these instructions:
-
Open the SonarQube UI in the browser.
-
Navigate to the
Administration
tab:noteEnsure you have admin rights to see the
Administration
section. -
Click the
Projects
button and selectManagement
: -
On the project management page, click pencil icon at the top-right corner::
-
Select Private and click Change Default Visibility:
Configure Access for Existing Projects​
To make all the current projects private, follow the steps below:
-
In the Projects tab, enter the project you want to make private.
-
In the project page, click the Project Settings button and select Permissions:
-
In the project permissions page, select Private:
-
Repeat the procedure for all of the projects you want to make private.