Was this page helpful?
Organization and project binding
While there are situations when you might want to manually create organizations or projects, in most cases, you should follow the standard procedure and bind your organizations and projects in order to get all the benefits of SonarCloud. This section explains the binding concept and advantages, and how to change the binding of projects.
Introduction to the binding concept
In SonarCloud:
- A bound organization is a SonarCloud organization that is linked to its corresponding organization on the DevOps platform.
- A bound project is a SonarCloud project that is linked to its corresponding repository on the DevOps platform.
The organization and project binding occurs through the integration of SonarCloud with your DevOps platform (GitHub, Bitbucket Cloud, GitLab or Azure DevOps): the binding is automatically performed when you import a DevOps platform organization and its repositories into SonarCloud using the standard procedure described in Getting Started.
In SonarCloud UI, the corresponding DevOps platform icon is displayed beside the name of the organization or project on the respective overview page as illustrated below.
It is also possible to create organizations and projects on the SonarCloud side manually. Such organizations and projects are unbound: they are not bound with any peers on the DevOps platform. Manual organizations and manual projects are like empty containers identified solely by their keys, which you choose when you create them. They are only linked to your code by you explicitly setting the analysis parameters sonar.projectKey
and sonar.organization
to those keys in your CI-based analysis setup (Automatic analysis is not supported for manual projects).
Advantages of bound organizations
The advantages of bound SonarCloud organizations over unbound ones are:
- Bound organizations enable the easy selection and import of projects into SonarCloud (as mentioned above).
- Bound organizations support member synchronization (This feature is only supported with GitHub.).
- Importing a project via a bound organization is the only way to create a bound project, and bound projects have their own set of advantages (see below).
Advantages of bound projects
The advantages of bound SonarCloud projects over unbound ones are:
- Automatic analysis is only available for bound projects (This feature is only supported with GitHub.).
- The pull request decoration is automatically configured on bound projects if your CI tool is integrated with SonarCloud.
- Upon import, bound projects on the SonarCloud side automatically adopt the privacy setting of their DevOps platform peer. Projects that are private on the DevOps platform remain private on SonarCloud. With manually created projects, you must make sure to explicitly set the privacy status of your SonarCloud project. This opens up the possibility of inadvertently exposing the code of a private project to the public through SonarCloud.
Binding an unbound project to a repository
You can bind an unbound project to a repository provided you have Administer permission on that project and Create project permission. Note that a public project cannot be bound to a private repository.
In case you had manually linked your project to a repository, you should remove this manual setup.
To bind an unbound project to a repository:
- Go to Your Organization > Your Project > Administration > General Settings > Repository binding.
- In the list of repositories, select the repository and click Save.
You may want to enable the automatic analysis on your newly bound project. To do so, see Activating automatic analysis.
Binding a project to another repository
You can change the repository binding of a project provided you have Administer permission on that project and Create projects permission. The following limitations apply:
- The source and target repositories must be in the same organization.
- A public project cannot be bound to a private repository.
The repository change will not impact the automatic analysis activation status of your project except if the target repository is a monorepo and automatic analysis was enabled for your project. In that case, the automatic analysis will be disabled since it's not supported for monorepos and you will need to manually configure a CI-based analysis for your project.
Changing the binding of a project configured with a CI-based analysis may require that you change the CI/CD process configuration for this project.
To bind a project to another repository:
- Go to Your Organization > Your Project > Administration > General Settings > Repository binding.
- In the list of repositories, select the target repository and click Save.