SonarQube Community Build | DevOps platform integration | GitLab integration | Introduction
GitLab integration
On this page
SonarQube Community Build's integration with GitLab self-managed and GitLab SaaS subscriptions allows you to maintain code quality and security in your GitLab projects.
With this integration, you'll be able to:
- Authenticate with GitLab: Sign in to SonarQube Community Build with your GitLab credentials.
- Import your GitLab repositories: Import your GitLab Projects into SonarQube Community Build to easily set up SonarQube Community Build projects.
- Analyze projects with GitLab CI/CD: Integrate analysis into your build pipeline. Starting in Developer Edition, SonarScanners running in GitLab CI/CD jobs can automatically detect branches or merge requests being built so you don't need to specifically pass them as parameters to the scanner.
- Report your quality gate status to your merge requests: Starting in Developer Edition, see your quality gate and code metric results right in GitLab so you know if it's safe to merge your changes.
- Report security vulnerabilities in GitLab: Display security issues found by SonarQube Community Build as vulnerabilities in the GitLab interface.
- Manage your monorepos: Import your monorepo into SonarQube Community Build to easily manage the related projects.
To integrate SonarQube Community Build with GitLab self-managed subscriptions, we recommend using GitLab version 15.6+.
You can also check out this video on GitLab integration.
Related pages
- Setting up the GitLab integration at the global level
This section explains how to set up the integration of SonarQube Community Build with GitLab. You need the global Administer System permission in SonarQube to perform this setup. - Importing your GitLab repositories into SonarQube Community Build
Once the integration of SonarQube Community Build with GitLab has been properly set up, you can import a GitLab repository or monorepo to create the corresponding projects in SonarQube Community Build. - Setting up GitLab integration features at the project level
This page explains how to set up merge request decoration and the blocking of merge requests in case of quality gate failure. You need the Administer permission on the project to perform this setup. - Adding the SonarQube Community Build analysis to your GitLab CI/CD pipeline
Once you have created your project(s) in SonarQube Community Build, you can add the SonarQube Community Build analysis to your GitLab CI/CD pipeline, in a standard case and in the case of a monorepo. Note that the report of security vulnerabilities in GitLab is set up through the pipeline.
Was this page helpful?
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
