Introduction

With this integration, you’ll be able to:

• Authenticate with GitLab: Sign in to SonarQube Server with your GitLab credentials.

• Import your GitLab repositories: Import your GitLab Projects into SonarQube Server to easily set up SonarQube Server projects.

• Analyze projects with GitLab CI/CD: Integrate analysis into your build pipeline. Starting in Developer Edition, SonarScanners running in GitLab CI/CD jobs can automatically detect branches or merge requests being built so you don’t need to specifically pass them as parameters to the scanner.

• Report your quality gate status to your merge requests: Starting in Developer Edition, see your quality gate and code metric results right in GitLab so you know if it’s safe to merge your changes.

• Report security vulnerabilities in GitLab: Display security issues found by SonarQube Server as vulnerabilities in the GitLab interface.

• Manage your monorepos: Import your monorepo into SonarQube Server to easily manage the related projects.

Related pages

• Setting up integration at global level This section explains how to set up the integration of SonarQube Server with GitLab. You need the global Administer System permission in SonarQube to perform this setup.

• Importing your GitLab repositories Once the integration of SonarQube Server with GitLab has been properly set up, you can import a GitLab repository or monorepo to create the corresponding projects in SonarQube Server.

• Setting up GitLab integration at project level This page explains how to set up merge request decoration and the blocking of merge requests in case of quality gate failure. You need the Administer permission on the project to perform this setup.

• Adding analysis to GitLab CI/CD pipeline Once you have created your project(s) in SonarQube Server, you can add the SonarQube Server analysis to your GitLab CI/CD pipeline, in a standard case and in the case of a monorepo. Note that the report of security vulnerabilities in GitLab is set up through the pipeline.