Setting up the GitLab integration at the global level
This section explains how to set up GitLab and SonarQube for global integration. To perform this setup, you need the global Administer System permission in SonarQube.
Verifying the server base URL
For the GitLab integration to work:
- The SonarQube server base URL must be a public URL.
- If you want to delegate the SonarQube user authentication to GitLab: you must use HTTPS. This means that the SonarQube server must be secured behind a proxy.
You must configure your SonarQube server base URL in SonarQube, otherwise, integration features will not work correctly.
To verify the server base URL configuration in SonarQube:
- Go to Administration > Configuration > General Settings > General > General and check the instance's Server base URL.
Setting up the import of GitLab repositories
With this setup, users will be able to import GitLab repositories into SonarQube.
This integration is performed through a “GitLab Configuration” record, which is used in SonarQube to access the GitLab instance. You need the Administration System permission to set up a GitLab Configuration.
Starting in Enterprise Edition, you can integrate SonarQube with multiple GitLab instances, each instance being accessed with a different GitLab Configuration.
To set up a GitLab Configuration in SonarQube:
- In the SonarQube UI, go to Administration > Configuration > General Settings > DevOps Platform Integrations.
- Select the GitLab tab and click Create configuration. The Create a configuration dialog opens.
- Specify the following settings:
- Configuration Name (Enterprise and Data Center Edition only): The name used to identify your GitLab configuration at the project level. Use something succinct and easily recognizable.
- GitLab URL: The GitLab API URL. We recommend using https://gitlab.com. You can also use your own GitLab server URL.
- Personal Access Token: GitLab token used to connect to the GitLab user account used to report the quality gate status to pull requests. See below.
- Select Save configuration.
Providing a GitLab access token
To report the quality gate to the merge requests, you must provide a GitLab token. This token will be stored in SonarQube and can be revoked at any time in GitLab.
You can either provide:
- A personal access token.
We recommend using a dedicated GitLab account with at least Reporter permissions (the account needs permission to leave comments). Use a personal access token from this account with theapi
scope authorized for the repositories you're analyzing. - Or a Group Access Token with at least the Reporter role and with the
api
scope.
If you want to enter the token in SonarQube in encrypted format, you can encrypt this token at Administration > Configuration > Encryption. See the Settings Encryption section of the Security page for more information.
Setting up user provisioning and authentication
Was this page helpful?