Latest | DevOps platform integration | GitLab integration | Introduction
GitLab integration
On this page
SonarQube's integration with GitLab self-managed and GitLab SaaS subscriptions allows you to maintain code quality and security in your GitLab projects.
With this integration, you'll be able to:
- Authenticate with GitLab: Sign in to SonarQube with your GitLab credentials.
- Import your GitLab repositories: Import your GitLab Projects into SonarQube to easily set up SonarQube projects.
- Analyze projects with GitLab CI/CD: Integrate analysis into your build pipeline. Starting in Developer Edition, SonarScanners running in GitLab CI/CD jobs can automatically detect branches or merge requests being built so you don't need to specifically pass them as parameters to the scanner.
- Report your quality gate status to your merge requests: Starting in Developer Edition, see your quality gate and code metric results right in GitLab so you know if it's safe to merge your changes.
- Report security vulnerabilities in GitLab: Display security issues found by SonarQube as vulnerabilities in the GitLab interface.
- Manage your monorepos: Import your monorepo into SonarQube to easily manage the related projects.
To integrate SonarQube with GitLab self-managed subscriptions, we recommend using GitLab version 15.6+.
You can also check out this video on GitLab integration.
Related pages
- Setting up the GitLab integration at the global level
This section explains how to set up the integration of SonarQube with GitLab. You need the global Administer System permission in SonarQube to perform this setup. - Importing your GitLab repositories into SonarQube
Once the integration of SonarQube with GitLab has been properly set up, you can import a GitLab repository or monorepo to create the corresponding project(s) in SonarQube. - Setting up GitLab integration features at the project level
This page explains how to set up merge request decoration and the blocking of merge requests in case of quality gate failure. You need the Administer permission on the project to perform this setup. - Adding the SonarQube analysis to your GitLab CI/CD pipeline
Once you have created your project(s) in SonarQube, you can add the SonarQube analysis to your GitLab CI/CD pipeline, in a standard case and in the case of a monorepo. Note that the report of security vulnerabilities in GitLab is set up through the pipeline.
Was this page helpful?
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
