1

I have a personal SonarQube (Latest LTS) and Gitlab (14.5.1) installation. I've set-up everything and login with Gitlab through the web interface is working. However, I'm looking for a way to login with gitlab credentials throught the SonarQube API. If I add this to my gitlab-ci.yml file: https://sonarqube.example.com/api/projects/create?name=testProject I get a 401 (which is expected since I haven't added an API key and such).

My question is: Is it possible to automatically create an API key, use it in the gitlab-ci.yml and authenticate with it? If there's no way of doing this, is there an possibility to generate a group API key so that users in a certain group have access to the API, both on SonarQube and Gitlab?

Have been stuck on this for a while now, thanks in advance.

jojomanoke
  • 13
  • 3

1 Answers1

0

On the official documentation there are a set of steps for Auth for GitLab

Authenticating with GitLab

You can delegate authentication to GitLab using a dedicated GitLab OAuth application.

Creating a GitLab OAuth app You can find general instructions for creating a GitLab OAuth app here.

Specify the following settings in your OAuth app:

  • Name – your app's name, such as SonarQube.

  • Redirect URI – enter your SonarQube URL with the path /oauth2/callback/gitlab. For example, https://sonarqube.mycompany.com/oauth2/callback/gitlab.

  • Scopes – select api if you plan to enable group synchronization. Select read_user if you only plan to delegate authentication.

Djordje Nedovic
  • 559
  • 8
  • 20
  • Thanks for the information. I have done so already and I can login with gitlab oath but the problem isn't the web login, it's the API keys. I'd like to automatically give the logged in users in SonarQube the ability to use the API without the need of an API key. E.g. login with gitlab oath from the CLI in a project and then create (or pull) the sonarqube project. – jojomanoke Dec 12 '21 at 18:21