Can't add gitlab groups to SonarQube on prem

Must-share information (formatted with Markdown):

We are evaluating the trial dev edition of SQ. We have our instance spun up in AWS on a machine accessible only on our domain. We also have gitlab on prem.

I am following the directions https://docs.sonarqube.org/latest/instance-administration/delegated-auth/ to get Group Sync working. I have added SQ to gitlab as a user app already.

I have added a group to sonarqube with the name of our dev group (core-dev). When I view that group in the sonarqube UI, though, it shows 0 members.

The problem is that when anyone in the core-dev groups tries to log into our sonarqube server and clicks the “Login with Gitlab” button, he/she gets redirected to the same login page.

I feel like I am missing the goo that actually has sonarqube pull the group members from gitlab.

I’m obviously missing some basic step here - any ideas?
Thanks.

Welcome to the community. GitLab group synchronization is happening at user login. So you have to find out first why the login is not working.

Could you give us more detail about what happen when a core-dev user try to login? And a last question: are you using gitlab.com, or an on-prem install?

Thanks for the help!

An on prem install of gitlab.

We use SSO (Okta) login with gitlab and google is the auth provider. When logging in, users select the SSO login and get directed to https://git.lab.mycompany.com/users/auth/saml

They provide name and password and then get logged in.

Is that enough detail?

Hi, if you try to use GitLab as an identity provider using saml, you can’t have group synchronization at the same time.

Group synchronization is only available if you use the OAuth2 protocol with GitLab as a provider, as described here