I upgraded a Sonarqube instance to the last available release in Github repo (10.5.0.89998) and can’t log in with Gitlab OAuth any more
Here are informations about my setup :
SonarQube version 10.5.0.89998 (upgraded from 10.4.1.88267)
installed from zip file (Debian Bullseye, OpenJDK 17.0.10+7-Debian-1deb11u1)
When trying to login with the “Log in with GitLab” button, I get the following message : You're not authorized to access this page. Please contact the administrator. and this in the web.log file :
2024.04.15 09:45:57 WARN web[bc3bd178-06cb-417d-87c5-6250660c0ebf][o.s.s.a.AuthenticationError] Fail to callback authentication with 'gitlab'
java.lang.IllegalStateException: Fail to execute request 'https://GITLAB_URL/api/v4/groups?min_access_level=10&per_page=100'. HTTP code: 403, response: {"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token.","scope":"api read_api"}
I replaced my gitlab URL with GITLAB_URL, the URL is correct. The Sonarqube application in Gitlab configuration has scopes api and read_user and “trusted” and “confidential” checked. The setup worked well before upgrade. Any idea on how to fix that ? Thanks
Looks like we’ve got a bug (before the release has even been officially announced!): SONAR-22088
We’re currently evaluating our options, like a bugfix release. I don’t think there’s a workaround in the meantime (except downgrading), but I’ll let our team update you if that changes.
Do you have an ETA for a bugfix release? We’ve run into the same issue. (A “known issues” list in the upgrade notes would be appreciated in such a case!!)
!