How to import GitLab permission ( between project and member ) to SonarQube

SonarQube Information :

• Server Installation: Docker image
• Server Version: Developer Edition, Version 9.7

GitLab Information：

• Server Installation: Docker image
• Server Version: Enterprise Edition, Version 15.7.5.

Question：
I know how to integrate GitLab with SonarQube

But there is a problem with the permission!!

If a GitLab user is not allowed to see the specific project ( and source code ) on GitLab
However, when an authorized GitLab user has analyzed this project on SonarQube.
Then the unauthorized GitLab user can see the source code from SonarQube!?

I know we can setup permission settings on SonarQube
But it is very inconvenient to maintain two personnel authority management ( GitLab and SonarQube )

Is there any way to dynamically import GitLab permission to SonarQube?

Hi,

Welcome to the community!

It sounds like you need to enable group synchronization so that your users are in the same groups in both places. Then you’ll need to (manually, I’m afraid) make sure the group permissions on projects are the same in both places.

Also, make sure you upgrade to SonarQube v9.9 LTS soon, not only to benefit from our Best LTS Ever™, but because soon we will systematically ask users to upgrade when they ask questions about earlier versions of SonarQube, which are now considered unsupported.

 
HTH,
Ann