- SonarQube 9.9 LTS
- Gitlab 15.11 (self-hosted)
- Installed with zip file
- Enable Gitlab auth or, failing that, SAML auth
I have everything working EXCEPT that in order to successfully log in to SonarQube with Gitlab, I must first delete the local user account within SonarQube.
I’ve found other posts on this topic, but the suggested API commands in those threads do not work, possibly due to version differences.
Here’s where I’m at right now:
If I attempt to log in as an existing user, I get the error:
You’re not authorized to access this page. Please contact the administrator.
Reason: Failed to authenticate with login ‘username’
‘username’ in this case is a placeholder for the real user name. However, if I delete that user from SonarQube, I’m able to log in normally with no issues. Obviously I’d rather not delete all existing users and groups.
I’ve tried running
curl -X POST -u $TOKEN: 'https://sonarqube.test.com/api/users/update_identity_provider?login=USERNAME&newExternalProvider=gitlab&newExternalIdentity=USERNAME@DOMAIN>COM
as recommended elsewhere but this does not change the behavior. Additionally, both SQ and Gitlab currently integrate with the same internal LDAP server so I wouldn’t expect a field mismatch that the above command is presumably intended to resolve.
It seems like I’m very close to getting this working, but I don’t know how to inspect what information Gitlab is sending or how to tell how that information differs from what SonarQube expects.
Any assistance would be appreciated, I’m not exactly an expert with SonarQube itself or with this sort of authentication setup.