Limited imports from GitLab

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube Server / Community Build, Scanner, Plugin, and any relevant extension)
• how is SonarQube deployed: zip, Docker, Helm
• what are you trying to achieve
• what have you tried so far to achieve this

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

sonarqube version 10.4.1
community edition
Zip deployment on rhel 9.4

Hello,

I installed a community edition of sonarqube for testing purposes. Community edition allows for one DevOps platform integration. I have successfully integrated a self-managed GitLab instance.

I have multiple users with multiple projects in GitLab. All personal access tokens and integrations work ok.

Problem:
It appears that every single user in SonarQube is restricted to importing a single Project from GitLab into Sonarqube.

Questions:

1. Is this a known limitation of the Sonarqube community edition? i.e. a sonarqube user can only ever import a single project from GitLab? Trying to import a new project doesn’t allow you to enter a new token for the corresponding token. After the project is completely removed with an admin account, only a single project can still be imported.

2. If this is not a known limitation, is there a feature or setting that needs to be activated in order to import multiple projects from the same DevOps platform integrated with SonarQube CE.

3. If the above is indeed a limitation of the community edition, will upgrading to the developer edition resolve this issue? I note that the developer edition also only allows integration with a single DevOps platform.

Many thanks,

Hello,

You are not limited to importing a single project.

image1254×950 47.8 KB

The Personal Access Token (PAT) you supply to SonarQube determines which repositories it can access—these are all the repositories that the PAT itself can access in GitLab.

For context, the token you enter when setting up a project (which must be revoked on the Gitlab-side before replacing it with a new one) is used to query GitLab’s API. For example, here’s the kind of request made:

curl --request GET "<GitLab_API_URL>/projects?archived=false&simple=true&membership=true&order_by=name&sort=asc&search=" \
     --header "PRIVATE-TOKEN: <INSERT_TOKEN_HERE>"

You can observe these API calls in the web.log, such as:

2025.07.01 22:22:39 DEBUG web[9f646329-2ffd-4227-955b-a9e993c64553][o.s.a.c.g.GitlabApplicationClient] get projects : [https://gitlab.com/api/v4/projects?archived=false&simple=true&membership=true&order_by=name&sort=asc&search=]

If you’re only seeing a single project, it’s likely due to the scope or permissions of the token. To troubleshoot, try making the curl request manually with the same token. If you still only get one project, you’ll need to review the token’s permissions in GitLab and adjust as needed.

Only the latest version of SonarQube Community Build is considered active, so you’ll need to upgrade.

Your upgrade path is:

10.4→ 24.12 → 25.6

You may find these resources helpful:

• Upgrade Guide
• Upgrade notes for 9.9 to 10.7 (when SonarQube Community Edition switched to SonarQube Community Bulid)
• SonarQube Community Build Upgrade Notes (all update notes since the switch