For the teams who use GitLab as their main ALM, users should be able to authenticate in SonarQube with their GitLab account.
As a SQ admin, I want to be able to activate authentication on SQ through GitLab authentication. I expect to:
- set all the required parameters on the global administration page to activate the feature
- once SQ is restarted, I expect to see a "Log in with GitLab" button
As a SQ user, I then expect to:
- be able to connect to SonarQube with my GitLab credentials
- belong to the relevant SonarQube groups (if the SQ admin activated the group synchronization)
Details to be specified further:
- Where will be the GitLab Auth settings be placed in the General Settings UI?
- Since it's no more a plugin, we're free to place them where we feel it's the best location
- What happens when a user with the existing plugin upgrades to 8.0+?
- We can probably reuse and/or relocate the properties of the plugin to have a smooth upgrade experience
- If the community plugin is copied in the new installation folder, we should either ignore it or fail the startup to ask for cleanup
- The Update Center must be updated to stop the compatibility of the existing plugin to the latest LTS
- And the plugin author should be contact to warmly thank him for the effort and let him know what is happening
GitLab can acts as OAuth2 service provider. To allow GitLab users to sign up in SQ, SQ will implement OAuth2 authentication for GitLab. More at https://docs.gitlab.com/12.1/ee/topics/authentication/index.html