.build(),
PropertyDefinition.builder(ALLOW_USERS_TO_SIGN_UP)
.name("Allow users to sign up")
- .description("Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate.")
+ .description("Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(PropertyType.BOOLEAN)
.build(),
PropertyDefinition.builder(ALLOW_USERS_TO_SIGN_UP)
.name("Allow users to sign up")
- .description("Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server.")
+ .description("Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate to the server.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(BOOLEAN)
.build(),
PropertyDefinition.builder(GITLAB_AUTH_ALLOW_USERS_TO_SIGNUP)
.name("Allow users to sign up")
- .description("Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server.")
+ .description("Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate to the server.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(BOOLEAN)
.deprecatedKey("sonar.auth.gitlab.sync_user_groups")
.name("Synchronize user groups")
.description("For each GitLab group they belong to, the user will be associated to a group with the same name (if it exists) in SonarQube." +
- " If enabled, the GitLab Oauth2 application will need to provide the api scope.")
+ " If enabled, the GitLab OAuth 2 application will need to provide the api scope.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(PropertyType.BOOLEAN)
.build(),
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_TOKEN)
.name("Provisioning token")
- .description("Token used for provisioning users. Both a group or a personal access token can be used as soon as it has visibility on desired groups.")
+ .description("Token used for user provisioning." +
+ " You can either use a group or a personal access token, as long as it has visibility on the groups that need to be imported.")
.category(CATEGORY)
.subCategory(SUBCATEGORY)
.type(PASSWORD)
.build(),
PropertyDefinition.builder(GITLAB_AUTH_PROVISIONING_GROUPS)
.name("Groups")
- .description("Only members of these groups (and sub-groups) will be provisioned. Please enter the group slug as it appears in GitLab URL, for instance `my-gitlab-group`.")
+ .description("Only members of these groups (and sub-groups) will be provisioned." +
+ " Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`.")
.multiValues(true)
.category(CATEGORY)
.subCategory(SUBCATEGORY)
export function deleteGitLabConfiguration(id: string): Promise<void> {
return axios.delete(`${GITLAB_CONFIGURATIONS}/${id}`);
}
+
+export function syncNowGitLabProvisioning(): Promise<void> {
+ return axios.post('/api/v2/dop-translation/gitlab-synchronization-runs');
+}
import {
useDeleteGitLabConfigurationMutation,
useGitLabConfigurationsQuery,
+ useSyncWithGitLabNow,
useUpdateGitLabConfigurationMutation,
} from '../../../../queries/identity-provider/gitlab';
import { AlmKeys } from '../../../../types/alm-settings';
const { data: list, isLoading: isLoadingList } = useGitLabConfigurationsQuery();
const configuration = list?.gitlabConfigurations[0];
+ const { canSyncNow, synchronizeNow } = useSyncWithGitLabNow();
+
const { mutate: updateConfig, isLoading: isUpdating } = useUpdateGitLabConfigurationMutation();
const { mutate: deleteConfig, isLoading: isDeleting } = useDeleteGitLabConfigurationMutation();
<FormattedMessage id="settings.authentication.gitlab.provisioning_at_login.description" />
</p>
<p className="spacer-bottom">
- <FormattedMessage
- id="settings.authentication.gitlab.description.doc"
- values={{
- documentation: (
- <DocLink
- to={`/instance-administration/authentication/${
- DOCUMENTATION_LINK_SUFFIXES[AlmKeys.GitLab]
- }/`}
- >
- {translate('documentation')}
- </DocLink>
- ),
- }}
- />
+ <DocLink
+ to={`/instance-administration/authentication/${
+ DOCUMENTATION_LINK_SUFFIXES[AlmKeys.GitLab]
+ }/#choosing-the-provisioning-method`}
+ >
+ {translate(
+ `settings.authentication.gitlab.description.${ProvisioningType.jit}.learn_more`,
+ )}
+ </DocLink>
</p>
{provisioningType === ProvisioningType.jit &&
allowUsersToSignUpDefinition !== undefined && (
)}
</p>
<p className="spacer-bottom">
- <FormattedMessage
- id="settings.authentication.gitlab.description.doc"
- values={{
- documentation: (
- <DocLink
- to={`/instance-administration/authentication/${
- DOCUMENTATION_LINK_SUFFIXES[AlmKeys.GitLab]
- }/`}
- >
- {translate('documentation')}
- </DocLink>
- ),
- }}
- />
+ <DocLink
+ to={`/instance-administration/authentication/${
+ DOCUMENTATION_LINK_SUFFIXES[AlmKeys.GitLab]
+ }/#choosing-the-provisioning-method`}
+ >
+ {translate(
+ `settings.authentication.gitlab.description.${ProvisioningType.auto}.learn_more`,
+ )}
+ </DocLink>
</p>
{configuration?.synchronizationType === ProvisioningType.auto && (
- <>
- <GitLabSynchronisationWarning />
- <hr className="spacer-top" />
- </>
+ <GitLabSynchronisationWarning />
)}
{provisioningType === ProvisioningType.auto && (
<>
+ <div className="sw-flex sw-flex-1 spacer-bottom">
+ <Button
+ className="spacer-top width-30"
+ onClick={synchronizeNow}
+ disabled={!canSyncNow}
+ >
+ {translate('settings.authentication.github.synchronize_now')}
+ </Button>
+ </div>
+ <hr />
<AuthenticationFormField
settingValue={provisioningToken}
key={tokenKey}
key: 'sonar.auth.bitbucket.allowUsersToSignUp',
name: 'Allow users to sign up',
description:
- "Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate.",
+ 'Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate.',
type: SettingType.BOOLEAN,
category: 'authentication',
subCategory: 'bitbucket',
key: 'sonar.auth.github.allowUsersToSignUp',
name: 'Allow users to sign up',
description:
- "Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server.",
+ 'Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate to the server.',
type: SettingType.BOOLEAN,
category: 'authentication',
subCategory: 'github',
key: 'sonar.auth.gitlab.allowUsersToSignUp',
name: 'Allow users to sign up',
description:
- "Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server.",
+ 'Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate to the server.',
type: SettingType.BOOLEAN,
category: 'authentication',
subCategory: 'gitlab',
key: 'provisioning.gitlab.token.secured',
name: 'Provisioning token',
description:
- 'Token used for provisioning users. Both a group or a personal access token can be used as soon as it has visibility on desired groups.',
+ 'Token used for user provisioning. You can either use a group or a personal access token, as long as it has visibility on the groups that need to be imported.',
type: SettingType.PASSWORD,
category: 'authentication',
subCategory: 'gitlab',
key: 'sonar.auth.gitlab.groupsSync',
name: 'Synchronize user groups',
description:
- 'For each GitLab group they belong to, the user will be associated to a group with the same name (if it exists) in SonarQube. If enabled, the GitLab Oauth2 application will need to provide the api scope.',
+ 'For each GitLab group they belong to, the user will be associated to a group with the same name (if it exists) in SonarQube. If enabled, the GitLab OAuth 2 application will need to provide the api scope.',
type: SettingType.BOOLEAN,
category: 'authentication',
subCategory: 'gitlab',
import { getNextPageParam, getPreviousPageParam } from '../helpers/react-query';
import { RestUserDetailed } from '../types/users';
-const STALE_TIME = 4 * 60 * 1000;
const DOMAIN = 'group-memberships';
const GROUP_SUB_DOMAIN = 'users-of-group';
return useQuery({
queryKey: [DOMAIN, GROUP_SUB_DOMAIN, 'count', groupId],
queryFn: () => getGroupMemberships({ groupId, pageSize: 0 }).then((r) => r.page.total),
- staleTime: STALE_TIME,
});
}
createGitLabConfiguration,
deleteGitLabConfiguration,
fetchGitLabConfigurations,
+ syncNowGitLabProvisioning,
updateGitLabConfiguration,
} from '../../api/gitlab-provisioning';
-import { AlmSyncStatus } from '../../types/provisioning';
+import { AlmSyncStatus, ProvisioningType } from '../../types/provisioning';
import { TaskStatuses, TaskTypes } from '../../types/tasks';
export function useGitLabConfigurationsQuery() {
},
);
}
+
+export function useSyncWithGitLabNow() {
+ const queryClient = useQueryClient();
+ const { data: syncStatus } = useGitLabSyncStatusQuery();
+ const { data: gitlabConfigurations } = useGitLabConfigurationsQuery();
+ const autoProvisioningEnabled = gitlabConfigurations?.gitlabConfigurations.some(
+ (configuration) =>
+ configuration.enabled && configuration.synchronizationType === ProvisioningType.auto,
+ );
+ const mutation = useMutation(syncNowGitLabProvisioning, {
+ onSuccess: () => {
+ queryClient.invalidateQueries(['identity_provider', 'gitlab_sync']);
+ },
+ });
+
+ return {
+ synchronizeNow: mutation.mutate,
+ canSyncNow: autoProvisioningEnabled && !syncStatus?.nextSync && !mutation.isLoading,
+ };
+}
return useQuery({
queryKey: ['user', login, 'groups', 'total'],
queryFn: () => getUserGroups({ login, ps: 1 }).then((r) => r.paging.total),
- staleTime: STALE_TIME,
});
}
settings.authentication.custom_message_information=You can define a custom log-in message to appear on the log-in page to help your users authenticate. The relevant settings are available under the {link} section.
settings.authentication.custom_message_information.link=General
settings.authentication.description=The following settings allow you to delegate authentication via SAML, or any of the following DevOps Platforms: GitHub, GitLab, and Bitbucket.
-settings.authentication.help=If you need help setting up authentication, read our dedicated {link}.
+settings.authentication.help=For details on how to set up authentication, check out the {link}.
settings.authentication.legacy_help.github=Compatibility with GitHub OAuth App is deprecated and will be removed in a future release. Please check out the {link} for information on how to update your configuration.
settings.authentication.help.link=documentation
settings.authentication.form.create=Create configuration
settings.authentication.gitlab.form.secret.name=Secret
settings.authentication.gitlab.form.secret.description=Secret provided by GitLab when registering the application.
settings.authentication.gitlab.form.synchronizeGroups.name=Synchronize user groups
-settings.authentication.gitlab.form.synchronizeGroups.description=For each GitLab group they belong to, the user will be associated to a group with the same name (if it exists) in SonarQube. If enabled, the GitLab Oauth2 application will need to provide the api scope.
+settings.authentication.gitlab.form.synchronizeGroups.description=For each GitLab group they belong to, the user will be associated to a group with the same name (if it exists) in SonarQube. If enabled, the GitLab OAuth 2 application will need to provide the api scope.
settings.authentication.gitlab.form.provisioningGroups.name=Groups
-settings.authentication.gitlab.form.provisioningGroups.description=Only members of these groups (and sub-groups) will be provisioned. Please enter the group slug as it appears in GitLab URL, for instance `my-gitlab-group`.
+settings.authentication.gitlab.form.provisioningGroups.description=Only members of these groups (and sub-groups) will be provisioned. Please enter the group slug as it appears in the GitLab URL, for instance `my-gitlab-group`.
settings.authentication.gitlab.form.allowUsersToSignUp.name=Allow users to sign up
-settings.authentication.gitlab.form.allowUsersToSignUp.description=Allow new users to authenticate. When set to 'false', only existing users will be able to authenticate to the server.
+settings.authentication.gitlab.form.allowUsersToSignUp.description=Allow new users to authenticate. When set to disabled, only existing users will be able to authenticate to the server.
settings.authentication.gitlab.form.provisioningToken.name=Provisioning token
-settings.authentication.gitlab.form.provisioningToken.description=Token used for provisioning users. Both a group or a personal access token can be used as soon as it has visibility on desired groups.
+settings.authentication.gitlab.form.provisioningToken.description=Token used for user provisioning. You can either use a group or a personal access token, as long as it has visibility on the groups that need to be imported.
settings.authentication.gitlab.provisioning_at_login=Just-in-Time user provisioning (default)
settings.authentication.gitlab.provisioning_at_login.description=Users are synchronized only when users log in to SonarQube.
-settings.authentication.gitlab.description.doc=For more details, see {documentation}.
+settings.authentication.gitlab.description.JIT.learn_more=Learn more about Just-in-Time provisioning with GitLab
+settings.authentication.gitlab.description.AUTO_PROVISIONING.learn_more=Learn more about automatic provisioning with GitLab
settings.authentication.gitlab.confirm.AUTO_PROVISIONING=Switch to automatic provisioning
settings.authentication.gitlab.confirm.JIT=Switch to Just-in-Time provisioning
settings.authentication.gitlab.confirm.AUTO_PROVISIONING.description=Once you transition to automatic provisioning users and groups on GitLab projects will be inherited from GitLab. You will no longer have the ability to edit them within SonarQube. Do you want to proceed with this change?
projects / sonarqube.git / commitdiff