Setup Single Sign-On of SonarQube with Opstella

Prerequisites

To Setup Single Sign-On with Opstella, you need

• 📦Opstella Keycloak
  • Your dedicated Keycloak Realm. foobar-opstella ; Please change accordingly
• 🔑OpenID Connect Credentials: Client ID, Client Secret.
  • Gather Client ID, Client Secret - from Procuring Keycloak Credentials

SonarQube Single Sign-On Integration

SonarQube Single Sign-On integration works by using SonarQube plugin which we have done while See SonarQube Installation (Plugins Configurations in Helm Values)

You need to go to SonarQube instance that you have installed and configure within its settings menu.

1. Go to https://${SONARQUBE_DOMAIN} and Login with Initial Admin Account admin

   • You may see the warning about using plugins, click I understand the risk

   

2. Go to Administration tab > Configuration tab > Security Left side menu

   Any Configuration that requires you to enabled (True), you need to click the toggle switch and the switch is in colored (not greyed).

   

   While editing any of the value in the field, there should be a save button on each section. Be sure to put the value in and click Save

   

   Configure follow by the list:

   💡 Your dedicated Keycloak Realm. foobar-opstella ; Please change accordingly

   • Enabled: True
   • Issuer URL: https://${KEYCLOAK_DOMAIN}/realms/${KEYCLOAK_REALM}
   • Client ID: CHANGEME 🔑
   • Client secret: CHANGEME 🔑
   • Scopes: openid email profile
   • Synchronize groups: True
   • Groups claim name: groups
   • Icon path: /images/opstella-logo.svg
   • Background color: #5c23fc
   • Login button text Opstella

   You will be testing Single Sign-On Integration in End-to-End Testing/Single Sign-On for SonarQube