GitLab is a web based Git repository manager. This guide walks you through the steps to gather the necessary information and configure your GitLab instance or group for the purpose of creating an integration with Synqly's Application Security connector.
Before you begin, ensure that you have:
- Access to the web interface of a GitLab instance
- Access to either a GitLab instance administrator or an account with the Owner role (Recommended)
| Operation | GitLab Token Scopes |
|---|---|
| Query Applications | read_api |
| Query Application Findings | read_api |
| Query findings across all applications | read_api |
| Get Application Finding Details | read_api |
GitLab currently supports three methods of creating a new API access token. The recommended method is by using a service account but service accounts are not available to users of a GitLab Free instance. If you are using a GitLab Free instance, it is recommended to use a group access token instead.
To begin generating a new GitLab API access token, log into your GitLab instance's web interface and take note of the url. Next select a method of creating a new API access token below and follow the steps to reach the new API access token creation screen. Once there, proceed to the next step titled 2. Creating The Access Token.
Creating a new instance wide service account
- Select Admin from the sidebar on the left
- Select Settings > Service accounts
- Select Add service account and fill out the fields to create a new instance wide service account
- Select Manage access tokens from the vertical ellipsis to the right of the new service account. You are now on the new API access token creation screen, proceed to the next step titled 2. Creating The Access Token
Creating a new group service account
- Navigate to the group in which you would like to create the service account
- Select Settings > Service accounts
- Select Add service account and fill out the fields to create a new group service account
- Select Manage access tokens from the vertical ellipsis to the right of the new service account. You are now on the new API access token creation screen, proceed to the next step titled 2. Creating The Access Token
For more information on service accounts see the GitLab service accounts docs page
Once on the new API access token creation screen, fill out the token name field, optional description field, and expiration date field. Under the Select scopes header, check the box next to each of the required scopes. The required scopes can be found above under the section titled Required Token Scopes. Next select Create token. Finally, take note of the newly generated API access token. The URL and API access token will each be used when creating a new Synqly GitLab integration.
To configure a new GitLab integration in the Synqly system, provide each of the values as defined below:
| Integration Parameter | Description |
|---|---|
| Secret | This is the API access token generated from executing the steps above |
| Base URL | The URL used to access the GitLab instance's web interface |