GitLab is a comprehensive DevSecOps platform that manages the entire software development lifecycle (SDLC). It provides Git repository management, continuous integration/continuous deployment (CI/CD), code review, issue tracking, within a single platform.
More information can be found Gitlab's Website.
Integration Method: API
Tables: Detection Finding (2004)
This integration supports the following events.
This integration supports the following versions.
Gitlab Version | 18.0 |
Note:
Gitlab’s Graphql is versionless. More information can be found here.
Prerequisites
The user should have access to GitLab with an account that has the Administrator privileges.
The user should have access to the DataBee console.
Configuration Overview
Generate an API token with the required scopes.
Add the Gitlab Compliance Center in the DataBee console with the below parameters.
DataBee Parameter
Gitlab Parameter
Token
Personal Access Token
Gitlab Compliance Center Configuration
Login to the Gitlab portal and on the left sidebar, select your avatar.
Select Edit Profile.
On the left sidebar, select Access tokens.
Under Personal access tokens, click on Add new token.
Enter a ‘Token name’, select the token ‘Expiration date’ and check the read_api scope.
Scroll down and click on Create personal access token.
Copy the token and save it somewhere safely.
Note:
After you leave the page, you no longer have access to the token.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the Gitlab Compliance Center and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
API Base URL: this is the base URL that DataBee will interact with.
Authorization Method: Bearer Token
Token: paste the Personal Access Token generated earlier in the GitLab console.
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
Ensure the token is pasted correctly. Since you cannot view the token after the 1st time, re-create the token, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed.
Ensure the Gitlab Compliance Center scopes/permissions are correct.