Gitlab

PreviousGithub App Permissions NextChatOps

Last updated 2 months ago

Was this helpful?

Gitlab

Overview

Arnica’s Gitlab integration accesses selected environments to extract the and take remediation actions.

Ensure service account continuity

Create a dedicated application user

Arnica's Gitlab integration leverages a Gitlab generated app password tied to a specified user. To avoid the revocation of this token upon the impersonated user's departure, it is highly recommended to create and integrate using a standard application user.

The created user will be visible to all developers as part of Arnica's interactions, such as comments on merge requests. Hence, it is recommended to name the service account properly, such as arnica-service-account

Prerequisites

Grant permissions to application user

Login to Gitlab, and click on the required Gitlab group
Click on "Manage" -> "Groups"
-Or Navigate to https://gitlab.com/groups/[YOUR_GROUP]/-/group_members
Click on Invite Members , type the username or email of the dedicated service account, select an Owner role, and click on Invite

Accept the invite by the dedicated service account.

If your environment is comprised of multiple groups, repeat the steps above for each group with the same user.

For on-prem GitLab deployments, you must expose the GitLab server over a reachable URL so Arnica can connect and interact with it.

Installation process

Generate a Personal Access Token

Click on Create App Password and assign the following settings to the token:

Remove token expiration by clicking on the "X" next to the Expiration Date.
Click on Create personal access token.
Copy the credentials into a temporary place to use them later in the integration process below.

Integrate

Click on the Access Token tab.
Fill in the token from the step above.
Click on Validate to ensure that the token works properly and then click on OK.

Arnica will integrate with all groups associated with this user. Arnica's default policies include scan-only functionality. While scanning will begin immediately, developers will not see any impact until Arnica's polices are updated to take actions.

PreviousGithub App Permissions NextChatOps

Last updated 2 months ago

Was this helpful?

Overview

Arnica’s Gitlab integration accesses selected environments to extract the and take remediation actions.

Ensure service account continuity

Create a dedicated application user

Prerequisites

Grant permissions to application user

Login to Gitlab, and click on the required Gitlab group
Click on "Manage" -> "Groups"
-Or Navigate to https://gitlab.com/groups/[YOUR_GROUP]/-/group_members
Click on Invite Members , type the username or email of the dedicated service account, select an Owner role, and click on Invite

Accept the invite by the dedicated service account.

If your environment is comprised of multiple groups, repeat the steps above for each group with the same user.

For on-prem GitLab deployments, you must expose the GitLab server over a reachable URL so Arnica can connect and interact with it.

Installation process

Generate a Personal Access Token

Login with the application user and navigate to the .
Click on Create App Password and assign the following settings to the token:

Remove token expiration by clicking on the "X" next to the Expiration Date.
Click on Create personal access token.
Copy the credentials into a temporary place to use them later in the integration process below.

Integrate

Navigate to the in Arnica and click on GitLab.
Click on the Access Token tab.
Fill in the token from the step above.
Click on Validate to ensure that the token works properly and then click on OK.