Integrating GitLab with Sleuth is simple. If you're connecting to a personal GitLab repo, you just need your credentials. If you're part of an organization and aren't the owner, you will need permission to allow Sleuth to connect to the repo—after you connect you'll be able to select individual private or public repositories.
{% hint style="info" %}
Be sure your account has at least maintainer privileges. We query for min_access_level=40
{% endhint %}
{% embed url="https://www.youtube.com/embed/jV3RkebZJIA" %}
To set up the GitLab integration:
- Click Integrations in the left sidebar, then select Code in the dropdown at the top-right to filter the view.
- In the GitLab tile, click Enable.
- You must grant Sleuth access to your GitLab account. Don't worry, you'll select the GitLab repo to connect to your Sleuth project later.
- On successful integration, GitLab enabled will be displayed in the GitLab tile. You'll next configure the code deployment to connect your repo to a project.
If you using GitLab on-premise behind Cloudflare access or similar, Sleuth might need to include some HTTP headers in order to reach your instance. In order to set Sleuth to send any custom HTTP headers when making requests:
- In the GitLab dialog, click on the Advanced setting
- Enter comma separated list of custom headers you want Sleuth to include
GitLab can be configured in read-only mode, making use of a read-only token from GitLab. Several Sleuth features such as deployment locking and some Sleuth Action automations may be disabled, but if your security team requires integrations to be read-only, this may be necessary.
- In the GitLab dialog, click on Advanced settings and check Read-only checkbox.
- Continue to add a new code deployment as usual.
- Now, you'll need to manually configure the GitLab webhook so that Sleuth is notified about key events. Visit the code deployment page, click on the cog at the top right and select Get webhook instructions
\ - Copy the webhook URL, secret, and note the events for later
- Visit your GitLab repository settings and click on Webhooks
- Create a new webhook, using the URL and secret from the earlier dialog, and check the events that match with the requested list
- Save the new webhook and now Sleuth should receive the required GitLab events.
Steps 3 through 7 need to be done for each GitLab repository
You now need to add a code deployment for your GitLab repo to a Sleuth project. Once configured and you start registering deploys Sleuth will be tracking deploys for your code changes.To configure the GitLab integration:
- After step #4 above, you will be taken back to the GitLab integration tile. On the GitLab tile, click the Add code deployment dropdown.
- Select the Sleuth project you wish to add a chance source to from the dropdown list.
- Follow the instructions for setting up a new code deployment
- Click on Integrations in the left sidebar, then on Change Sources.
- In the GitLab integration card, click disable.
The GitLab integration is disconnected and no longer available to any projects within that organization.