GitLab

  • 1 minute(s) read
Prev Next

About this document

This document provides the step-by-step procedure for configuring GitLab in SAFE.

Introduction

SAFE integrates with GitLab and fetches the security misconfiguration of the GitLab account in SAFE.

Prerequisites

  • GitLab Admin Access

  • Required User Inputs:

    • API URL

    • Access Token

    • Asset Name in SAFE (optional)

  • Required Scope:

    • read_api

Generate Connection Details

Generate Access Token

  1. Log in to your GitLab account as Admin

  2. From the left sidebar, click on your Avatar

  3. Click on the Edit profile option.

  4. Click on Access Tokens from the left navigation.

  5. Click on the Add new token button.

  6. Enter a Token name.

  7. Select the read_api permissions from the Select Scopes section. 

  8. Click on the Create personal access token button.

  9. Select the expiry date for the token. It's important to regularly update the API Token in SAFE according to its expiration date.

  10. The system displays the access token. Copy and save the token to use while configuring GitLab in SAFE.
    Git Lab Final Permissions 34.png

Get the API URL

  1. Access the GitLab API documentation by clicking on the provided link.

  2. Upon reaching the GitLab API documentation page, locate the section titled as "How to use the API".

  3. In the exhibit provided, find the base URL highlighted as 3. Copy and save the value and add “https://” to form the API Base URL. Use it while configuring GitLab in SAFE.

Configure GitLab in SAFE

  1. Log in to your SAFE account as Admin.

  2. Click on the Integrations option from the left navigation.

  3. Scroll to find the GitLab integration card or search for GitLab in the search bar.

  4. Hover over the GitLab integration card and click on the Configure button.

  5. Enter the following:

    1. API URL

    2. Access Token

    3. Asset Name in SAFE (optional) - Provide a unique identifier that can uniquely identify the asset

  6. Enter the Auto Sync Frequency.

  7. Click on the Test Connection button.

  8. Once the connection is successful, click on the Save button.

  9. Once the configuration is saved successfully, click on the Sync Now button to trigger an on-demand sync.

  10. Upon a successful sync, the system pulls the GitLab assets and their findings in SAFE. You can track the status of the sync in the History table.

View Results

  1. Go to the integration homepage.

  2. Scroll to find the GitLab integration card or search for GitLab in the search bar.

  3. Click on the GitLab integration card for Finding View and Asset View.

    • Finding View: This tab displays all the findings details fetched from GitLab.

    • Asset View: This tab displays all the assets pulled from GitLab.

History

Learn More about Integration History here.

SAFE's Outgoing IP Addresses

Click here to find the outgoing IP addresses of SAFE. All traffic to any integrations in SAFE will see one IP address as the source IP of the incoming connection.