GitLab

Visualize GitLab users, groups, code repositories, and merge requests, map GitLab users to employees and development/security trainings, and monitor changes through queries and alerts.

Installation guide
GitLab data model
GitLab types

Installation

info

To use this integration, JupiterOne requires a GitLab personal access token configured with read access (read_api scope) and the API base URL, such as https://gitlab.com).

Configuration in JupiterOne

To install the GitLab integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select GitLab. Click New Instance to begin configuring your integration.

Creating a configuration requires the following:

Account Name by which you'd like to identify this GitLab account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when Tag with Account Name is selected.
Description that will further assist your team when identifying the integration instance.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.
Personal Access Token configured for read access in GitLab.
note
Once your token has expired, the integration will no longer run successfully, and the token will be revoked from your GitLab account. You will need to create another token to replace the expired one.
Your GitLab API Base URL (e.g., https://gitlab.com, or your self-managed instance URL).

Click Create after all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.

Data Model

Entities

The following entities are created:

Resources	Entity `_type`	Entity `_class`
Account	`gitlab_account`	Account
Branch Rule	`gitlab_branch_rule`	Rule
Commit	`gitlab_commit`	CodeCommit
Finding	`gitlab_finding`	Finding
Group	`gitlab_group`	Group
Label	`gitlab_label`	Record
Merge Request	`gitlab_merge_request`	CodeReview, PR
Project	`gitlab_project`	CodeRepo, Project
User	`gitlab_user`	User

Relationships

The following relationships are created:

Source Entity `_type`	Relationship `_class`	Target Entity `_type`
`gitlab_account`	HAS	`gitlab_group`
`gitlab_account`	HAS	`gitlab_project`
`gitlab_group`	HAS	`gitlab_group`
`gitlab_group`	HAS	`gitlab_project`
`gitlab_group`	HAS	`gitlab_user`
`gitlab_merge_request`	HAS	`gitlab_commit`
`gitlab_project`	HAS	`gitlab_branch_rule`
`gitlab_project`	HAS	`gitlab_finding`
`gitlab_project`	HAS	`gitlab_label`
`gitlab_project`	HAS	`gitlab_merge_request`
`gitlab_project`	HAS	`gitlab_user`
`gitlab_user`	APPROVED	`gitlab_merge_request`
`gitlab_user`	OPENED	`gitlab_merge_request`

Gitlab Account

gitlab_account inherits from Account

Property	Type	Description	Specifications
`id` *	`string`
`name` *	`string`
`version` *	`string`
`revision` *	`string`
`enterprise` *	`boolean`
`vendor` *	`string`

Gitlab Group

gitlab_group inherits from Group

Property	Type	Description	Specifications
`id` *	`string`
`parentGroupId`	`string`
`name` *	`string`
`createdOn`	`number`
`path` *	`string`
`description`	`string`
`visibility`	`string`
`shareWithGroupLock`	`boolean`
`requireTwoFactorAuthentication`	`boolean`
`twoFactorGracePeriod`	`number`
`projectCreationLevel`	`string`
`autoDevopsEnabled`	`boolean`
`subgroupCreationLevel`	`string`
`emailsDisabled`	`boolean`
`mentionsDisabled`	`boolean`
`lfsEnabled`	`boolean`
`webUrl` *	`string`
`requestAccessEnabled`	`boolean`
`fullName` *	`string`
`fullPath` *	`string`

Gitlab Project

gitlab_project inherits from CodeRepo, Project

Property	Type	Description	Specifications
`id` *	`string`
`name` *	`string`
`createdOn`	`number`
`description`	`string`
`webLink`	`string`
`visibility`	`string`
`public` *	`boolean`
`issuesEnabled`	`boolean`
`mergeRequestsEnabled`	`boolean`
`jobsEnabled`	`boolean`
`wikiEnabled`	`boolean`
`snippetsEnabled`	`boolean`
`containerRegistryEnabled`	`boolean`
`archived`	`boolean`
`sharedRunnersEnabled`	`boolean`
`publicJobs`	`boolean`
`allowMergeOnSkippedPipeline` *	`boolean`
`onlyAllowMergeIfPipelineSucceeds`	`boolean`
`onlyAllowMergeIfAllDiscussionsAreResolved`	`boolean`
`removeSourceBranchAfterMerge`	`boolean`
`requestAccessEnabled`	`boolean`
`autocloseReferencedIssues`	`boolean`
`topics` *	`array` of `string`s
`fullName` *	`string`

Gitlab User

gitlab_user inherits from User

Property	Type	Description	Specifications
`id` *	`string`
`name` *	`string`
`createdOn`	`number`
`webLink` *	`string`
`username` *	`string`
`state` *	`string`
`email`	`string`
`publicEmail`	`string`
`active` *	`boolean`
`isAdmin`	`boolean`
`canCreateGroup`	`boolean`
`canCreateProject`	`boolean`
`twoFactorEnabled`	`boolean`
`external`	`boolean`
`privateProfile`	`boolean`
`trial`	`boolean`

Gitlab Finding

gitlab_finding inherits from Finding

Property	Type	Specifications
`uuid`	`string`
`reportType`	`string`
`scanner.externalId`	`string`
`scanner.name`	`string`
`scanner.vendor`	`string`
`identifiers`	`array` of `string`s
`falsePositive`	`boolean`
`dismissalReason`	`string`
`description`	`string`
`links`	`array` of `string`s
`solution`	`string`
`state`	`string`
`vulnerabilityPath`	`string`
`projectFingerprint`	`string`	deprecated: true
`dismissalFeedback`	`string`	deprecated: true
`createVulnerabilityFeedbackIssuePath` *	`string`	deprecated: true
`createVulnerabilityFeedbackMergeRequestPath` *	`string`	deprecated: true
`createVulnerabilityFeedbackDismissalPath` *	`string`	deprecated: true

Gitlab Merge Request

gitlab_merge_request inherits from CodeReview, PR

Property	Type	Description	Specifications
`id` *	`string`
`iid` *	`string`
`projectId` *	`number`
`name` *	`string`
`title` *	`string`
`state` *	`string`
`source` *	`string`
`target` *	`string`
`repository` *	`string`
`createdOn`	`number`
`updatedOn`	`number`
`authorId`	`string`
`authorName`	`string`
`authorLogin`	`string`
`webLink`	`string`
`mergeWhenPipelineSucceeds`	`boolean`
`shouldRemoveSourceBranch`	`boolean`
`forceRemoveSourceBranch`	`boolean`
`allowCollaboration`	`boolean`
`squash` *	`boolean`
`approved` *	`boolean`
`approvers` *	`array` of `string`s
`approverIds` *	`array` of `string`s
`approverLogins` *	`array` of `string`s
`mergedOn`	`number`
`sha`	`string`
`mergeCommitSha`	`string`
`commitWebLink`	`string`
`closedOn`	`number`

Gitlab Commit

gitlab_commit inherits from CodeCommit

Property	Type	Specifications
`id` *	`string`
`shortId` *	`string`
`title`	`string`
`name` *	`string`
`merge` *	`boolean`
`versionBump` *	`boolean`
`webLink` *	`string`
`message` *	`string`
`authoredOn`	`number`
`committedOn`	`number`
`commitWebLink` *	`string`
`committerName`	`string`
`committerEmail`	`string`
`authorName`	`string`
`authorEmail`	`string`
`branch` *	`string`
`createdOn`	`number`	deprecated: true

Gitlab Label

gitlab_label inherits from Record

Property	Type	Description	Specifications
`id` *	`string`
`name` *	`string`
`description`	`string`
`color` *	`string`
`textColor` *	`string`
`lockOnMerge` *	`boolean`

Gitlab Branch Rule

gitlab_branch_rule inherits from Rule

Property	Type	Description	Specifications
`id` *	`string`
`name` *	`string`
`isDefault` *	`boolean`
`isProtected` *	`boolean`
`createdOn`	`number`
`updatedOn`	`number`
`matchingBranchesCount` *	`number`
`allowForcePush`	`boolean`
`codeOwnerApprovalRequired`	`boolean`

GitLab

Installation​

Configuration in JupiterOne​

Next steps​

Data Model​

Entities​

Relationships​

Gitlab Account​

Gitlab Group​

Gitlab Project​

Gitlab User​

Gitlab Finding​

Gitlab Merge Request​

Gitlab Commit​

Gitlab Label​

Gitlab Branch Rule​