Git integration for self-managed GitLab (Beta)

Overview

SnapLogic supports integration with a self-managed GitLab installation deployed on-premises or in the cloud. We provide an app gateway, a secure transparent proxy, to route Git requests through your Groundplex to the GitLab server, providing an additional layer of security. This support in the SnapLogic data plane helps your organization mitigate security risks and protect sensitive information.

To enable use of GitLab for tracking SnapLogic assets, you need the following:

  • A subscription for the SnapLogic Git integration
  • Administrative permission for the GitLab group
  • SnapLogic Org admin permission
Note: Ensure that the network idle timeout on GitLab service is more than 20 seconds. If the timeout is set lesser than this threshold, it may lead to connection errors when making API calls.

Use the following workflow to integrate GitLab with your SnapLogic Org:


1: Create GitLab app. 2: Configure your Org for Git. 3: Create the app gateway Git URL. 4: Connect the Groundplex to the app gateway.

App gateway overview

The app gateway establishes secure WebSocket connections between your Groundplex and the SnapLogic Control Plane. The following shows the OAuth2 flow when using GitLab:


Oauth2 flow when using GitLab

App gateway URL

The app gateway URL references your Org, the app name for your GitLab installation, and the app gateway domain. You need this URL to configure the GitLab application and your SnapLogic Org. The URL has the following format:

org-location-environment-appname.controlplanename:port

Substitute the appropriate values to build in the URL:

  • org: Org name
  • location: Location of your groundplex. Always sidekick.
  • environment: The value in the Environment field in the Snaplex Settings tab.
  • appname: The app name for the GitLab server. Example: gitlab
  • controlplanename: the value for the control plane your Org connects to:
    • Production: appgateway.prod.snaplogic.io:8095
    • UAT: appgateway.uat.snaplogic.io:8095
    • EMEA: appgateway.emea.snaplogic.io:8095

For example, with an Org name of test, a Groundplex with the environment dev, the gateway URL would be as follows:

http://test-sidekick-dev-gitlab.appgateway.prod.snaplogic.io:8095

Create application in GitLab

To enable GitLab to track SnapLogic assets, a GitLab administrator must create an application that configures connectivity:

Important: The SnapLogic Callback URL is the same as the GitLab Redirect URI.
  1. Log into GitLab.
  2. Navigate to your Group.
  3. Select Settings.
  4. Click Applications.
  5. Click Add a new application.
  6. Enter a name.
  7. Specify these values:
    • For Redirect URI, enter, {Snaplogic_URI}/api/1/rest/asset/app/oauthcallback. For example: https://control-plane-name.snaplogic.com/api/1/rest/asset/app/oauthcallback
      Where control-plane-name is the control plane you are using. For example,
      • elastic
      • uat
      • emea
      Important: Redirect URI is the same as the Callback URL that you specify to integrate Git (GitLab) with your SnapLogic environment/org.
    • Leave the Confidential box checked.
    • For Scopes select the following:
      • api
      • read_api
      • read_user
      • write_repository
    • Click Save application.
    • Click the application to view it and copy the secret to use when configuring your SnapLogic Org.

Configure SnapLogic Org

To finish the configuration, a SnapLogic Org admin must configure the Git integration in Org settings:

  1. Open the IIP Manager.
  2. From the left panel select Settings.
  3. Scroll down to Git Integration and click Configure Git.
  4. From the Git Integration Type dropdown list, select GitLab on-premises. The configuration dialog opens:
    Configure GitLab

  5. Enter the following values:
    1. App ID: The Application ID from the GitLab application.
    2. Client Secret: The Secret copied from the GitLab application.
    3. Gitlab URL: The app gateway URL in the format: org-location-environment-appname.control-plane-name.appgateway.snaplogic.com
    4. Auth URL: The URL for your GitLab server.
    5. Http proxy: The HTTP proxy.
    6. Https proxy: The HTTPS proxy.
    7. Authorized scopes: api read_api read_user write_repository
    8. Callback URL: The Redirect URI from the GitLab application, https://control-plane-name.snaplogic.com/api/1/rest/asset/app/oauthcallback.
      Where control-plane-name is the control plane you are using. For example,
      • elastic
      • uat
      • emea
      Important: This Callback URL is the same as the Redirect URI in the context of GitLab.
  6. Click Save.

Configure the Groundplex

To configure the Groundplex to connect to the app gateway, an Org admin must do the following:

  1. In the IIP Manager, select the Project associated with the Groundplex.
  2. Search for the Groundplex.
  3. Click it to open the Update Snaplex dialog.
  4. Click the Node Properties tab.
  5. In the Global Properties section, click to add the gateway key-value pair:
    On-premises Git configuration on Snaplex Node Properties tab

  6. Enter the appropriate values for the app gateway:
    • Key: jcc.app.gateway.gitlab
    • Value: https://my_gitlab_servername.example.com