Configure the Git Integration to use GitLab on-premises (Beta)

Configure the Git integration for self-managed GitLab.

The Git Integration has beta support for a self-managed GitLab installation deployed on-premises or in the cloud. The SnapLogic Platform supports a single Groundplex per environment for Git operations. SnapLogic provides an App Gateway, a secure transparent proxy, to route Git requests through your Groundplex to the GitLab server, providing an additional layer of security.

Important: Ensure that the network idle timeout on the GitLab service is more than 20 seconds. A timeout of 20 seconds or less can lead to connection errors for API calls.

To enable use of self-managed GitLab for tracking SnapLogic assets, you need the following:

  • A subscription for the SnapLogic Git Integration
  • Administrative permission for the GitLab group
  • SnapLogic Environment (Org) admin permission

Repository visibility

We recommend that you configure the Git Integration to only access repositories dedicated to SnapLogic assets. This improves the performance of authorization and Git operations in the SnapLogic Platform. It also improves usability by reducing the list of repositories that pipeline developers must choose from during checkout.

GitLab doesn't have a way to filter the repositories accessed by third parties. In SnapLogic Git Integration settings, the optional Namespaces field controls which repositories are visible in Designer and Project Manager and is used as a filter to avoid the whole tree structure and show specific repositories, with the following structure:
  • comma-separated list
  • group_name/* means all the repositories right under the root, not in subgroups.
  • group_name/** means the whole tree
  • group_name/subgroup_1/*, group_name/subgroup_1/subgroup_2/* or _name/subgroup_1/subgroup_2/…/subgroup_n/* means all the repositories under the subgroup_1, subgroup_2 or subgroup_n.
  • group_name/subgroup_1/**, group_name/subgroup_1/subgroup_2/**, group_name/subgroup_1/subgroup_2/…/subgroup_n/** means all the repositories under the subgroup_1, subgroup_2, or subgroup_n and their descendants subgroups. Here, the first case covers all the others.
  • group_name/repositorya, group_name/subgroup_1/repositoryb, group_name/subgroup_1/repositoryc, group_name/subgroup_1/subgroup_2/repositoryd or group_name/subgroup_1/subgroup_2/…/subgroup_n/repositorye means the specific repositories listed: repositorya, repositoryb, repositoryc, repositoryd, and repositorye.
Important: GitLab groups and subgroups act as containers for Git repositories. GitLab supports multiple levels of subgroups. The SnapLogic Git Integration now repositories at any depth within the project hierarchy, instead of just one or two levels. This allows users to browse and select GitLab repositories located at any level within the GitLab hierarchy during the import process. Users can initiate a checkout/import operation for these deep-level repositories, bringing their contents (e.g., pipelines, accounts, assets, projects) into the designated SnapLogic project space.

Create an application in GitLab

To enable GitLab to track SnapLogic assets, create an application that configures connectivity:

  1. Log in to GitLab.
  2. Navigate to your Group.
  3. Select Settings.
  4. Click Applications.
  5. Click Add a new application.
  6. Enter a name.
  7. Specify these values:
    • For Redirect URI, enter: https://control-plane-name.snaplogic.com/api/1/rest/asset/app/oauthcallback

      Where control-plane-name is the control plane you are using. For example:

      • elastic
      • uat
      • emea
      Important: This Redirect URI is the same as the Callback URL that you specify to configure the Git Integration in your SnapLogic environment.
    • Leave the Confidential box checked.
    • For Scopes select the following:
      • api
      • read_api
      • read_user
      • write_repository
    • Click Save application.
    • Click the application to view it and copy the secret to use when configuring the SnapLogic environment.

Configure the SnapLogic environment

To complete the configuration, the SnapLogic Environment Admin can configure Git Integration settings in Admin Manager as follows:

  1. Open Admin Manager.
  2. From the left navigation panel under System Configurations select Git Integration.
  3. From the Git integration type dropdown list, select GitLab on-premises. The configuration page opens:
    Configure GitLab

  4. Enter the following values:
    1. App ID: The Application ID from the GitLab application.
    2. Namespaces: An optional, comma-separated list of repository paths that specifies which repositories are visible to developers in the SnapLogic interface. Refer to Repository visibility for the acceptable syntax.
    3. Client secret: The secret copied from the GitLab application.
    4. GitLab URL: The App Gateway URL that routes Git requests between your Groundplex and the GitLab server. Construct the URL using the following format:

      https://org-sidekick-environment-gitlab.controlplane:8095

      Where:

      • org: Your environment name with hyphens, special characters, and spaces removed. This doesn't change the environment name, but is required for the URL. For example, myenterprise-snap-test becomes myenterprisesnaptest.
      • environment: The value from the Environment field on your Groundplex Settings tab, with hyphens, special characters, and spaces removed. For example, dev-12 becomes dev12.
      • controlplane: The App Gateway address for your control plane:
        • Production - Global: appgateway.prod.snaplogic.io
        • Production - EMEA: appgateway.emea.snaplogic.io
        • UAT: appgateway.uat.snaplogic.io

      Example: For an environment named test with an Environment value of dev on the Global control plane:

      https://test-sidekick-dev-gitlab.appgateway.prod.snaplogic.io:8095

    5. Auth URL: The URL for your GitLab server.
    6. Authorized scopes: api read_api read_user write_repository
    7. Callback URL: The Redirect URI from the GitLab application, https://control-plane-name.snaplogic.com/api/1/rest/asset/app/oauthcallback.
      Where control-plane-name is the control plane you are using. For example:
      • elastic
      • uat
      • emea
      Important: This Callback URL is the same as the Redirect URI that you specified in the GitLab application.
  5. Click Save.
  1. Open Project Manager.
  2. From the left panel select Settings.
  3. Scroll down to Git Integration and click Configure Git.
  4. From the Git Integration Type dropdown list, select GitLab on-premises. The configuration dialog opens:
    Configure GitLab

  5. Enter the following values:
    1. App ID: The Application ID from the GitLab application.
    2. Namespaces: Optional. Limits which repositories developers can see in the SnapLogic interface. Enter comma-separated repository paths to restrict access, or leave empty to allow access to all repositories. Refer to Repository visibility for the acceptable syntax.
    3. Client Secret: The Secret copied from the GitLab application.
    4. GitLab URL: The App Gateway URL that routes Git requests between your Groundplex and the GitLab server. Construct the URL using the following format:

      https://org-sidekick-environment-gitlab.controlplane:8095

      Where:

      • org: Your environment name with hyphens, special characters, and spaces removed. This doesn't change the environment name, but is required for the URL. For example, myenterprise-snap-test becomes myenterprisesnaptest.
      • environment: The value from the Environment field on your Groundplex Settings tab, with hyphens, special characters, and spaces removed. For example, dev-12 becomes dev12.
      • controlplane: The App Gateway address for your control plane:
        • Production - Global: appgateway.prod.snaplogic.io
        • Production - EMEA: appgateway.emea.snaplogic.io
        • UAT: appgateway.uat.snaplogic.io

      Example: For an environment named test with an Environment value of dev on the Global control plane:

      https://test-sidekick-dev-gitlab.appgateway.prod.snaplogic.io:8095

    5. Auth URL: The URL for your GitLab server.
    6. Authorized scopes: api read_api read_user write_repository
    7. Callback URL: The Redirect URI from the GitLab application, https://control-plane-name.snaplogic.com/api/1/rest/asset/app/oauthcallback.
      Where control-plane-name is the control plane you are using. For example:
      • elastic
      • uat
      • emea
      Important: This Callback URL is the same as the Redirect URI that you specified in the GitLab application.
  6. Click Save.

Configure the Groundplex

Configure the Groundplex you identified in Admin Manager by adding its Environment value to the GitLab URL.

  1. In the left pane, click Snaplexes.
  2. Click the Groundplex to open the Update Snaplex page.
  3. Click the Node properties tab.
  4. In the Global properties section, click + Add new global property to add the gateway key-value pair:
    On-premises Git configuration on Snaplex Node Properties tab

    Attention: The GitLab URL value encodes the Environment value from your Groundplex Settings tab, which routes all Git operations through that Snaplex. Add this property to only one Snaplex per environment. Configuring it on additional Snaplexes can cause intermittent Git operation failures.
  5. Enter the following values:
    • Key: jcc.app.gateway.gitlab
    • Value: The GitLab URL that you specified in the Git Integration settings. Example: https://myorg-sidekick-dev-gitlab.appgateway.prod.snaplogic.io:8095