GitLab integration is very similar to GitHub's integration in its purpose.

Echoes supports both the hosted version of GitLab or on-premises deployments.

Echoes relies on Group Hooks which are a feature of GitLab Premium and above. You can verify if the feature is available in the "Webhooks" settings of your group.

Echoes lets your connect to your GitLab instance either with the OAuth flow or using a Personal Access Token. There are no security advantage to either method of authentication. OAuth will generally require less clicks and is easier to setup.

The GitLab integration requires the api and read_user token scopes. At installation time Echoes will subscribe to events on your destination GitLab groups by registering a webhook, which requires Owner role on the group. During normal operations, Echoes however requires no additional permissions than those provided by the Developer role. When Echoes it installed under the identity of a service account, it is therefore safe to downgrade the role of the service account from Owner to Developer once the setup is complete.

We distribute a reusable GitLab job you can use in your pipeline in order to check for the presence of Echoes required labels.

Echoes checks that pull requests have at least one echoes/intent or echoes/initiative label, and optionally one echoes/effort label. The "details" links has useful documentation to help communicating engineers the purpose of these labels.

Please not that we are closely following GitLab developments for a first-class Checks API and will integrate with it as soon as it becomes generally available.

A GitLab integration installed with a Personal Access Token can be edited.

The edition allows updating the Personal Access Token itself. To do so, click on the "three dots" menu under Actions -> Edit.

Once the Personal Access Token is entered click Save.