GitLab

9min

Purpose
GitLab integration is very similar to GitHub's integration in its purpose.
Installation
Echoes supports both the hosted version of GitLab or on-premises deployments.
Connecting to your GitLab instance
Echoes lets your connect to your GitLab instance either with the OAuth flow or using a Personal Access Token. There are no security advantage to either method of authentication. OAuth will generally require less clicks and is easier to setup.
Connect o GitLab
﻿
Using a dedicated service account
We recommend creating a service account on your GitLab instance and installing Echoes under this account's identity.
It will make the Echoes installation independent of the lifetime of any particular individual. For example, Echoes will continue working properly if the person who did the installation leaves the company.
It will also allow for fine-grained management of the role under which Echoes operates and the GitLab groups Echoes is allowed to participate in.
Permissions
The GitLab integration requires the api and read_user token scopes. At installation time Echoes will subscribe to events on your GitLab projects by registering a webhook, which requires Maintainer role on the group. 
Proxying the GitLab API
Some customers may be concerned granting the api permissions to a third party. For them, we provide a GitLab API proxy﻿ which significantly improves the security guarantees at the cost of self-hosting an additional service.
Checking for labels
We distribute a reusable GitLab job you can use in your pipeline in order to check for the presence of Echoes required labels.
Diff
+ include: https://gitlab.com/echoeshq/echoes-gitlab-job/raw/main/echoes-check.yml

stages:
  - deploy
+ - echoes:check

deploy-job:      
  stage: deploy
  script:
    - echo "Application successfully deployed."
+ include: https://gitlab.com/echoeshq/echoes-gitlab-job/raw/main/echoes-check.yml

stages:
  - deploy
+ - echoes:check

deploy-job:      
  stage: deploy
  script:
    - echo "Application successfully deployed."
﻿
Echoes checks that pull requests have at least one echoes/intent or echoes/initiative label, and optionally one echoes/effort label. The "details" links has useful documentation to help communicating engineers the purpose of these labels.
Please not that we are closely following GitLab developments for a first-class Checks API and will integrate with it as soon as it becomes generally available.
Manage your installations
Update the Personal Access Token
A GitLab integration installed with a Personal Access Token can be edited.
The edition allows updating the Personal Access Token itself. To do so, click on the "three dots" menu under Actions -> Edit.
GitLab installation - Edit
﻿
Edit the Personal Access Token
﻿
Once the Personal Access Token is entered click Save.
Editing the Personal Access Token permits for instance to rotate the token for security reasons.
Update the Repositories
Within the Repositories tab is the repositories editor. From this editor it is possible to add or remove repositories from Echoes supervision. When a repository is unselected, Echoes no longer listen to its events.
Repositories update
﻿
FAQ
During the installation, why don't I see my Group in the list?
There are two possible reasons:
Echoes requires you to be the Maintainer of the Group. Please make sure you are at least the Maintainer of the Group you are looking for.
By design Echoes only lists the top Groups. Therefore Subgroups will not be shown in the list.
﻿
﻿

Updated 25 Sep 2023

Did this page help you?

GitHub Enterprise Server

GitLab API proxy

GitLab

Purpose

Installation

Connecting to your GitLab instance

Using a dedicated service account

Permissions

Proxying the GitLab API

Checking for labels

Manage your installations

Update the Personal Access Token

Update the Repositories

FAQ

During the installation, why don't I see my Group in the list?

﻿