Connect GitLab Self-Managed Server (Broker Set-Up)

Aikido lets you connect a self-managed GitLab instance to scan and secure your code. Follow the steps below to connect your GitLab server to Aikido.

Before you start

The person setting this up needs access to both the GitLab instance and the GitLab group you want to connect.

An Aikido workspace always maps to a single GitLab group.

We recommend connecting Aikido to a top-level (root) group that contains all subgroups. If you don’t have a root group, create one workspace per GitLab group. You can do this after creating your first workspace via the top-left dropdown: “Add another workspace”.

Configuration

Create an Aikido account

To connect your GitLab server, first sign up or log in to Aikido using Google or Microsoft. On the signup screen, click Google / Microsoft.

Start the GitLab setup

Once you’re authenticated, create a new workspace by clicking Self-Managed in the GitLab section.

Enable Broker access

Enter your GitLab server URL, then enable Broker required to access server.

Click Create Group to continue.

Configure the Broker

Configure the Broker using the guide below. After you deploy it, return here to finish the GitLab setup.

Aikido Broker for Internal Applications

Complete GitLab server setup

After you create the broker and deploy it in your environment, you can complete the GitLab setup.

First, copy the Broker URL. It looks similar to this:

https://55673-355dsfwea68cb.aikidobroker.com

Then click Complete GitLab Server Setup.

Enter the Broker URL

Paste the Broker URL from the previous step.

Create a GitLab personal access token (PAT)

Next, create a personal access token (PAT). We recommend using a dedicated service account

Log in to your GitLab server
Go to the admin area (/admin)
Go to Settings → Service accounts
Click Add service account, enter a name, then save

Add the service account to the GitLab group you want to connect, like any other user. See GitLab’s docs on group members.

Now that the service account is created, you can create a PAT for it by clicking the three dots and select "Manage access tokens"

Click on "Add new token"
Enter a name for the token, for example: Aikido Security Access Token
Set an expiration date that matches your internal policy. Rotate the token before it expires.
We need the following scopes to be selected:
- read_user
- read_api
- read_repository
Click the Create token button at the bottom of the form.

Copy the token being shown on the screen and enter it in the input field.

Important: You won’t be able to see the token again after you leave this screen. Copy it before you continue.

Aikido will now check the connection to your GitLab server. If it fails, double-check the server URL and the token.

Complete the installation

After you click Next, Connect Group, select the group you want to start with. You can always connect more groups later.

In the final step, select the repositories you want Aikido to monitor.

Last updated 21 days ago

Was this helpful?

hashtagBefore you start

hashtagConfiguration

hashtagCreate an Aikido account

hashtagStart the GitLab setup

hashtagEnable Broker access

hashtagConfigure the Broker

hashtagComplete GitLab server setup

hashtagEnter the Broker URL

hashtagCreate a GitLab personal access token (PAT)

hashtagComplete the installation

Before you start

Configuration

Create an Aikido account

Start the GitLab setup

Enable Broker access

Configure the Broker

Complete GitLab server setup

Enter the Broker URL

Create a GitLab personal access token (PAT)

Complete the installation