APIAikido login

Gitlab (Server) CI: MR Gating via Aikido Dashboard with a Personal Access Token (PAT)

Introduction

You can easily configure GitLab MR Gating via the Aikido interface. This doc focusses on managing configurations in bulk - multiple repos at the same time - without code.

Use Cases

  • Bulk Repository Management: Easily specify and manage configurations for multiple repositories at once through the Aikido interface.

  • Zero Code Integration: Install the Aikido app on GitLab to manage checks without embedding any code, simplifying the setup process.

  • Cost Efficiency: By managing GitLab Checks through Aikido, avoid using CI minutes on GitLab, leading to significant cost savings.

Creating a Personal Access Token

Gitlab Server and Gitlab cloud support several different personal access tokens, which all work the same way. We usually recommend to create a group PAT, but for Gitlab cloud this is only possible for premium customers.

  1. Navigate to the "Personal Access Token" settings page

    1. For a group access token: Go to you group page > Settings > Access Tokens

    2. For a personal access token: Go to your profile page > User settings > Access Tokens

      Group Access Tokens page with no active tokens and an option to add new token.

  2. Click on "Add new token"

  3. Enter a name for the token, remove the expiration date and select the api scope

    Form to create a GitLab group access token with selectable roles and API permission scopes.

  4. Click on "Create token"

    GitLab group access token generation and management interface, showing an active token.

  5. Copy the token and keep it for the next step

Setting up GitLab CI

Step 1. Enter the access token from the previous part into the input field on this page and click "Update token"

Gitlab Checks: Enter or update your personal access token for authentication.

Step 2. Aikido redirects you to the GitLab CI page with an overview of your repos. You can start configuring your repos. We recommend starting out with 1 repo to make sure everything works well.

Step 3. Select repos in bulk and click Setup MR Scans button in the floating bulk actions bar on the bottom.

Step 4.This will trigger the modal to choose the severity level for failure and the scans you want to execute.

Configure security scans and severity settings for 65 repositories.

If you've added new repositories after the initial setup, you'll need to configure those repos as well.

Adding Exceptions for specific repos

You might want to have 1 specific repo where the configuration slightly differs. You can easily add exceptions by clicking the triple dots on a repo item or just select 1 or more items and go through the Configure Scans process again.

Vulnerable projects list with critical status and configuration management options.

Full Flow

We have recorded a Loom video showing you the full flow, both within Aikido and GitLab. This can be viewed here.

Last updated

Was this helpful?