GitLab Cloud setup

Create a GiLab Cloud integration with Flow using OAuth or an access token.

Use a service account to create this integration. Learn more about creating service accounts.

Permissions

Flow only requires read access to your repositories. This permission is needed to process the metadata used to generate our reports. When integrating with Flow, the service account must be a maintainer or owner at both the project and repository levels to utilize all services and webhooks. If you don't want to enable webhooks, then the minimum permission required in GitLab is reporter at both the project and repo levels.

Flow does not ingest data from SHA256 repos at this time. If you have any SHA 256 repos, they will appear on the Repos page, but Flow will not ingest data from them.

Create your integration

To create your GitLab Cloud integration:

Click Settings in the top navigation.
In the left navigation under Integrations, click Integrations.
Click Add integration.
Click GitLab Cloud in the Integration Provider list.
Optional: If you see the Direct Connection or Hybrid Connection, select one.
Next, select your integration method and authenticate with GitLab: Access token or OAuth. In most situations, we recommend OAuth-based integrations.

OAuth

In the Connect with OAuth tab, click Connect with OAuth.

If you're already logged in to your GitLab account, a dialog will prompt you to confirm access. If you're not already logged in, you'll be prompted to log in before authorizing the connection.
If your connection was successful, you'll see a success message.

Ensure popups are allowed in your browser before attempting to connect via OAuth.

When your authentication is successful, click Next to complete the setup of your integration.

Access token

In GitLab, create a new Personal access token. Use the following information:
- Name: Give the access token an identifiable name so you know it's used for Flow.
- Expiry date: Note this date so you can update the token again before it expires. If your access token expires before you update it in Flow, Flow will be unable to continue ingesting and processing your data. Alternatively, create a Service account access token without an expiry date.
- Scopes: The minimum required scopes for Flow to ingest data are:
  - api
  - read_user
  - read_repository
Copy your access token into the Personal Access Token field in Flow.

Add Credential screen on the Gitlab cloud integration wizard.

Click Test connection. Once your connection is successfully verified, you'll receive a success message.

When your authentication is successful, click Next to complete the setup of your integration.

Full Agent Connection

You can also integrate GitLab with Flow via the Flow Agent by selecting the Full Agent Connection as the connection method.

Finish your integration setup

Once you've authenticated successfully:

Toggle the Repos, Tickets, and Pull requests services on or off to determine which data types Flow will ingest for this integration. After you've made your selections, click Next.

Name your integration. This is the name Flow will display for the integration. Choose a name that will help you identify the integration in the future.
Once you've completed all sections, click Create.

You've successfully created a GitLab Cloud integration. Next, Flow directs you to the details page for this integration to complete additional setup steps. At this point, choose whether to enable auto-import for your repos and set up repo exclusions.

Ensure the list of groups matches what you expect. If any seem to be missing, double-check the permissions and scopes you used during authentication.

To learn more about managing your new integration settings, see Managing integrations.