User Guide
  • Fundamentals
    • Quick Start Guide
      • Signing Up
      • Package Discovery
        • Connecting to GitHub
        • Connecting to GitLab
        • Connecting to Azure DevOps
        • Connecting to the CI Pipeline
        • Connecting to the Artifact Server
      • Package Sealing
        • Integrating the CLI in the CI
        • Editing Dependencies
    • Deployments
      • Choosing Your Deployment
      • Automatic Remediation
      • Remote Configuration
      • Local Configuration
      • Artifact Server
    • CLI
      • Download and Installation
      • Scanning
      • Fixing All Dependencies
      • Fixing Specific Dependencies
      • Fixing OS Vulnerabilities
      • Integrating with the CI
      • Uploading Scan Results
      • Commands
      • SCA Integrations
      • JFrog Integration
      • Usage Examples
        • Sealing Application Dependencies
        • Sealing Linux Environments
    • Artifact Server
      • Generating a Token
      • Artifact Server Ordering
      • Configuring the Package Manager
        • Configuring apk
        • Configuring Composer
        • Configuring Go
        • Configuring Gradle
        • Configuring Maven
        • Configuring npm
        • Configuring pip
        • Configuring Poetry
        • Configuring yarn
        • Configuring yum
      • Clearing the Cache
      • Editing Your Dependencies
    • Web Interface
      • Rules Screen
  • APIs
    • List Vulnerable Packages
  • FAQ
  • Vulnerability Disclosure
Powered by GitBook
On this page
  1. Fundamentals
  2. Quick Start Guide
  3. Package Discovery

Connecting to GitLab

PreviousConnecting to GitHubNextConnecting to Azure DevOps

Last updated 9 months ago

Connecting the Seal platform to a GitLabb repository enables it to automatically sync with your projects, detect vulnerable packages, and possibly open pull requests to replace vulnerable packages with fully-compatible sealed versions.

After you click Import from GitLab on the onboarding, you will need to put a URL to your organization on GitLab, and a personal access token with the requisite permissions.

Generating the personal access token on GitLab

  1. In the Project Access Tokens screen give your token a name and a distant expiration date (we recommend at least one year in the future).

  2. The role must be Developer, Maintainer or Owner.

  3. Give the token api access.

  4. Create the token, and copy it to the relevant field in the Link to GitLab window shown above.

Adding projects

After you've configured the connection to GitLab, you'll need to connect to the relevant code projects. Each project maps to an individual dependency file, for example package-lock.json. You can choose which dependency files you want Seal to scan. Each dependency file will map to a separate project on the platform.

You can either choose from a list of automatically detected projects, or add your projects later manually by clicking on the New project button in the Projects tab.

The Project ID field is used to identify the project when communicating with the artifact server. It is meant to be used by machines, and it won't be editable later.