diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md index add4b8a372..71d18d0f2b 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md @@ -118,7 +118,17 @@ resources: +## Access control +The GitLab integration supports configurable access control to determine which resources are visible and accessible to the integration. + +You can configure access control using the `visibility` configuration block in the integration mapping. + +This allows you to filter resources based on GitLab access levels (Guest, Reporter, Developer, Maintainer, Owner). You can also disable access level filtering entirely to include all accessible resources. + +:::tip Access control configuration +For detailed configuration options, access level reference, and practical examples, see the [Advanced configuration](./advanced.md#access-control) section. +::: ## Capabilities diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md index b50629ca33..f8986e0086 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md @@ -59,4 +59,67 @@ The `createMissingRelatedEntities` parameter enables automatic creation of place + + +The `visibility` configuration allows you to control which GitLab resources are accessible to the integration based on access levels. + +

Access levels

+ +GitLab uses numeric access levels to define permissions: + +| Level | Role | Description | +|-------|------|-------------| +| 10 | Guest | Read-only access to public resources | +| 20 | Reporter | Can view and download code | +| 30 | Developer | Can push code and manage issues | +| 40 | Maintainer | Can manage project settings | +| 50 | Owner | Full administrative access | + +

Parameters

+ +- **`useMinAccessLevel`**: Boolean flag to enable/disable access level filtering + - **Default value**: `true` + - **Use case**: Set to `false` to include all accessible resources without filtering + +- **`minAccessLevel`**: Integer specifying the minimal required access level + - **Default value**: `30` (Developer) + - **Use case**: Restrict integration to resources where the token has the specified access level or higher + +

Configuration examples

+ +```yaml showLineNumbers +# Only sync owned projects +visibility: + useMinAccessLevel: true + minAccessLevel: 50 +resources: + - kind: project + selector: + query: 'true' + port: + entity: + mappings: + identifier: .path_with_namespace | gsub(" "; "") + title: .name + blueprint: '"service"' +``` + +```yaml showLineNumbers +# Include all accessible resources +visibility: + useMinAccessLevel: false +resources: + - kind: project + selector: + query: 'true' + port: + entity: + mappings: + identifier: .path_with_namespace | gsub(" "; "") + title: .name + blueprint: '"service"' +``` + + +