From 00778564b3825c1e03052ac2ba95784df3c03a14 Mon Sep 17 00:00:00 2001 From: shariff-6 Date: Tue, 9 Sep 2025 12:14:38 +0300 Subject: [PATCH 1/5] Add access control section to GitLab integration documentation Enhance the GitLab integration documentation by introducing an access control section. This includes details on the `visibility` configuration, access levels, and parameters for filtering resources based on user permissions. Configuration examples are provided for both restricted and unrestricted access scenarios. --- .../git/gitlab-v2/GitLab-v2.md | 13 ++++ .../git/gitlab-v2/advanced.md | 63 +++++++++++++++++++ 2 files changed, 76 insertions(+) diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md index c9c0ec2a57..c3efb97c20 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md @@ -50,6 +50,9 @@ This is the default mapping configuration for this integration: ```yaml showLineNumbers deleteDependentEntities: true createMissingRelatedEntities: true +visibility: + useMinAccessLevel: true + minAccessLevel: 30 resources: - kind: project selector: @@ -118,7 +121,17 @@ resources: +## Access control +The GitLab integration supports configurable access control to determine which resources are visible and accessible to the integration. + +We can configure access control using the `visibility` configuration block in the integration mapping. + +This allows us to filter resources based on GitLab access levels (Guest, Reporter, Developer, Maintainer, Owner). We can also disable access level filtering entirely to include all accessible resources. + +:::tip Access control configuration +For detailed configuration options, access level reference, and practical examples, check the [Advanced configuration](./advanced.md#access-control) section. +::: ## Capabilities diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md index b50629ca33..00808a5337 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md @@ -59,4 +59,67 @@ The `createMissingRelatedEntities` parameter enables automatic creation of place + + +The `visibility` configuration allows us to control which GitLab resources are accessible to the integration based on access levels. + +

Access levels

+ +GitLab uses numeric access levels to define permissions: + +| Level | Role | Description | +|-------|------|-------------| +| 10 | Guest | Read-only access to public resources | +| 20 | Reporter | Can view and download code | +| 30 | Developer | Can push code and manage issues | +| 40 | Maintainer | Can manage project settings | +| 50 | Owner | Full administrative access | + +

Parameters

+ +- **`useMinAccessLevel`**: Boolean flag to enable/disable access level filtering + - **Default value**: `true` + - **Use case**: Set to `false` to include all accessible resources without filtering + +- **`minAccessLevel`**: Integer specifying minimum access level required + - **Default value**: `30` (Developer) + - **Use case**: Restrict integration to resources where the token has specified access level or higher + +

Configuration examples

+ +```yaml showLineNumbers +# Only sync owned projects +visibility: + useMinAccessLevel: true + minAccessLevel: 50 +resources: + - kind: project + selector: + query: 'true' + port: + entity: + mappings: + identifier: .path_with_namespace | gsub(" "; "") + title: .name + blueprint: '"service"' +``` + +```yaml showLineNumbers +# Include all accessible resources +visibility: + useMinAccessLevel: false +resources: + - kind: project + selector: + query: 'true' + port: + entity: + mappings: + identifier: .path_with_namespace | gsub(" "; "") + title: .name + blueprint: '"service"' +``` + + + From 7cb15f4e94d40b85db77ce8af2c83242ce915e9a Mon Sep 17 00:00:00 2001 From: shariff-6 Date: Tue, 9 Sep 2025 12:18:16 +0300 Subject: [PATCH 2/5] Remove default config from default mapping --- .../sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md index c3efb97c20..894eb8942e 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md @@ -50,9 +50,6 @@ This is the default mapping configuration for this integration: ```yaml showLineNumbers deleteDependentEntities: true createMissingRelatedEntities: true -visibility: - useMinAccessLevel: true - minAccessLevel: 30 resources: - kind: project selector: From 9453a8cd453147f309f9418f4102b5709250f634 Mon Sep 17 00:00:00 2001 From: hadar-co Date: Tue, 9 Sep 2025 15:35:50 +0300 Subject: [PATCH 3/5] Update docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md --- .../sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md index 266684cb0d..71d18d0f2b 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/GitLab-v2.md @@ -122,12 +122,12 @@ resources: The GitLab integration supports configurable access control to determine which resources are visible and accessible to the integration. -We can configure access control using the `visibility` configuration block in the integration mapping. +You can configure access control using the `visibility` configuration block in the integration mapping. -This allows us to filter resources based on GitLab access levels (Guest, Reporter, Developer, Maintainer, Owner). We can also disable access level filtering entirely to include all accessible resources. +This allows you to filter resources based on GitLab access levels (Guest, Reporter, Developer, Maintainer, Owner). You can also disable access level filtering entirely to include all accessible resources. :::tip Access control configuration -For detailed configuration options, access level reference, and practical examples, check the [Advanced configuration](./advanced.md#access-control) section. +For detailed configuration options, access level reference, and practical examples, see the [Advanced configuration](./advanced.md#access-control) section. ::: ## Capabilities From 91767ae46375dda4774727ac69951fc9b18ea828 Mon Sep 17 00:00:00 2001 From: hadar-co Date: Tue, 9 Sep 2025 15:35:58 +0300 Subject: [PATCH 4/5] Update docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md --- .../sync-data-to-catalog/git/gitlab-v2/advanced.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md index 00808a5337..89e073d0c1 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md @@ -61,7 +61,7 @@ The `createMissingRelatedEntities` parameter enables automatic creation of place -The `visibility` configuration allows us to control which GitLab resources are accessible to the integration based on access levels. +The `visibility` configuration allows you to control which GitLab resources are accessible to the integration based on access levels.

Access levels

From 903d314c327746e0dda7890b1174e5822352a9b7 Mon Sep 17 00:00:00 2001 From: hadar-co Date: Tue, 9 Sep 2025 15:36:15 +0300 Subject: [PATCH 5/5] Update docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md --- .../sync-data-to-catalog/git/gitlab-v2/advanced.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md index 89e073d0c1..f8986e0086 100644 --- a/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md +++ b/docs/build-your-software-catalog/sync-data-to-catalog/git/gitlab-v2/advanced.md @@ -81,9 +81,9 @@ GitLab uses numeric access levels to define permissions: - **Default value**: `true` - **Use case**: Set to `false` to include all accessible resources without filtering -- **`minAccessLevel`**: Integer specifying minimum access level required +- **`minAccessLevel`**: Integer specifying the minimal required access level - **Default value**: `30` (Developer) - - **Use case**: Restrict integration to resources where the token has specified access level or higher + - **Use case**: Restrict integration to resources where the token has the specified access level or higher

Configuration examples