Accessing source code in GitLab is what allows Foundational to accurately determine data lineage and analyze pending and historical pull requests.

This setup should take about 10 minutes.

Permissions: To create the necessary Webhook, a group / project maintainer access is required.

On-premise agent supported

For the setup to work, you'll need to complete 2 parts:

Start by going to Foundational's connectors page, click on GitLab, then add new GitLab access key.

API Access Token

The preferred method is to get a group access token.

If not possible - you can use a project access token per project you'd like to cover.

In both cases, go to Settings -> Access Tokens and click Add New Token.

Guidelines for the token:

The token requires the Reporter role and api scope. This is required so that we can comment on your merge requests.
Give the token a descriptive name (e.g. foundational-app). This would be the name that appears to comment on your merge requests.
Consider setting the token to expire 1 year from now. This is the maximum setting and would ensure smoother operation.

Set the API Access Token in the relevant field at Foundational.

On premise setting - pass the token into your on-prem-agent-loader in the GITLAB_ACCESS_TOKEN environment variable.

Webhook URL

The webhook notifies Foundational on certain events, such as new merge requests, new commits to existing merge requests, etc.

Preferrably paste it in your Group's webhook settings. If not possible, set it in the project's settings.

Instructions for both are here.

Use the following URL as the webhook's target:

https://api.foundational.io/api/v1/gitlab_webhook

In the webhook's secret - copy the UUID from Foundational, under Webhook Secret Token

Enable the following triggers:

Under SSL verification, ensure that Enable SSL verification is checked.

Set the following environment variables to your on-prem-agent-loader: