# GitLab

{% hint style="warning" %}
Only organization Admins can create, edit and delete integrations.
{% endhint %}

{% hint style="info" %}
IcePanel only supports projects which belong to a group or shared group. Personal projects are not supported at this time.
{% endhint %}

Link your model objects to reality, such as code repos, branches, folders and files. When those links move, change names or get deleted, we’ll notify you that the object may need to be updated in your IcePanel landscape.

Learn more here:  [Linking to reality](/integrations/linking-to-reality.md)

## Using GitLab

IcePanel uses OAuth to authenticate with [GitLab.com](http://gitlab.com/) users.

### Linking an account

1. From your landscape homepage, click on the organization dropdown at the top of the navigation bar
2. Click on the `Manage` link for the organization you want to setup
3. Go to the `Integrations` tab
4. Click on the `New integration` button
5. Select `GitLab` and accept the requested permissions
6. Choose a GitLab group that you’d like to synchronize with IcePanel
7. You should now see your code repos in the `Links` section of an object

### Unlinking an account

1. Navigate to `Integrations` in IcePanel by clicking `Manage` in the organization dropdown
2. Select the `GitLab` tab and click `Remove`
3. Navigate to your GitLab Applications tab and revoke the authorization for IcePanel

### Whitelist the IcePanel repo scanner

You may find that no code repos show if your organization has enabled IP filtering or whitelisting in your integration. To resolve this whitelist the IcePanel repo scanner IP address:

`34.168.47.236`

## Using self-hosted GitLab

IcePanel uses access tokens to authenticate with self-hosted GitLab instances.

1. Create one of the following GitLab access tokens with read\_api and read\_repository scopes.
   * [Personal access token](https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html#create-a-personal-access-token)
   * [Project access token](https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html#create-a-project-access-token)
   * [Group access token](https://docs.gitlab.com/ee/user/group/settings/group_access_tokens.html#create-a-group-access-token-using-ui)
2. Navigate to `API keys` in IcePanel by clicking `Manage` in the organization dropdown
3. Create an API key with admin permissions
4. Run the [IcePanel CLI](https://hub.docker.com/repository/docker/icepanel/cli) docker image in gitlab-sync mode with the following parameters

```
⠀docker run icepanel/cli gitlab-sync \\
  --api-key $ICEPANEL_KEY \\
  --url <https://gitlab.com> \\
  --token $GITLAB_TOKEN

```

Or with environment variables.

```
docker run \\
  -e API_KEY=$ICEPANEL_KEY \\
  -e GITLAB_URL=https://gitlab.com \\
  -e GITLAB_TOKEN=$GITLAB_TOKEN \\
  icepanel/cli gitlab-sync

```

5. Once the synchronization is complete you should see your code repos in the IcePanel reality tab.

### CLI command reference

```
Usage: IcePanel gitlab-sync [options]

Syncronize IcePanel code repos with a GitLab instance

Options:
  --api-url <value>         IcePanel API URL (default: "https://api.icepanel.io/v1")
  -k, --api-key <value>     IcePanel API key
  -s, --url <value>         GitLab URL (default: "https://gitlab.com")
  -t, --token <value>       GitLab token
  -g, --group-id <value>    GitLab group ID, comma seperated
  -i, --interval <secs>     Interval for syncronization (default: "1800")
  -f, --force               Force refresh of code repos and trees
  --filter-repos <pattern>  Filter code repo names to include, supports wildcards
  --delete-all              Delete all code repos and trees for this integration
  --concurrency <value>     Number of jobs that can be processed in parallel (default: "10")
  -h, --help                display help for command

Environment variables:
  API_URL             IcePanel API URL
  API_KEY             IcePanel API key
  GITLAB_URL          GitLab URL
  GITLAB_TOKEN        GitLab token
  GITLAB_GROUP_ID     GitLab group ID, comma seperated
  SYNC_INTERVAL       Interval for syncronization
  FORCE               Force refresh of code repos and trees
  FILTER_REPOS        Filter code repo names to include, supports wildcards
  CONCURRENCY         Number of jobs that can be processed in parallel
  LOG_LEVEL           Options are fatal, error, warn, info, debug, trace, silent

```

### Self-signed certificates

To use a self signed the certificates `NODE_TLS_REJECT_UNAUTHORIZED=0`must be specified as an environment variable to the CLI container.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.icepanel.io/integrations/code-repo-linking/gitlab.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.