Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

GitLab: Integration w/o owner user

Tobias Rahloff
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
April 8, 2024

Hi Compass community, 

Based on the documentation, it is required to give Compass highly elevated permissions:

  • do not set expiration date, leave it empty
  • 🛑 set required scopes for the token to “api” and “write_repository”
  • 🛑 select an owner role for the token
  • have GitLab owner permissions for the group you want to connect

Why is this needed for, essentially, an IDP with DevEx/DORA Metrics BI Dashboard? Unfortunately, this requirement is currently halting the adoption of Compass. Similar tools like LinearB are fine with read-only access. 

The only capability I could think of where write access would be needed is to add the `compass automatically.yml` file to repositories. 

If this is the reason for owner + repo_write permissions, I think it could be a completely viable to just not use this feature. 

1 answer

1 vote
Josh Campbell
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 29, 2024

Creating merge requests (to add compass.yaml) and future plans to add the Templates feature to GitLab are the primary drivers for needing write permissions. Revisiting the permissions and seeing if we can ask for less and progressively get more (if needed/as Compass features are used) is something we can explore. 

Did you try using an incoming webhook by chance? 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events