GitLab
GitLab
The GitLab Integration in PGP
The GitLab Integration in the Praetorian Guard Platform (PGP) provides continuous monitoring of your organization's GitLab repositories to detect potential security risks and vulnerabilities. The integration scans both public and private projects within specified GitLab groups, helping secure your source code and development assets. PGP connects to GitLab using a Personal Access Token (PAT). This allows PGP to securely access and scan repositories within your GitLab groups. The integration automatically discovers all projects within connected groups and monitors them for security issues. To set up the GitLab integration, you'll need to complete two main steps: creating a Personal Access Token in GitLab and configuring the integration in PGP.
Creating a Personal Access Token in GitLab
First, access the Personal Access Tokens page in GitLab. You can do this by signing into GitLab and either going directly to the Personal Access Tokens page or navigating there through your profile settings (Profile icon → Edit profile → Access Tokens). On the Personal Access Tokens page, click "Add new token".
When creating the token, provide a descriptive name and set an appropriate expiration date. Under "Select scopes," enable both read_api and read_repository permissions.
After clicking "Create personal access token", GitLab will display your token - copy it immediately as it won't be shown again.
Finding Your GitLab Group URL
To locate your group URL, visit your Group page in GitLab and navigate to "Group settings". Under the Advanced section in Group General settings, you'll find your group's base URL.
Under the Advanced section in Group General settings, you'll find your group's base URL.
GitLab Dedicated Secure Networking
If your organization uses GitLab Dedicated with Secure Networking enabled, Guard must be able to reach your GitLab environment from the public IP ranges used by the platform and Praetorian VPN egress.
Before connecting the integration, add the following IP ranges to your GitLab Dedicated IP allowlist:
66.45.78.0/24— Guard Platform3.133.170.58— Guard Platform Validation IP35.188.30.0— Praetorian VPN Egress #135.196.215.192— Praetorian VPN Egress #2
Without this allowlisting step, Guard may be unable to authenticate to GitLab or scan repositories successfully.
Configuring the Integration in PGP
In PGP's interface, go to the Integrations page and click "Add Integration". You can find GitLab listed under the Source Code Managers section, or use the search bar to locate it directly.
In the integration configuration window, provide two pieces of information:
Your GitLab group URL
The Personal Access Token you created
Click "Connect" to complete the setup. Once configured, PGP will begin regularly scanning all accessible projects in your group for security concerns, including hard-coded secrets.
This integration leverages PGP's scanning capabilities to continuously monitor your GitLab assets, helping maintain the security of your source code and development environment.
If you run into any issues during the integration process or have questions about maximizing the value of this integration, our support team is ready to help. You can reach us at support@praetorian.com, and we'll be happy to guide you through any challenges you encounter.