GitLab

Integrating GitLab with Escape's ASM provides unprecedent Code-to-Cloud visibility by matching your Code Resolvers with your Cloud Resources, through API Discovery from Code.

Discovered Resources¶

The GitLab integration automatically discovers and inventories the following resources from your GitLab instance:

• GitLab Repositories: All repositories within the group or project scope
• API Schema Files: OpenAPI specifications, GraphQL schemas, Postman collections, and other API definition files found in repositories
• Extracted APIs: API endpoints and services defined in discovered schema files

The integration scans your repositories for API schema files, extracts API definitions, and automatically classifies them as Assets (APIs) in Escape's ASM. This enables Code-to-Cloud security monitoring by linking discovered APIs to their source repositories and enabling continuous testing as code changes.

Create a GitLab Personal Access Token¶

1. Create a new Personal Access Token in your GitLab settings
2. Under Scopes, select:
   • api
   • read_api
   • read_repository
3. Copy your token immediately - it cannot be viewed again after leaving the page

For more details, see the GitLab documentation on Personal Access Tokens.

This integration enables comprehensive monitoring of API exposure and security across your GitLab projects.

Internal Networks and Services¶

When integrating with internal networks and services, you may need to:

• Configure a Private Location
• Whitelist FQDNs

For more information, see Private Locations.