Skip to content

5. Play with GitLab Web API

Jump to bottom
Pierre-Yves Lapersonne edited this page Jan 27, 2025 · 2 revisions

Play with GitLab web API

Prerequisites

  • Ruby Gem: git 1.8.1

  • Python3

  • Create a GitLab personal token and define it in the configuration.rb file for the GILAB_PERSONAL_ACCESS_TOKEN variable.

  • Define the GitLab organization id in the configuration.rb file for the GITLAB_ORGANIZATION_ID variable. It will allow to send requests to query and modify your organization.

Prepare project

gem install git

Features

Make a backup of organization repositories

Keywords: #organisation #GitLab #repositories #clones #dump

This feature allows to clone all repositories of the defined GitLab organization (groups and subgroups incldued) and save them in a specific folder.

Run the following command:

bash GitLabWizard.sh backup-all-repositories-from-org

This script will get configuation details picked from the Ruby configuration file; and triggers another Shell script to make a CURL request to the GitLab endpoint. A Python code will be called so as to extract repositories URLbefoire the cloning operation.

You need to define in the configuration.rb files the GitLab organisation ID at GITLAB_ORGANIZATION_ID. You have to also define the location to store clones at REPOSITORIES_CLONE_LOCATION_PATH and the access token at GILAB_PERSONAL_ACCESS_TOKEN.

You should also have your git environment ready, i.e. add your SSH private key if you clone by SSH for example.

Check if there are leaks in organisation repositories (using gitleaks)

Keywords: #organisation #GitLab #repositories #leaks #gitleaks

Warning: This operation can take long time because of both Git histories and file trees parsing

This feature allows to check in all repositories of the GitHub organisation if there are leaks using the gitleaks tool.

Run the following command:

bash GitLabWizard.sh look-for-leaks

This script needs a GitLab personal access otken to make requests to GitLab API and also the GitLab group ID to use to get projects under it. The wizard Shell script will pick configuration details from the Ruby configuration file ; and triggers another Shell script for the data process. A Python code will be called too to process JSON sent by GItLab API..

The gitleaks tool will be used to look inside the repository. To install it:

brew install gitleaks

You need to define in the configuration.rb files the GitLab organisation ID at GITLAB_ORGANIZATION_ID. You have to also define the location to store clones at REPOSITORIES_CLONE_LOCATION_PATH and the access token at GILAB_PERSONAL_ACCESS_TOKEN.

You should also have your git environment ready i.e. add your SSH private key if you clone by SSH for example. gh must be installed, and python3 be ready. Obviously gitleaks must be installed

Make a year review of the GitLab organization

Keywords: #organisation #GitLab #KPI #year #review

You will need to define a .env file with the GitLab API token for key GITLAB_API_TOKEN, the organization name and some settings. Here the organization name is Orange-OpenSource, replace with your own and add the suitable token.

See for example:

GITLAB_API_TOKEN=your-api-token
ORGANIZATION_NAME=Orange-OpenSource

Run the following command to compute a year review of the organization

# Do not forget to install dependencies
pip install -r requirements.txt

# For year 2024
python3.8 gitlab-year-review.py --year 2024
Clone this wiki locally