WebsiteGarden Core
Searchโ€ฆ
Main
welcome
๐ŸŒณ
Getting Started
Adding Your First Project
Running Triggered Workflows
๐ŸŒฟ
Guides
Authenticating to your Providers
Automatic Environment Cleanup
User Groups, Roles and Permissions
Authentication via SAML
StackStreams
Managing Secrets
One-click Preview Environments
๐ŸŒบ
VCS Providers
Setting Up a GitHub App
Setting Up a GitLab App
๐Ÿ’
Cloud
Requirements
๐ŸŒป
Enterprise (Self-Hosted)
Requirements
Installation
Updating Garden Enterprise
Vault
PostgreSQL Configuration
Creating KMS Keys
Creating an AWS Load Balancer
Monitoring Services
Environment Configuration
Updating the Admin Console
๐ŸŒน
Misc
Release Notes
FAQ
Troubleshooting
Powered By GitBook
Setting Up a GitLab App
If GitLab is your VCS provider, you must create an OAuth application and a personal access token to connect with Garden Cloud. The app and access token will be used to authenticate users, import projects, run workflows on GitLab events (e.g. when a merge request is opened), and more.
The relevant app and user properties will be provided to Garden Cloud.

Creating an OAuth Application

Please see the official documentation for creating the Oauth application. While creating the application, fill in the appropriate values as described below.
Redirect URIs
The main URL for Garden Enterprise or the main URL for Garden Cloud provided by the Garden Team along with the appropriate paths:
https://<main-url>/gitlab/callback
https://<main-url>/gitlab/callback/cli
Note that you should have an entry for both the gitlab/callback endpoint and the gitlab/callback/cli endpoint.
Confidential
Selected.
Scopes
Select the following scopes:
  • api
  • read_user
  • read_api
  • read_repository
  • openid
  • profile
  • email.
Once the oauth service provider is created, you should get a Secret and an Application ID. You'll need these values during the Garden Cloud installation.

Creating an Access Token

We recommend creating a dedicated user service account for Garden Cloud, enabling 2FA authentication for that user and granting it access to only the repositories that Garden Cloud should have access to. This includes repositories that are referenced as remote sources in your Garden projects. Please make sure to add the user in the role of maintainer to the repositories and/or groups you want to use with Garden Cloud. The maintainer role is necessary, because Garden Cloud needs to create a webhook on each repository added in Garden Cloud.
Note that the access token only works for clones over HTTPS. If your workflow runs require remote sources to be cloned over SSH, you will need to configure git specifically for that.
Once the user is set up, please follow the official documentation for create an access token.
The access token must have the following scopes:
  • api
  • read_user
  • read_api
  • read_repository
  • write_repository
You can optionally set an expiry date date on the token, in which case you must make sure to update the token in Garden Cloud before it expires. You can update the token via the Replicated admin console.
You'll need this access token when installing Garden Cloud.

Required Values for Garden Cloud

You'll need to have the following values at hand when installing Garden Cloud:
  • The Oauth application Application ID you received when creating the Oauth application.
  • The Oauth application Secret you received when creating the Oauth application.
  • The GitLab instance hostname. If you're using hosted GitLab, this is simply gitlab.com
  • The GitLab Access Token.
You'll also need to provide a GitLab webhooks secret during the installation that's used internally between Garden Cloud and GitLab. Note that this is only in the context of installing Garden Cloud, you won't find this value in GitLab.
VCS Providers - Previous
Setting Up a GitHub App
Next - Cloud
Requirements
Last modified 6mo ago
Copy link
Outline
Creating an OAuth Application
Creating an Access Token
Required Values for Garden Cloud