> ## Documentation Index
> Fetch the complete documentation index at: https://hacktronai-changelog-e1a164be.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# GitLab

> Configure repository access for GitLab.com and self-hosted GitLab.

## Prerequisites

You need to be an owner of the GitLab group you want to connect to Hacktron.
This is required to create a service account for Hacktron to use.

## Configure access

<Steps>
  <Step title="Open Service Accounts page">
    In GitLab, under the group you want to connect to Hacktron, go to
    **Settings** and select **Service Accounts**.

    <img src="https://mintcdn.com/hacktronai-changelog-e1a164be/dpUdS1BJ16uy6tXP/images/gitlab_sa.png?fit=max&auto=format&n=dpUdS1BJ16uy6tXP&q=85&s=6ffbd9baddfc379d764eea7b584f0d82" alt="GitLab Service Accounts" width="2256" height="1181" data-path="images/gitlab_sa.png" />
  </Step>

  <Step title="Create a new service account">
    Give the service account a descriptive name, e.g. "Hacktron".

    <img src="https://mintcdn.com/hacktronai-changelog-e1a164be/dpUdS1BJ16uy6tXP/images/create_sa.png?fit=max&auto=format&n=dpUdS1BJ16uy6tXP&q=85&s=d8347fa97a360bbe7ff4a246b911f4a0" alt="Create Service Account" width="1136" height="486" data-path="images/create_sa.png" />

    Click **Create**.
  </Step>

  <Step title="Grant Maintainer access to the service account">
    In the Group or Projects you want to connect to Hacktron, grant the
    service account Maintainer access.

    <img src="https://mintcdn.com/hacktronai-changelog-e1a164be/dpUdS1BJ16uy6tXP/images/invite_sa.png?fit=max&auto=format&n=dpUdS1BJ16uy6tXP&q=85&s=5a9b37a6f8e30e6219fbbc4775649238" alt="Grant Service Account Maintainer Access" width="747" height="582" data-path="images/invite_sa.png" />
  </Step>

  <Step title="Create a new personal access token">
    In the service account page, select the service account and click on
    **Manage access tokens**.

    <img src="https://mintcdn.com/hacktronai-changelog-e1a164be/dpUdS1BJ16uy6tXP/images/manage_token.png?fit=max&auto=format&n=dpUdS1BJ16uy6tXP&q=85&s=6a49e836023a1116736e0054a04e1957" alt="Manage Service Account Tokens" width="1816" height="682" data-path="images/manage_token.png" />

    Click on **Add new token**, and grant it the `api` scope:

    * `api`

    <Info>
      The `api` scope is required because Hacktron registers merge-request
      webhooks on your projects (a write operation) to receive events and run
      code reviews. Hacktron does not retain any source code after each review
      is complete.
    </Info>

    Click **Generate token**.

    <img src="https://mintcdn.com/hacktronai-changelog-e1a164be/dpUdS1BJ16uy6tXP/images/token.png?fit=max&auto=format&n=dpUdS1BJ16uy6tXP&q=85&s=d2769fd6034a5755cd3572443cea42af" alt="Token Permissions" width="1816" height="845" data-path="images/token.png" />

    <Warning>
      **Personal access tokens have expiration dates.** Ensure the expiration date covers the duration of your intended use of Hacktron to avoid service interruption.
    </Warning>
  </Step>

  <Step title="Open Integrations page">
    In Hacktron, go to **Integrations** and click **Connect** under **GitLab**.

    <img src="https://mintcdn.com/hacktronai-changelog-e1a164be/dpUdS1BJ16uy6tXP/images/gitlab.png?fit=max&auto=format&n=dpUdS1BJ16uy6tXP&q=85&s=52274fc4689d6e1b23d6f60ba6e1a557" alt="GitLab Integration" width="565" height="267" data-path="images/gitlab.png" />
  </Step>

  <Step title="Enter the token">
    Enter the token you created earlier, and click **Connect**.
  </Step>
</Steps>

That's it! Hacktron will now run security reviews for every pull request in the selected repositories.

## Self-hosted GitLab / GitLab Enterprise

Hacktron supports self-hosted GitLab and GitLab Enterprise through the same
Personal Access Token flow described above. The only difference is one extra
step when you connect.

Follow the same **Configure access** steps to create a service account
(**Settings** → **Service Accounts**), grant it Maintainer access, and generate
a token from the service account's **Manage access tokens** with the `api`
scope.

<Note>
  On self-managed GitLab, service accounts require GitLab EE, and by default
  only an instance administrator can create them (administrators can also
  allow top-level group Owners to create them). Alternatively, a personal
  access token from any user with Maintainer access and the same scopes works
  identically.
</Note>

When you open the **Connect GitLab** modal in Hacktron, select **Self-hosted /
GitLab Enterprise** and enter your instance's base URL (e.g.
`https://gitlab.example.com`) before entering the token.

<Note>
  Self-hosted prerequisites:

  * Your GitLab instance must be reachable from Hacktron over HTTPS with a
    valid TLS certificate.
  * GitLab installed under a URL subpath (e.g. `https://example.com/gitlab`)
    is not supported — the base URL must be the instance origin.
  * The token must carry the `api` scope on your self-hosted instance.
</Note>
