Google Cloud integration API

Tier: Free, Premium, Ultimate Offering: GitLab.com Status: Experiment

Use this API to interact with the Google Cloud integration. For more information, see GitLab and Google Cloud integration.

Project-level Google Cloud integration scripts

Status: Experiment
History

Workload identity federation creation script

History

Users with at least the Maintainer role for the project can use the following endpoint to query a shell script that creates and configures the workload identity federation in Google Cloud:

GET /projects/:id/google_cloud/setup/wlif.sh

Supported attributes:

Attribute Type Required Description
id integer Yes The ID a project.
google_cloud_project_id string Yes Google Cloud Project ID for the workload identity federation.
google_cloud_workload_identity_pool_id string No ID of the Google Cloud workload identity pool to create. Defaults to gitlab-wlif.
google_cloud_workload_identity_pool_display_name string No Display name of the Google Cloud workload identity pool to create. Defaults to WLIF for GitLab integration.
google_cloud_workload_identity_pool_provider_id string No ID of the Google Cloud workload identity pool provider to create. Defaults to gitlab-wlif-oidc-provider.
google_cloud_workload_identity_pool_provider_display_name string No Display name of the Google Cloud workload identity pool provider to created. Defaults to GitLab OIDC provider.

Example request:

curl --request GET \
     --header "PRIVATE-TOKEN: <your_access_token>" \
     --url "https://gitlab.com/api/v4/projects/<your_project_id>/google_cloud/setup/wlif.sh"

Script to set up a Google Cloud integration

History

Users with at least the Maintainer role for the project can use the following endpoint to query a shell script to set up a Google Cloud integration:

GET /projects/:id/google_cloud/setup/integrations.sh

Only the Google Artifact Management integration is supported. The script creates IAM policies to access Google Artifact Registry:

Supported attributes:

Attribute Type Required Description
id integer Yes The ID of a GitLab project.
enable_google_cloud_artifact_registry boolean Yes Flag to indicate if Google Artifact Management integration should be enabled.
google_cloud_artifact_registry_project_id string Yes Google Cloud Project ID for the Artifact Registry.

Example request:

curl --request GET \
     --header "PRIVATE-TOKEN: <your_access_token>" \
     --url "https://gitlab.com/api/v4/projects/<your_project_id>/google_cloud/setup/integrations.sh"

Script to configure a Google Cloud project for runner provisioning

History

Users with at least the Maintainer role for the project can use the following endpoint to query a shell script to configure a Google Cloud project for runner provisioning and execution:

GET /projects/:id/google_cloud/setup/runner_deployment_project.sh

The script performs preparatory configuration steps in the specified Google Cloud project, namely enabling required services and creating a GRITProvisioner role and a grit-provisioner service account.

Supported attributes:

Attribute Type Required Description
id integer Yes The ID of a GitLab project.
google_cloud_project_id string Yes The ID of the Google Cloud project.

Example request:

curl --request GET \
     --header "PRIVATE-TOKEN: <your_access_token>" \
     --url "https://gitlab.com/api/v4/projects/<your_project_id>/google_cloud/setup/runner_deployment_project.sh?google_cloud_project_id=<your_google_cloud_project_id>"