Create a GitLab on premises connection

2 min read

Who can use this feature

Available on monday dev

Available on Enterprise plan

In order to set up an on premises connection with GitLab, you need to follow this guide.

Note: Below are the definitions that need to be done per GitLab's premise, which you'll only need to do once. In case you are the first user connecting to GitLab in your account, start there.

Definitions per user

Open the monday workflow builder and create an new GitLab on-premises trigger
When being asked to connect your GitLab account, add a new account
The values you'll need to fill are as follows:

GitLab base url: the url for your on-premises gitlab
Client ID: the application ID from your GitLab application (first step in account definitions below)
Client Secret: the secret from your GitLab application (first step in account definitions below)

Click continue to GitLab and then authorize monday.com

That's it! you can now enjoy your new monday dev GitLab integration

Definitions that need to be done per GitLab Premise

Creating a GitLab app

Note: This step could be done per premise or per user, it doesn't matter as long as users have access to the app id and secret when first connecting to GitLab in monday.
This means that if you're creating it per account, keep the app ID and secret accessible to your future selves.

Go to GitLab and navigate to the apps section by going to your user preferences, accessing the Applications tab, and adding a new application.
In the new GitLab application, fill in the values as follows:

Name: monday.com + GitLab (this is just a suggestion, but can be any value you'd like)

Redirect URI: https://apps-credentials.monday.com/authorize/oauth2/redirect-uri
Confidential: checked ✅
Scopes: check these fields: api ✅ read_api ✅ read_user ✅

Click on Save application
You should then be redirected to this screen:
Here you need to keep the application ID and Secret for creating the connection in monday.

GitLab API

For self-managed GitLab installations with network restrictions, it is critical to verify that all these API endpoints remain accessible:

GET /api/v4/groups
GET /api/v4/groups/<group_id>/projects
GET /api/v4/projects/<project_id>/hooks
GET /api/v4/user
GET /api/graphql
POST /oauth/token

Approve monday certification

In case your network blocks GoDaddy certificates:

For most users, this won't be an issue, depending on your VPN settings, but most VPNs are already familiar with GoDaddy.

Monday certificates are created with GoDaddy, so in case your networks won't verify GoDaddy certificates, you'll need to add the GoDaddy root certificate to your trusted certificates list in GitLab, for it to send the webhooks with SSL verification (which is the most secure).

To do that, you'll need to add this certificate to your GitLab container volumes:
under this directory (which should already exist): config/trusted-certs

Next, add a file called go-daddy-certificate.crt - the file name is unimportant, only the directory and file extension matter here, and add GoDaddy root certificate there (include the BEGIN CERTIFICATE/END CERTIFICATE headers/footers)

After that's done, you'll need to connect to your GitLab container's bash and run this command, which will tell GitLab to rebuild its trust store, including this new certificate: gitlab-ctl reconfigure

If you have any questions, please reach out to our team right here. We’re available 24/7 and happy to help.