Enable Gitlab Enterprise integration

Question

Enable Gitlab Enterprise integration

fdellwing opened this issue 2 months ago · comments

Describe the bug:
I tried to setup Thread Dragon with Gitlab integration, but I don't get the button to use it. The documentation (https://owasp.org/www-project-threat-dragon/docs-2/development-environment/) does not help here.

Expected behaviour:
Having a working integration

Environment:

Version: 2.2.0
Platform: Web App
OS: Linux (docker compose)
Browser: Firefox

To Reproduce:

Any additional context, screenshots, etc:

services:
  threatdragon:
    image: owasp/threat-dragon:stable
    ports:
      - 127.0.0.1:3000:3000
    environment:
      ENCRYPTION_KEYS: '[{"isPrimary": true, "id": 0, "value": "12345678"}]'
      ENCRYPTION_JWT_SIGNING_KEY: '12345678'
      ENCRYPTION_JWT_REFRESH_SIGNING_KEY: '12345678'
      SERVER_API_PROTOCOL: 'http'
      GITLAB_APPLICATION_ID: 'super-secret'
      GITLAB_APPLICATION_SECRET: 'gloas-12345678'
      GITLAB_REDIRECT_URI: 'https://td.foobar.com/api/oauth/return'
      GITLAB_ENTERPRISE_HOSTNAME: 'gitlab.foobar.com'

Jon Gadsden · Answer 1 · Mon Apr 15 2024 19:14:32 GMT+0800 (China Standard Time)

we need a gitlab step-by-step similar to the BitBucket step-by-step and the github step-by-step

Fabian Dellwing · Answer 2 · Mon Apr 15 2024 20:45:06 GMT+0800 (China Standard Time)

Ok, I played with it a bit more, but it came to a crashing halt pretty fast:

threatdragon-1  | error: controllers/auth.js:  {"service":"threat-dragon","timestamp":"2024-04-15 12:43:40"}
threatdragon-1  | error: Gitlab Enterprise is not supported yet {"service":"threat-dragon","stack":"Error: Gitlab Enterprise is not supported yet\n    at getClient (/app/td.server/dist/repositories/gitlabrepo.js:29:11)\n    at Object.userAsync (/app/td.server/dist/repositories/gitlabrepo.js:88:10)\n    at _callee$ (/app/td.server/dist/providers/gitlab.js:99:23)\n    at tryCatch (/app/td.server/node_modules/@babel/runtime/helpers/regeneratorRuntime.js:45:16)\n    at Generator.<anonymous> (/app/td.server/node_modules/@babel/runtime/helpers/regeneratorRuntime.js:133:17)\n    at Generator.next (/app/td.server/node_modules/@babel/runtime/helpers/regeneratorRuntime.js:74:21)\n    at asyncGeneratorStep (/app/td.server/node_modules/@babel/runtime/helpers/asyncToGenerator.js:3:24)\n    at _next (/app/td.server/node_modules/@babel/runtime/helpers/asyncToGenerator.js:22:9)\n    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)","timestamp":"2024-04-15 12:43:40"}
threatdragon-1  | error: undefined {"service":"threat-dragon","timestamp":"2024-04-15 12:43:40"}

Jon Gadsden · Answer 3 · Mon Apr 15 2024 20:48:52 GMT+0800 (China Standard Time)

ah, you are using GitLab Enterprise @fdellwing ? There is another thread on that in the slack channel, and @steve-winter may be submitting a pull request soon

Steve Winter · Answer 4 · Mon Apr 15 2024 21:26:29 GMT+0800 (China Standard Time)

I will get the PR pushed tomorrow. @fdellwing any assistance you can provide in testing would be appreciated.

Fabian Dellwing · Answer 5 · Mon Apr 15 2024 21:40:43 GMT+0800 (China Standard Time)

Sure, I'm happy to assist in testing.

Jon Gadsden · Answer 6 · Thu Apr 18 2024 13:00:04 GMT+0800 (China Standard Time)

thanks @steve-winter and @fdellwing for taking this on, I will assign the issue to you

Fabian Dellwing · Answer 7 · Wed Jun 05 2024 17:53:06 GMT+0800 (China Standard Time)

This is done.