Configure GitLab Webhooks

After the GitLab posting user has been created and the repositories are populating in the HackerOne Code dashboard successfully, the GitLab webhooks can be configured.

PreviousConfigure Bitbucket Webhooks NextConfigure Azure DevOps Webhooks

Last updated 27 days ago

Configure GitLab Webhooks

After the GitLab posting user has been created and the repositories are populating in the HackerOne Code dashboard successfully, the GitLab webhooks can be configured.

Configure Webhooks

GitLab allows webhooks to be configured on a GitLab Group level or per Project within a Group.

HackerOne strongly recommends configuring webhooks on the Group level so that new Projects your team creates will be immediately provisioned without service interruption.

(recommended)

Applying on the Group level

From your GitLab dashboard, select the desired GitLab Group -> Settings -> Webhooks:

Webhook Settings

URL

The base URL of your Proxy with the following:

/webhooks/gitlab

Triggers

Comments
Merge request events

SSL verification

Enable SSL Verification

OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:

You will need the same webhook secret for all of your repositories if you add one.
This secret must match the WEBHOOK_SECRET field when you configured the proxy.

Test Connection

Click the Add Webhook button; the webhook should appear in the Webhooks section at the bottom of the page.

Click the Test button to test the connection. You should receive a "Hook executed successfully:" message at the top of the screen.

If you received an error message, double-check the proxy base is valid and /webhooks/gitlab is added as a path.

Applying on the Project level

Webhooks can also be applied at the project level. The configuration is the same:

Webhook Settings

URL

The base URL of your Proxy with the following:

/webhooks/gitlab

Triggers

Comments
Merge request events

SSL verification

Enable SSL Verification

OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:

You will need the same webhook secret for all of your repositories if you add one.
Update your webhook secret in the PullRequest Proxy UI if you are adding one, otherwise the proxy will not be able to verify/process the webhooks.

Test Connection

Click the Add Webhook button; the webhook should appear in the Webhooks section at the bottom of the page.

Click the Test button to test the connection. This will expand a list of trigger types.

Select Merge request events from the list.

You should receive a "Hook executed successfully:" message at the top of the screen.

If you received an error message, double-check the proxy base is valid and /webhooks/gitlab is added as a path.

Repeat these steps for any other GitLab Projects listed in PullRequest that have not been configured.

PreviousConfigure Bitbucket Webhooks NextConfigure Azure DevOps Webhooks

Last updated 27 days ago

Configure Webhooks

GitLab allows webhooks to be configured on a GitLab Group level or per Project within a Group.

HackerOne strongly recommends configuring webhooks on the Group level so that new Projects your team creates will be immediately provisioned without service interruption.

(recommended)

Applying on the Group level

From your GitLab dashboard, select the desired GitLab Group -> Settings -> Webhooks:

Webhook Settings

URL

The base URL of your Proxy with the following:

/webhooks/gitlab

Triggers

Comments
Merge request events

SSL verification

Enable SSL Verification

OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:

You will need the same webhook secret for all of your repositories if you add one.
This secret must match the WEBHOOK_SECRET field when you configured the proxy.

Test Connection

Click the Add Webhook button; the webhook should appear in the Webhooks section at the bottom of the page.

Click the Test button to test the connection. You should receive a "Hook executed successfully:" message at the top of the screen.

If you received an error message, double-check the proxy base is valid and /webhooks/gitlab is added as a path.

Applying on the Project level

Webhooks can also be applied at the project level. The configuration is the same:

Webhook Settings

URL

The base URL of your Proxy with the following:

/webhooks/gitlab

Triggers

Comments
Merge request events

SSL verification

Enable SSL Verification

OPTIONAL - Add a webhook secret. The secret will be used to sign your webhook requests as they are posted to the proxy:

You will need the same webhook secret for all of your repositories if you add one.
Update your webhook secret in the PullRequest Proxy UI if you are adding one, otherwise the proxy will not be able to verify/process the webhooks.

Test Connection

Click the Add Webhook button; the webhook should appear in the Webhooks section at the bottom of the page.

Click the Test button to test the connection. This will expand a list of trigger types.

Select Merge request events from the list.

You should receive a "Hook executed successfully:" message at the top of the screen.

If you received an error message, double-check the proxy base is valid and /webhooks/gitlab is added as a path.

Repeat these steps for any other GitLab Projects listed in PullRequest that have not been configured.