Gitlab-api-filter NPM

GitLab API Filter

A delegate to limit the scope of GitLab APIs.

Sometimes, GitLab's APIs are too dangerous to be exposed fully. This project acts as a delegate, it can control which part of the APIs are allowed.

Installation

$ npm install -g gitlab-api-filter

Setup

Create a configuration file: gitlab-api-filter.jsonc:

blacklist contains a list of APIs that should be blocked. whitelist contains a list of APIs that should be exposed.

accessToken or environment variable GITLAB_AF_ACCESS_TOKEN contains the Personal Access Token, which is acquired from https://gitlab.example.com/profile/personal_access_tokens

Start

$ gitlab-api-filter
Starting server with options...
port: 8080
upstream.url: https://gitlab.xxx.com
upstream.accessToken: xxxxxxxxxxxxxxxxxxxx
blacklist: [
  "/api/v4/projects/:id/repository*",
  "/api/v4/projects/:id/search"
]
whitelist: [
  "/api/v4/projects/:id/repository/branches",
  "/api/v4/projects/:id/repository/tags",
  "/api/v4/projects/:id/repository/commits"
]
Server started at http://localhost:8080

Changelog

1.3.0 2020-09-15 Support secret. Fix missing response header such as 'x-page'.
1.2.2 2020-09-15 Add 'blacklist'. Rename 'filters' to 'whitelist'. Rename 'url' and 'accessToken' to 'upstream.url' and 'upstream.accessToken'.

git repository

deep-extend express path-match request strip-json-comments url

@infinitebrahmanuniverse/nolb-gitl @everything-registry/sub-chunk-1766 @zalastax/nolb-gitl

4 years ago

4 years ago

4 years ago

4 years ago

4 years ago