diggerhq · motatoes · Apr 2, 2025 · Mar 25, 2025 · Mar 25, 2025 · Mar 25, 2025
diff --git a/backend/controllers/connections.go b/backend/controllers/connections.go
@@ -38,7 +38,7 @@ func ListVCSConnectionsApi(c *gin.Context) {
 	connectionsSlim := lo.Map(connections, func(c models.VCSConnection, i int) gin.H {
 		return gin.H{
 			"connection_id":   c.ID,
-			"vcs":             "bitbucket",
+			"vcs":             c.VCSType,
 			"connection_name": c.Name,
 		}
 	})
@@ -64,6 +64,8 @@ func CreateVCSConnectionApi(c *gin.Context) {
 		Name                   string `json:"connection_name"`
 		BitbucketAccessToken   string `json:"bitbucket_access_token"`
 		BitbucketWebhookSecret string `json:"bitbucket_webhook_secret"`
+		GitlabAccessToken      string `json:"gitlab_access_token"`
+		GitlabWebhookSecret    string `json:"gitlab_webhook_secret"`
 	}
 
 	var request CreateVCSConnectionRequest
@@ -72,7 +74,8 @@ func CreateVCSConnectionApi(c *gin.Context) {
 		return
 	}
 
-	if request.VCS != "bitbucket" {
+	if request.VCS != string(models.DiggerVCSBitbucket) &&
+		request.VCS != string(models.DiggerVCSGitlab) {
 		log.Printf("VCS type not supported: %v", request.VCS)
 		c.JSON(http.StatusBadRequest, gin.H{"error": "VCS type not supported"})
 		return
@@ -87,34 +90,35 @@ func CreateVCSConnectionApi(c *gin.Context) {
 
 	bitbucketAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketAccessToken)
 	if err != nil {
-		log.Printf("could not encrypt access token: %v", err)
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt access token"})
+		log.Printf("could not encrypt bitbucket access token: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket access token"})
 		return
 	}
 
 	bitbucketWebhookSecretEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketWebhookSecret)
 	if err != nil {
-		log.Printf("could not encrypt webhook secret: %v", err)
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt webhook secret"})
+		log.Printf("could not encrypt bitbucket webhook secret: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket webhook secret"})
+		return
+	}
+
+	gitlabAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.GitlabAccessToken)
+	if err != nil {
+		log.Printf("could not encrypt gitlab access token: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
+		return
+	}
+
+	gitlabWebhookSecret, err := utils.AESEncrypt([]byte(secret), request.GitlabWebhookSecret)
+	if err != nil {
+		log.Printf("could not encrypt gitlab webhook secret: %v", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
 		return
 	}
 
-	connection, err := models.DB.CreateVCSConnection(
-		request.Name,
-		0,
-		"",
-		"",
-		"",
-		"",
-		"",
-		"",
-		"",
-		bitbucketAccessTokenEncrypted,
-		bitbucketWebhookSecretEncrypted,
-		org.ID,
-	)
+	connection, err := models.DB.CreateVCSConnection(request.Name, models.DiggerVCSType(request.VCS), 0, "", "", "", "", "", "", "", bitbucketAccessTokenEncrypted, bitbucketWebhookSecretEncrypted, gitlabWebhookSecret, gitlabAccessTokenEncrypted, org.ID)
 	if err != nil {
-		log.Printf("")
+		log.Printf("failed to create vcs connection")
 	}
 
 	c.JSON(http.StatusCreated, gin.H{

diff --git a/backend/go.sum b/backend/go.sum
@@ -742,6 +742,8 @@ github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm
 github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk=
 github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
 github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM=
+github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
+github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=

diff --git a/backend/migrations/20250325115901.sql b/backend/migrations/20250325115901.sql
@@ -0,0 +1,2 @@
+-- Modify "github_app_connections" table
+ALTER TABLE "public"."github_app_connections" ADD COLUMN "gitlab_access_token_encrypted" text NULL, ADD COLUMN "gitlab_webhook_secret_encrypted" text NULL;
diff --git a/backend/migrations/20250325134924.sql b/backend/migrations/20250325134924.sql
@@ -0,0 +1,2 @@
+-- Modify "github_app_connections" table
+ALTER TABLE "public"."github_app_connections" ADD COLUMN "vcs_type" text NULL DEFAULT 'bitbucket';
diff --git a/backend/migrations/atlas.sum b/backend/migrations/atlas.sum
@@ -1,4 +1,4 @@
-h1:pGuhEh2gQrZkYbjLCxVK+ZHO3jlFj99jjAO96gKlWlc=
+h1:FUyT8bE1jsztutCMQI5+hbieTDYCpac4f1BQk/RksrM=
 20231227132525.sql h1:43xn7XC0GoJsCnXIMczGXWis9d504FAWi4F1gViTIcw=
 20240115170600.sql h1:IW8fF/8vc40+eWqP/xDK+R4K9jHJ9QBSGO6rN9LtfSA=
 20240116123649.sql h1:R1JlUIgxxF6Cyob9HdtMqiKmx/BfnsctTl5rvOqssQw=
@@ -44,3 +44,5 @@ h1:pGuhEh2gQrZkYbjLCxVK+ZHO3jlFj99jjAO96gKlWlc=
 20250224152926.sql h1:EjoFpfeoCpk/SjSo2i7sajKCR3t7YCn+1ZgGJrT0L9Y=
 20250226185150.sql h1:K7e/3Zy2wSTqKa3iYpIb02GTAniYSXHObTIqOV9aOhM=
 20250302190926.sql h1:F3FnaGnZv1Hwmg6W9Nacg5fbdiYbZGgS/mkuogtCso0=
+20250325115901.sql h1:yrha7g515WPkFRHfidvtLVWMeQmRD8rzVyWtPbuk0ws=
+20250325134924.sql h1:5vywDVuT0FPmQKP75AvxopxOeuKXsTEN00rgQjnA+ss=
diff --git a/backend/models/github.go b/backend/models/github.go
@@ -17,6 +17,9 @@ type VCSConnection struct {
 	GithubAppUrl                    string
 	BitbucketAccessTokenEncrypted   string
 	BitbucketWebhookSecretEncrypted string
+	GitlabAccessTokenEncrypted      string
+	GitlabWebhookSecretEncrypted    string
+	VCSType                         DiggerVCSType `gorm:"default:bitbucket"`
 	OrganisationID                  uint
 	Organisation                    Organisation
 }

diff --git a/backend/models/storage.go b/backend/models/storage.go
@@ -438,9 +438,10 @@ func (db *Database) GetGithubAppInstallationLink(installationId int64) (*GithubA
 	return &link, nil
 }
 
-func (db *Database) CreateVCSConnection(name string, githubId int64, ClientID string, ClientSecretEncrypted string, WebhookSecretEncrypted string, PrivateKeyEncrypted string, PrivateKeyBase64Encrypted string, Org string, url string, bitbucketAccessTokenEnc string, bitbucketWebhookSecretEnc string, orgId uint) (*VCSConnection, error) {
+func (db *Database) CreateVCSConnection(name string, vcsType DiggerVCSType, githubId int64, ClientID string, ClientSecretEncrypted string, WebhookSecretEncrypted string, PrivateKeyEncrypted string, PrivateKeyBase64Encrypted string, Org string, url string, bitbucketAccessTokenEnc string, bitbucketWebhookSecretEnc string, gitlabWebhookSecret string, gitlabAccessToken string, orgId uint) (*VCSConnection, error) {
 	app := VCSConnection{
 		Name:                            name,
+		VCSType:                         vcsType,
 		GithubId:                        githubId,
 		ClientID:                        ClientID,
 		ClientSecretEncrypted:           ClientSecretEncrypted,
@@ -451,6 +452,8 @@ func (db *Database) CreateVCSConnection(name string, githubId int64, ClientID st
 		GithubAppUrl:                    url,
 		BitbucketWebhookSecretEncrypted: bitbucketWebhookSecretEnc,
 		BitbucketAccessTokenEncrypted:   bitbucketAccessTokenEnc,
+		GitlabWebhookSecretEncrypted:    gitlabWebhookSecret,
+		GitlabAccessTokenEncrypted:      gitlabAccessToken,
 		OrganisationID:                  orgId,
 	}
 	result := db.GormDB.Save(&app)

diff --git a/ee/backend/controllers/github.go b/ee/backend/controllers/github.go
@@ -192,7 +192,7 @@ func (d DiggerEEController) GithubAppConnectionsConfirm(c *gin.Context) {
 		return
 	}
 
-	_, err = models.DB.CreateVCSConnection(cfg.GetName(), cfg.GetID(), cfg.GetClientID(), clientSecretEnc, webhookSecretEnc, PEMEnc, PEM64Enc, *cfg.Owner.Login, cfg.GetHTMLURL(), "", "", orgId)
+	_, err = models.DB.CreateVCSConnection(cfg.GetName(), models.DiggerVCSGithub, cfg.GetID(), cfg.GetClientID(), clientSecretEnc, webhookSecretEnc, PEMEnc, PEM64Enc, *cfg.Owner.Login, cfg.GetHTMLURL(), "", "", "", "", orgId)
 	if err != nil {
 		log.Printf("failed to create github app connection record: %v", err)
 		c.String(500, fmt.Sprintf("Failed to create github app record on callback"))

diff --git a/ee/backend/go.mod b/ee/backend/go.mod
@@ -23,6 +23,7 @@ require (
 )
 
 require (
+	ariga.io/atlas-provider-gorm v0.5.0 // indirect
 	cel.dev/expr v0.16.1 // indirect
 	cloud.google.com/go v0.116.0 // indirect
 	cloud.google.com/go/auth v0.10.0 // indirect

diff --git a/ee/backend/go.sum b/ee/backend/go.sum
@@ -1,3 +1,7 @@
+ariga.io/atlas-go-sdk v0.2.3 h1:DpKruiJ9ElJcNhYxnQM9ddzupHXEYFH0Jx6ZcZ7lKYQ=
+ariga.io/atlas-go-sdk v0.2.3/go.mod h1:owkEEXw6jqne5KPVDfKsYB7cwMiMk3jtOiAAeKxS/yU=
+ariga.io/atlas-provider-gorm v0.5.0 h1:DqYNWroKUiXmx2N6nf/I9lIWu6fpgB6OQx/JoelCTes=
+ariga.io/atlas-provider-gorm v0.5.0/go.mod h1:8m6+N6+IgWMzPcR63c9sNOBoxfNk6yV6txBZBrgLg1o=
 cel.dev/expr v0.16.1 h1:NR0+oFYzR1CqLFhTAqg3ql59G9VfN8fKq1TCHJ6gq1g=
 cel.dev/expr v0.16.1/go.mod h1:AsGA5zb3WruAEQeQng1RZdGEXmBj0jvMWh6l5SnNuC8=
 cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
@@ -724,6 +728,8 @@ github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm
 github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk=
 github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
 github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM=
+github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
+github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=
 github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		-- Modify "github_app_connections" table
		ALTER TABLE "public"."github_app_connections" ADD COLUMN "gitlab_access_token_encrypted" text NULL, ADD COLUMN "gitlab_webhook_secret_encrypted" text NULL;