Codecora Codecora

GitLab Setup

Configure Codecora for GitLab using a Personal Access Token. Works with gitlab.com and self-hosted instances.

🔑 PAT-based Setup

Prerequisites

  • A GitLab account (gitlab.com or self-hosted)
  • A repository where you have developer permissions or higher
  • An OpenAI-compatible API key (OpenAI, Anthropic, Groq, etc.)

Step 1: Generate Personal Access Token

First, create a Personal Access Token (PAT) in GitLab with the required permissions:

  1. Go to GitLab Settings → Access Tokens
    • gitlab.com: https://gitlab.com/-/user_settings/personal_access_tokens
    • Self-hosted: https://your-gitlab-instance.com/-/user_settings/personal_access_tokens
  2. Click "Add new token"
  3. Name it something recognizable like "Codecora"
  4. Set an expiration date (or no expiration for development)
  5. Select the following scopes:

    Required scopes:

    • ✓ api
    • ✓ read_repository
    • ✓ write_repository
  6. Click "Create personal access token"
  7. Important: Copy the token immediately. You won't be able to see it again!

Step 2: Add GitLab to Codecora

  1. Go to the Codecora dashboard at codecora.dev/dashboard
  2. Click "Add Repository" or "Add Integration"
  3. Select "GitLab" as the platform
  4. Enter your GitLab instance URL:
    • For gitlab.com: https://gitlab.com
    • For self-hosted: https://your-gitlab-instance.com
  5. Paste your Personal Access Token
  6. Click "Test Connection" to verify the token works
  7. Click "Save" to add the integration

Step 3: Configure Webhook

For Codecora to automatically review your merge requests, you need to configure a webhook in GitLab:

  1. Go to your GitLab project → Settings → Webhooks
  2. Click "Add new webhook"
  3. Enter the webhook URL:
    https://codecora.dev/webhooks/gitlab
  4. Select trigger events:
    • ✓ Merge request events
    • ✓ Push events (optional, for branch updates)
  5. Click "Add webhook"
  6. Test the webhook by clicking the "Test" button and selecting "Merge request events"

📝 Webhook Secret

The webhook will be secured with a secret that's automatically generated. Copy the webhook URL from the Codecora dashboard to ensure proper authentication.

Step 4: Configure AI Provider

If you haven't already configured your AI provider:

  1. Go to Settings → AI Provider in the dashboard
  2. Choose your provider (OpenAI, Anthropic, Groq, etc.)
  3. Enter your API key
  4. Test the connection
  5. Save your settings

Step 5: Enable Repositories

After connecting GitLab, Codecora will show your accessible repositories:

  1. In the dashboard, go to Repositories
  2. Find the GitLab repositories you want to enable
  3. Toggle the switch to enable Codecora for each repository
  4. Configure review preferences per repository (optional)

Self-Hosted GitLab

Codecora works with self-hosted GitLab instances too:

  • Use your self-hosted URL when adding the integration
  • Generate the PAT in your self-hosted instance
  • Configure webhooks to point to https://codecora.dev/webhooks/gitlab
  • Ensure your GitLab instance can reach Codecora's servers (no firewall blocking)

🔒 Private Network?

If your GitLab instance is on a private network without internet access, you'll need to use the self-hosted version of Codecora. Contact us for enterprise options.

Troubleshooting

Webhook not triggering?

  • Check the webhook URL is correct: https://codecora.dev/webhooks/gitlab
  • Verify the webhook secret matches
  • Check recent webhook deliveries in GitLab webhook settings
  • Ensure "Merge request events" is selected as a trigger

PAT authentication failed?

  • Verify the token has the required scopes (api, read_repository, write_repository)
  • Check the token hasn't expired
  • Ensure you're using the correct GitLab instance URL
  • Try regenerating the token and updating in Codecora

Can't see repositories?

  • Ensure your PAT has the api scope
  • Verify you have access to the repositories in GitLab
  • Check you're using the correct GitLab instance URL

Next Steps