feat: specify GitLab URL to connect to

apis/externalsecrets/v1alpha1/secretstore_gitlab_types.go

@@ -18,13 +18,15 @@ import (
 	esmeta "github.com/external-secrets/external-secrets/apis/meta/v1"
 )
 
-// Configures an store to sync secrets using a IBM Cloud Secrets Manager
-// backend.
+// Configures a store to sync secrets with a GitLab instance.
 type GitlabProvider struct {
-	// Auth configures how secret-manager authenticates with the IBM secrets manager.
+	// URL configures the GitLab instance URL. Defaults to https://gitlab.com/.
+	URL string `json:"url,omitempty"`
+
+	// Auth configures how secret-manager authenticates with a GitLab instance.
 	Auth GitlabAuth `json:"auth"`
 
-	// ProjectID project where secret is located
+	// ProjectID specifies a project where secrets are located.
 	ProjectID string `json:"projectID,omitempty"`
 }
 
@@ -33,6 +35,6 @@ type GitlabAuth struct {
 }
 
 type GitlabSecretRef struct {
-	// The Access Token is used for authentication
+	// AccessToken is used for authentication.
 	AccessToken esmeta.SecretKeySelector `json:"accessToken,omitempty"`
 }

deploy/crds/external-secrets.io_clustersecretstores.yaml

@@ -256,12 +256,12 @@ spec:
                     properties:
                       auth:
                         description: Auth configures how secret-manager authenticates
-                          with the IBM secrets manager.
+                          with a GitLab instance.
                         properties:
                           SecretRef:
                             properties:
                               accessToken:
-                                description: The Access Token is used for authentication
+                                description: AccessToken is used for authentication.
                                 properties:
                                   key:
                                     description: The key of the entry in the Secret
@@ -285,7 +285,12 @@ spec:
                         - SecretRef
                         type: object
                       projectID:
-                        description: ProjectID project where secret is located
+                        description: ProjectID specifies a project where secrets are
+                          located.
+                        type: string
+                      url:
+                        description: URL configures the GitLab instance URL. Defaults
+                          to https://gitlab.com/.
                         type: string
                     required:
                     - auth

deploy/crds/external-secrets.io_secretstores.yaml

@@ -256,12 +256,12 @@ spec:
                     properties:
                       auth:
                         description: Auth configures how secret-manager authenticates
-                          with the IBM secrets manager.
+                          with a GitLab instance.
                         properties:
                           SecretRef:
                             properties:
                               accessToken:
-                                description: The Access Token is used for authentication
+                                description: AccessToken is used for authentication.
                                 properties:
                                   key:
                                     description: The key of the entry in the Secret
@@ -285,7 +285,12 @@ spec:
                         - SecretRef
                         type: object
                       projectID:
-                        description: ProjectID project where secret is located
+                        description: ProjectID specifies a project where secrets are
+                          located.
+                        type: string
+                      url:
+                        description: URL configures the GitLab instance URL. Defaults
+                          to https://gitlab.com/.
                         type: string
                     required:
                     - auth

docs/provider-gitlab-project-variables.md

@@ -8,7 +8,7 @@ The API requires an access token and project ID. To create a new access token, g
 
 ![token-details](./pictures/screenshot_gitlab_token.png)
 
-Click 'Create personal access token', and your token will be generated and displayed on screen. Copy or save this token since you can't access it again. 
+Click 'Create personal access token', and your token will be generated and displayed on screen. Copy or save this token since you can't access it again.
 ![token-created](./pictures/screenshot_gitlab_token_created.png)
 
 
@@ -22,7 +22,7 @@ Create a secret containing your access token:
 ```
 
 ### Update secret store
-Be sure the `gitlab` provider is listed in the `Kind=SecretStore` and the ProjectID is set
+Be sure the `gitlab` provider is listed in the `Kind=SecretStore` and the ProjectID is set. If you are not using `https://gitlab.com`, you must set the `url` field as well.
 
 ```yaml
 {% include 'gitlab-secret-store.yaml' %}

docs/snippets/gitlab-secret-store.yaml

@@ -6,6 +6,7 @@ spec:
   provider:
     # provider type: gitlab
     gitlab:
+      # url: https://gitlab.mydomain.com/
       auth:
         SecretRef:
           accessToken:

docs/spec.md

@@ -1213,8 +1213,7 @@ GitlabSecretRef
 <a href="#external-secrets.io/v1alpha1.SecretStoreProvider">SecretStoreProvider</a>)
 </p>
 <p>
-<p>Configures an store to sync secrets using a IBM Cloud Secrets Manager
-backend.</p>
+<p>Configures a store to sync secrets with a GitLab instance.</p>
 </p>
 <table>
 <thead>
@@ -1226,6 +1225,17 @@ backend.</p>
 <tbody>
 <tr>
 <td>
+<code>url</code></br>
+<em>
+string
+</em>
+</td>
+<td>
+<p>URL configures the GitLab instance URL. Defaults to <a href="https://gitlab.com/">https://gitlab.com/</a>.</p>
+</td>
+</tr>
+<tr>
+<td>
 <code>auth</code></br>
 <em>
 <a href="#external-secrets.io/v1alpha1.GitlabAuth">
@@ -1234,7 +1244,7 @@ GitlabAuth
 </em>
 </td>
 <td>
-<p>Auth configures how secret-manager authenticates with the IBM secrets manager.</p>
+<p>Auth configures how secret-manager authenticates with a GitLab instance.</p>
 </td>
 </tr>
 <tr>
@@ -1245,7 +1255,7 @@ string
 </em>
 </td>
 <td>
-<p>ProjectID project where secret is located</p>
+<p>ProjectID specifies a project where secrets are located.</p>
 </td>
 </tr>
 </tbody>
@@ -1274,7 +1284,7 @@ github.com/external-secrets/external-secrets/apis/meta/v1.SecretKeySelector
 </em>
 </td>
 <td>
-<p>The Access Token is used for authentication</p>
+<p>AccessToken is used for authentication.</p>
 </td>
 </tr>
 </tbody>

pkg/provider/gitlab/gitlab.go

@@ -47,7 +47,7 @@ type Client interface {
 	GetVariable(pid interface{}, key string, options ...gitlab.RequestOptionFunc) (*gitlab.ProjectVariable, *gitlab.Response, error)
 }
 
-// Gitlab Provider struct with reference to a github client and a projectID.
+// Gitlab Provider struct with reference to a GitLab client and a projectID.
 type Gitlab struct {
 	client    Client
 	projectID interface{}
@@ -127,8 +127,17 @@ func (g *Gitlab) NewClient(ctx context.Context, store esv1alpha1.GenericStore, k
 	}
 
 	var err error
-	// Create a new Gitlab client using credentials
-	gitlabClient, err := gitlab.NewClient(string(cliStore.credentials), nil)
+
+	// Create client options
+	var opts []gitlab.ClientOptionFunc
+	if cliStore.store.URL != "" {
+		opts = append(opts, gitlab.WithBaseURL(cliStore.store.URL))
+	}
+	// ClientOptionFunc from the gitlab package can be mapped with the CRD
+	// in a similar way to extend functionality of the provider
+
+	// Create a new Gitlab client using credentials and options
+	gitlabClient, err := gitlab.NewClient(string(cliStore.credentials), opts...)
 	if err != nil {
 		log.Logf("Failed to create client: %v", err)
 	}