Skip to content

Add GitLab Support: Recon & CI/CD Pipeline Execution#1

Open
F41zK4r1m wants to merge 13 commits intonopcorn:mainfrom
F41zK4r1m:main
Open

Add GitLab Support: Recon & CI/CD Pipeline Execution#1
F41zK4r1m wants to merge 13 commits intonopcorn:mainfrom
F41zK4r1m:main

Conversation

@F41zK4r1m
Copy link

@F41zK4r1m F41zK4r1m commented Sep 9, 2025

Summary

This pull request adds native GitLab support to RascalRunner, including:

  • GitLab token reconnaissance (glrecon): Analyze accessible projects, permission levels, pipeline capabilities, etc.
  • GitLab CI/CD pipeline execution (glrun): Pushes arbitrary pipelines to GitLab projects (including self-hosted instances).
  • CLI improvements: Unified flags/help for both GitHub and GitLab usage.
  • Adds python-gitlab as a new dependency in requirements.txt.
  • Updated README for GitLab instructions.

Features

  • New modules: gitlab_wrapper.py, gitlabrecon.py, gitlabrunner.py
  • Supports public and self-hosted GitLab instances (custom --gitlab-url)
  • Recon output formatted with permissions table and CI/CD visibility
  • Maintains OPSEC: no key/org/emoji/hardcoded identifiers in comments/output

Usage

Recon example:

rascalrunner glrecon --gitlab-url https://gitlab.example.com/api/v4 --auth GITLAB_TOKEN

Pipeline run example:

rascalrunner glrun --gitlab-url https://gitlab.example.com/api/v4 --auth GITLAB_TOKEN --target group/project --pipeline-file ./ci.yml

Additional Info

  • All existing GitHub features remain unchanged.
  • Feedback/testing for self-hosted GitLab welcomed.
  • Maintainer edits allowed.

Let me know if more detail or a cut-down version is needed!

F41zK4r1m added 13 commits August 31, 2025 01:52
@F41zK4r1m
Create gitlab_wrapper.py
b7834cc
@F41zK4r1m
Create gitlabrecon.py
cc147c5
@F41zK4r1m
Create gitlabrunner.py
f3d918b
@F41zK4r1m
Update requirements.txt: Add python-gitlab and fix requests capitaliz…
7fed8c8 
…ationUpdate requirements.txt: Add python-gitlab and fix requests capitalizationUpdate requirements.txt

- Added python-gitlab>=3.0.0 for advanced GitLab users
- Fixed capitalization of requests (was Requests)
- Ensured all dependencies used by gitlabrecon.py and gitlabrunner.py are included
@F41zK4r1m
Add GitLab reconnaissance support documentationAdd GitLab reconnaissa…
c2c621f 
…nce support documentationUpdate README.md
@F41zK4r1m
Delete gitlab_wrapper.py
c9f469a
@F41zK4r1m
Delete gitlabrecon.py
a2b546e
@F41zK4r1m
Delete gitlabrunner.py
3a86f82
@F41zK4r1m
Update cli.py to add the Gitlab recon functionality
741b2fb
@F41zK4r1m
Create gitlabrecon.py
17e96b5
@F41zK4r1m
Create gitlabrunner.py
5ea976b
@F41zK4r1m
Create gitlab_wrapper.py
cb364a3
@F41zK4r1m
Update README.md
e7d6251
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@F41zK4r1m