HERE’S WHY
Managing your framework requirements can require coordination and collaboration with other members of your organization. Drata has the ability to integrate with your company’s GitLab setup, create tasks, and assign them to members of your organization.
BEFORE DIVING IN
Users with Admin, Information security lead, or Workspace admin access can create and view GitLab tickets within Drata, however, a user must have Admin access in order to set up or edit the GitLab connection
Enable write access with GitLab
When GitLab Issues is connected, the “write access” enables additional functionality that allows you to create GitLab tickets (or tasks as they are called on GitLab) through Drata.
The “write access” toggle is automatically enabled. If you do not want to enable “write access” then you can toggle it off. If it is toggled “off”, you will not be able to create tickets with GitLab Issues.
The slide-out panel will provide step-by-step instructions to set up the connection.
Creating GitLab Tickets via Drata
When 'Write Access' is enabled you are able to create tickets from any Control Details, Test Details, or Risk Details (in Risk Management) drawer.
If there are no tickets currently associated with a Control, Test, or Risk, you will be prompted to create one to get started.
Choose a project. You can select a Project where you want the ticket to be created in.
Choose a ticket type. You can select an Issue or Incident as the ticket type.
Complete your ticket details. Drata will pull all the fields from your GitLab account for that ticket type. The Title and Description will be auto-filled with information about the control, risk, or test.
Note: for the epic and milestone fields, we only show those that are characterized as “open” on GitLab
Click on Create ticket once you are finished completing the ticket details you’d like to input.
Viewing and Managing Tickets in Drata
When GitLab tickets have been created for a specific Control, Test, or Risk (in Risk Management), they will display within the drawer. The most recently added ticket will display at the top of the list.
Each ticket listing includes the following information:
Ticket Summary / Short Description – as entered by the user
Date the ticket was created
Date the ticket was updated
Ticket Status – as reported by GitLab.
Name of Assignee – tickets can be assigned to any selectable GitLab User.
Name of the person who created the ticket
To view, edit, and manage a ticket, click the Manage Ticket link and you'll be taken to GitLab.
To download the ticket information, click on Download ticket. This will download a zip which will contain a pdf of the ticket details.
To unlink a ticket from the control, test, or risk, click Remove. Unlinking a ticket will not delete the ticket in your GitLab account. Note: once a ticket is removed, it cannot be re-linked.
A maximum of three ‘In Progress’ tasks will display in the list in the drawer. To see all tickets associated with a particular Control, Test, or Risk (in Risk Management), click the ‘View all tasks’ link and a modal will open.
Here the tickets are divided into two standardized categories, 'In Progress' and 'Done':
In Progress – Tickets that are not “closed” in your GitLab instance.
Completed– Tickets in a completed state in your GitLab instance, i.e. Closed, Done, etc.
Only tickets created in Drata for that specific Control, Test, or Risk (in Risk Management) will display in Drata. Tickets created directly in GitLab will not be pulled into the Drata application for ticket management.