LGTM Enterprise 1.25

Defining integrations with external systems

This topic relates to integrations that are set up in the administration interface. For details of automated code review—which is configured on a per-project basis from the Integrations tab of a project—see About automated code review in the user help.

Defining integrations between LGTM and the systems that provide access to your code, and information about users, is a fundamental stage in setting up LGTM Enterprise.

You define and modify integrations from the Integrations administration page. You integrate LGTM Enterprise with external systems to:

  • Enable users to log in to LGTM Enterprise using their account details for an external system.
  • (Optional: for enterprise-level repository management systems) Control user access to projects according to their permissions in the external system.
  • Provide LGTM Enterprise with access to repositories so that they can be added as projects for LGTM to analyze.
  • Set up alert tracking in an external issue tracking system such as Atlassian Jira.

You must define at least one integration that includes repository access before you can add projects to LGTM Enterprise for analyzing.

Integration with public repository management systems

LGTM supports integration with publicly visible repository management systems such as GitHub.com, Azure DevOps Services (VSTS), GitLab.com, and Bitbucket Cloud. This allows users to analyze public repositories.

If you define an integration with a public system on a server that is accessible to untrusted users, you should take additional steps to secure LGTM Enterprise:

  • Define a login allowlist to specify which users of the public system can log in to LGTM. Otherwise anyone with an account, who can access the LGTM Enterprise server, can log in.
  • Consider restricting the ability to add projects hosted by the public system to administrators. Otherwise, anyone who owns a project hosted on that system, and can log in to your LGTM Enterprise instance, will be able to add their project and enable automated code review. This allows your LGTM Enterprise instance to comment on that project.

For more information, see the separate topics on adding integrations listed below.

More information

For more information, see: