Connect a GitLab Repository
In Buzzbin, a repository is the main unit for settings, spend, and review history. You connect it once, and after that GitLab events keep reviews flowing.
What you need
- The repository HTTPS URL
- A Project Access Token created in that same GitLab project
Maintainerrole for the token/botapiandread_repositoryscopes
Buzzbin needs both repository access and permission to manage the project
webhook. That is why Maintainer is required; Developer is not enough for the
automatic webhook flow even if some scopes exist.
Official GitLab references:
If you want the same flow with Buzzbin-specific recommendations, open Create a GitLab Project Access Token.
Create the project access token in GitLab
If you do not have a token yet, this is usually the fastest path:
- Open the target project in GitLab.
- In the left sidebar, go to
Settings > Access tokens. - Select
Add new token. - Enter a clear token name such as
buzzbin-reviewer. - Optionally add a description and expiration date.
- Set the token role to
Maintainer. - Select the
apiandread_repositoryscopes. - Select
Create project access tokenand copy the token immediately.
Important token notes
- GitLab does not show the full token value again after you leave or refresh the page.
- If you do not set an expiration date, GitLab usually applies a default expiry.
- Creating a project access token also creates a bot user for that project, and Buzzbin output is associated with that bot identity.
- If the token expires, is rotated, or is revoked, Buzzbin stops working with that token until you provide the new value.
Connection steps
- Open the organization in Buzzbin and go to Repositories.
- Choose to add a repository.
- Enter the repository name, HTTPS URL, and Project Access Token.
- Buzzbin validates the token live.
- On success, Buzzbin registers the project webhook automatically.
What Buzzbin does behind the scenes
On a successful connection, Buzzbin:
- validates the token, scopes, and role
- resolves the project identity and connection metadata
- stores the token in encrypted form and keeps only a non-sensitive hint
- registers a webhook for merge request, note, and related events
- seeds the initial review configuration for the repository
Common connection failures
These are the most common reasons a connection fails:
- the token is invalid
- the token is missing
apiorread_repository - the token role is lower than
Maintainer - the GitLab host is not reachable from Buzzbin servers
If the repository was connected before and later stopped working, rotate the token. Buzzbin re-validates the new token and repairs the webhook when needed.
Security notes
- Buzzbin does not keep repository source code as permanent stored data.
- The Project Access Token is encrypted at rest.
- The full token is not returned in API responses, logs, or settings screens.
- When needed, you can rotate the token in GitLab and then update the repository settings in Buzzbin with the new value.
Next step
After the repository is connected, the next useful pages are How reviews work, Comment Answers, Repository lifecycle, Findings, severity, and expected output, and Review existing open merge requests.