Skip to main content
search

At the moment of writing this, it has been a long-lasting desire for Gitlab users to be able to see all members to any project within a group at a single glance or press of a button. It was also something I was looking for myself, since we use Gitlab as a company and therefore have to deal with people leaving us from time to time. When that happens we, of course, have to make sure they can no longer access the private repositories we keep in our Gitlab group. This is not only we feel the desire to do, but it’s also something which is simply an obligation, even more so since we got our ISO-27001 certificate. 

That is why I started to look for my own solution and luckily I came across the very easy and useful gitlab Python package. This made my life so much easier. The only thing I need to do now is to regularly run the script below, this gives me a complete overview in Excel of all users that are a member of our Cmotions group on Gitlab and it immediately shows me which repositories they can access and even what their access rights are. Easy does it!  

I start this script by importing the necessary packages, setting the value for the group_id I would like to get an overview of, and loading the .env file, where I’ve stored my personal access token for Gitlab. Just for myself, I’ve also created a dictionary to translate the access rights into readable values. 

import pandas as pd 
from dotenv import load_dotenv 
import os 
import gitlab 

load_dotenv() 
 
# you can find the group ID right on the home page of your group, just underneath the name of your group 
group_id = 123456789

# the translation of the access level codes according to Gitlab: https://docs.gitlab.com/ee/api/members.html 
access_dict = { 
    0: "no access", 
    5: "minimal access", 
    10: "guest", 
    20: "reporter", 
    30: "developer", 
    40: "maintainer", 
    50: "owner", 
} 

Now we can initialize the Gitlab API and start listing all information from within our group, this way we get a list of all projects (repositories) in the group and all of its subgroups. 

# init the gitlab object 
gl = gitlab.Gitlab(private_token=os.getenv("PRIVATE-TOKEN")) 

# get gitlab group 
group = gl.groups.get(group_id, lazy=True) 

# get all projects 
projects = group.projects.list(include_subgroups=True, all=True, owned=True) 

# get all project ids 
project_ids = [] 

for project in projects: 
    project_ids.append((project.id, project.path_with_namespace, project.name)) 

df_project = pd.DataFrame(project_ids, columns=["id", "path", "name"]) 

After retrieving all the projects, we can loop through them and get all members of each of the groups. This way, we end up with a complete list with all members within our group, to which repositories they have access and which access rights they have for each of these repositories. 

# get all members 
members = [] 

for _, row in df_project.iterrows(): 
    proj = gl.projects.get(row["id"], all=True) 
    for member in proj.members_all.list(get_all=True): 
        members.append( 
            ( 
                row["id"], 
                row["path"], 
                row["name"], 
                member.username, 
                member.state, 
                member.access_level, 
            ) 
        ) 

df_members = pd.DataFrame( 
    members, 
    columns=[ 
        "project_id", 
        "project_path", 
        "project_name", 
        "username", 
        "state", 
        "access_level_code", 
    ], 
).drop_duplicates() 

df_members["access_level"] = df_members["access_level_code"].map(access_dict) 
df_members.sort_values("username", inplace=True) 

And this list we can store as a csv file, which makes it easier to share with other people within the business if needed. 

# store as csv 
df_members.to_csv("gitlab_members.csv", sep=";", header=True, index=False) 

Good luck! 

Principal Consultant & Data Scientist j.schoonemann@cmotions.nl
Close Menu