Skip to main content
Git Sync requires integration with a Git provider (GitHub or GitLab). This guide covers the server-side configuration for self-hosted BRMS deployments.
For instructions on connecting and using Git Sync from the BRMS interface, see Git Sync.

Prerequisites

Before configuring Git integrations, ensure you have:
  1. A running BRMS instance with a publicly accessible URL (required for OAuth callbacks)
  2. Secrets management configured (required for GitLab)

Required environment variables

Both GitHub and GitLab integrations require these environment variables. Set them before proceeding with provider-specific configuration.

GitHub configuration

GitHub integration uses a GitHub App for authentication and repository access.

Step 1: Create a GitHub App

  1. Go to GitHub > Settings > Developer settings > GitHub Apps
  2. Click New GitHub App
  3. Fill in the required fields:

Step 2: Configure permissions

Under Repository permissions, set:

Step 3: Configure installation settings

  1. Check Request user authorization (OAuth) during installation
  2. Under “Where can this GitHub App be installed?”, choose:
    • Only on this account — For single organization use
    • Any account — If multiple organizations will use the integration

Step 4: Generate credentials

After creating the app:
  1. Note the App ID at the top of the settings page
  2. Note the Client ID in the app settings
  3. Generate a Client Secret and save it
  4. Scroll to Private keys and click Generate a private key
  5. Download the .pem file and Base64 encode it:

Step 5: Set GitHub environment variables

GitLab configuration

GitLab integration uses OAuth 2.0 and supports both GitLab.com and self-hosted instances.
GitLab integration requires secrets management to be configured. GitLab credentials (Application ID and Secret) are encrypted and stored using your configured secrets provider. Without secrets management, GitLab integration cannot be enabled.

Step 1: Create an OAuth application

Navigate to your GitLab instance and create an application at one of these locations:

Step 2: Configure the application

Step 3: Save credentials

After creating the application, GitLab displays:
  • Application ID — Save this
  • Secret — Save this (shown only once)
Unlike GitHub, GitLab credentials are entered through the BRMS UI during connection, not as environment variables. They are encrypted and stored using your secrets provider. No additional environment variables are required beyond those set in Step 1.

Environment variables reference

Required for all integrations

GitHub-specific

GitLab-specific

GitLab credentials are entered via the UI and stored encrypted in the database. No additional environment variables are required beyond APP_INTEGRATIONS_SECRET.

Troubleshooting

”Integration not configured” message

The integration card shows “Not configured” when required environment variables are missing. Verify all required variables are set and restart the API server.

GitHub: “App not installed” error

The GitHub App must be installed on the organization or account you want to connect. Users can install the app during the connection flow.

GitLab: “Invalid redirect URI” error

The Redirect URI in your GitLab OAuth application must exactly match:

GitLab: “URL must use HTTPS” error

GitLab requires HTTPS for OAuth applications. Ensure your GitLab URL starts with https://.

GitLab: “Secrets management required” error

GitLab integration requires secrets management to be configured. See Secrets management to set up a secrets provider.