Skip to main content

No project description provided

Project description

pjdev-gitlab

PyPI - Version PyPI - Python Version

Async GitLab automation SDK. Wraps both the GitLab REST API v4 and GraphQL API directly with httpx.AsyncClient and Pydantic models. Covers issues, workItems (the GraphQL replacement for issues — status, comments, labels), merge requests, repository files, and the generic package registry.


Installation

pip install pjdev-gitlab

Configuration

pjdev-gitlab reads GL_* environment variables (or accepts the same values via init()):

variable required purpose
GL_TOKEN yes access token (api scope) — a PAT, or an OAuth token with GL_AUTH_SCHEME=bearer
GL_GITLAB_URL yes base URL, e.g. https://gitlab.com
GL_AUTH_SCHEME no private-token (default, PAT header) or bearer (OAuth access token)
GL_DEFAULT_PROJECT_ID no default project for service helpers
GL_OUTPUT_PATH no directory for downloaded files

OAuth 2.0 (per-user attribution)

To attribute API writes to a real person instead of a shared bot token, mint a short-lived OAuth access token with the interactive Authorization Code + PKCE flow and initialize with auth_scheme="bearer":

from pjdev_gitlab import config_service, oauth_service

# Opens a browser for sign-in/consent on first run; caches + refreshes the token
# per host under ~/.config/pjdev-gitlab/tokens/ (0600) on subsequent runs.
token = oauth_service.get_access_token(
    gitlab_url="https://gitlab.example.com",
    client_id="<registered PKCE app client id>",
)
config_service.init(
    token=token, gitlab_url="https://gitlab.example.com", auth_scheme="bearer"
)

The OAuth application must be registered as a non-confidential (PKCE) app with scope api and Redirect URI exactly http://localhost:7331/callback (override the port via get_access_token(redirect_port=...)). A bearer token is sent as Authorization: Bearer <token>; the default private-token scheme sends PRIVATE-TOKEN for personal/project/group access tokens.

pjdev-gitlab-auth console script

The same flow is exposed as a console script, so shell callers (e.g. skills) can mint a token without embedding any Python. It prints only the token to stdout and status to stderr:

TOKEN="$(uvx --from 'pjdev-gitlab' pjdev-gitlab-auth \
  --gitlab-url https://gitlab.example.com --client-id <client-id>)"

The library is instance-agnostic: --client-id (or GL_OAUTH_CLIENT_ID) is required and the host defaults to https://gitlab.com (override with --gitlab-url / GL_GITLAB_URL). Other flags: --client-secret, --redirect-port, --scopes, --force (each with a GL_OAUTH_* env equivalent).

Recommended: 1Password + op run

On a developer laptop, keep the token in 1Password and inject it into the host process with op run — the secret never sits in your shell environment or on disk in plaintext.

  1. Install the 1Password CLI (brew install --cask 1password-cli) and turn on Settings → Developer → Integrate with 1Password CLI in the desktop app.

  2. Store the token in 1Password (e.g. an API Credential titled GitLab — purplejay with a credential field).

  3. Drop a committable .env.op next to your project — references only, no real secrets:

    # .env.op
    GL_TOKEN="op://Private/GitLab — purplejay/credential"
    GL_GITLAB_URL="https://gitlab.purplejay.io"
    
  4. Launch your script — or the entire Claude Code session that will use this library — under op run:

    op run --env-file=.env.op -- python my_script.py
    op run --env-file=.env.op -- claude
    

op run resolves the references, exports them to the subprocess, and tears them down on exit. Inside Python, just call config_service.init() with no arguments and the values flow in from the environment.

In CI, skip 1Password and set GL_TOKEN/GL_GITLAB_URL from the job's existing variables (e.g. CI_JOB_TOKEN for project-scoped operations).

Usage

import asyncio
from pjdev_gitlab import config_service, issues_service
from pjdev_gitlab.models import StateEvent

async def main() -> None:
    # Token & URL come from GL_TOKEN / GL_GITLAB_URL (e.g. via `op run`).
    config_service.init(default_project_id="my-group/my-project")

    issue = await issues_service.create_issue(
        project_id="my-group/my-project",
        title="Bug: timeout on /widgets",
        description="The endpoint times out under load.\n\n/label ~bug ~priority::high",
        labels=["bug"],
    )
    await issues_service.comment_on_issue(
        project_id="my-group/my-project",
        issue_iid=issue.iid,
        body="Investigating now.",
    )
    await issues_service.set_issue_state(
        project_id="my-group/my-project",
        issue_iid=issue.iid,
        state_event=StateEvent.close,
    )

asyncio.run(main())

Run it: op run --env-file=.env.op -- python my_script.py.

WorkItems (GraphQL)

workItem is GitLab's unified replacement for the legacy Issue type — use work_items_service for status/comments/labels on modern GitLab instances:

import asyncio
from pjdev_gitlab import config_service, work_items_service
from pjdev_gitlab.models import WorkItemState, WorkItemStateEvent

async def main() -> None:
    config_service.init()

    open_bugs = await work_items_service.search_work_items(
        project_path="my-group/my-project",
        state=WorkItemState.OPEN,
        labels=["bug"],
        search="timeout",
    )

    label = await work_items_service.create_label(
        "needs-review", project_path="my-group/my-project", color="#FFAA00"
    )
    await work_items_service.set_work_item_labels(
        open_bugs[0].iid,
        [label.id],
        mode="add",
        project_path="my-group/my-project",
    )
    await work_items_service.comment_on_work_item(
        open_bugs[0].iid,
        "Triaged — assigning a reviewer.",
        project_path="my-group/my-project",
    )
    await work_items_service.set_work_item_state(
        open_bugs[0].iid, WorkItemStateEvent.CLOSE,
        project_path="my-group/my-project",
    )

asyncio.run(main())

Bundled agent skills

Skill files for AI agents ship under .agents/skills/ inside the installed package, following the library-skills.io convention. Topics: issues, workItems, merge requests, repository files, generic packages.

License

pjdev-gitlab is distributed under the terms of the MIT license.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pjdev_gitlab-5.1.10.tar.gz (42.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pjdev_gitlab-5.1.10-py3-none-any.whl (41.5 kB view details)

Uploaded Python 3

File details

Details for the file pjdev_gitlab-5.1.10.tar.gz.

File metadata

  • Download URL: pjdev_gitlab-5.1.10.tar.gz
  • Upload date:
  • Size: 42.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: Hatch/1.17.0 {"ci":true,"cpu":"aarch64","distro":{"id":"noble","libc":{"lib":"glibc","version":"2.39"},"name":"Ubuntu","version":"24.04"},"implementation":{"name":"CPython","version":"3.12.3"},"installer":{"name":"hatch","version":"1.17.0"},"openssl_version":"OpenSSL 3.0.13 30 Jan 2024","python":"3.12.3","system":{"name":"Linux","release":"6.12.76-linuxkit"}} HTTPX2/2.5.0

File hashes

Hashes for pjdev_gitlab-5.1.10.tar.gz
Algorithm Hash digest
SHA256 690474c7da3c059053149aa4b9c3b5f68eb4fad85c83e70121707adc3baa3575
MD5 34ecdba32a00ad9a4fea0ac6afe41cb9
BLAKE2b-256 68f86431e8681dd7c548c6a4bed79a171814a84816ec78ddafd4e3a3ffa3ad48

See more details on using hashes here.

File details

Details for the file pjdev_gitlab-5.1.10-py3-none-any.whl.

File metadata

  • Download URL: pjdev_gitlab-5.1.10-py3-none-any.whl
  • Upload date:
  • Size: 41.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: Hatch/1.17.0 {"ci":true,"cpu":"aarch64","distro":{"id":"noble","libc":{"lib":"glibc","version":"2.39"},"name":"Ubuntu","version":"24.04"},"implementation":{"name":"CPython","version":"3.12.3"},"installer":{"name":"hatch","version":"1.17.0"},"openssl_version":"OpenSSL 3.0.13 30 Jan 2024","python":"3.12.3","system":{"name":"Linux","release":"6.12.76-linuxkit"}} HTTPX2/2.5.0

File hashes

Hashes for pjdev_gitlab-5.1.10-py3-none-any.whl
Algorithm Hash digest
SHA256 41beba58e584f2f7b960523dedb580e014b01bd38cf6e34a19a35fb8305e2c7d
MD5 cf2c371edbd62bb32d9be01dd6f991a0
BLAKE2b-256 071a7ac60632f8b63c726d87a0c7ad955e2cdf3f86c09979370026f948cda5d9

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page