Represents the GitLab instance being analyzed. This is the root node of the graph and serves as the primary container for all other node types. Instance-level settings such as authentication configuration, sign-up policies, password policies, and runner availability are captured as properties on this node.
| Property Name | Data Type | Description |
|---|---|---|
| version | string | GitLab version string (e.g., 17.5.0-ee) |
| revision | string | GitLab build revision hash |
| enterprise | bool | Whether this is a GitLab Enterprise Edition instance |
| created_at | datetime | When the instance was first configured |
| signup_enabled | bool | Whether open self-registration is enabled |
| require_admin_approval_after_user_signup | bool | Whether new self-registered accounts require admin approval before activation |
| email_confirmation_setting | string | Email confirmation mode: off, soft, or hard |
| domain_denylist_enabled | bool | Whether a domain blocklist is active for registrations |
| domain_denylist | string[] | Email domains blocked from registering |
| domain_allowlist | string[] | Email domains allowed to register (unrestricted if empty) |
| disable_personal_access_tokens | bool | Whether personal access tokens are disabled instance-wide |
| personal_access_token_prefix | string | Required prefix for personal access tokens on this instance |
| require_personal_access_token_expiry | bool | Whether all PATs must have an expiration date |
| password_authentication_enabled_for_web | bool | Whether password authentication is enabled for the web UI |
| password_authentication_enabled_for_git | bool | Whether password authentication is enabled for Git operations |
| minimum_password_length | integer | Minimum required password length |
| password_number_required | bool | Whether passwords must contain at least one digit |
| password_symbol_required | bool | Whether passwords must contain at least one symbol |
| password_lowercase_required | bool | Whether passwords must contain a lowercase letter |
| password_uppercase_required | bool | Whether passwords must contain an uppercase letter |
| require_two_factor_authentication | bool | Whether 2FA is mandatory for all users |
| require_admin_two_factor_authentication | bool | Whether 2FA is mandatory for administrators |
| max_login_attempts | integer | Maximum consecutive failed sign-in attempts before lockout |
| failed_login_attempts_unlock_period_in_minutes | integer | Minutes until a locked account is automatically unlocked |
| can_create_group | bool | Default value for whether new users can create top-level groups |
| shared_runners_enabled | bool | Whether instance-level shared runners are enabled for new projects |
| default_project_visibility | string | Default visibility for new projects: private, internal, or public |
| default_group_visibility | string | Default visibility for new groups: private, internal, or public |
| default_branch_name | string | Default initial branch name for new repositories |
| default_ci_config_path | string | Default CI configuration file path (.gitlab-ci.yml if unset) |
| security_txt_content | string | Public security contact information from /.well-known/security.txt |
| users | integer | Total number of users on the instance |
| groups | integer | Total number of groups on the instance |
| projects | integer | Total number of projects on the instance |
| runners | integer | Total number of runners registered on the instance |
| custom_instance_roles | integer | Number of custom member roles defined at the instance level |
flowchart TD
GL_InstanceRole[fa:fa-user-tie GL_InstanceRole]
GL_Instance[fa:fa-building GL_Instance]
GL_Group[fa:fa-user-group GL_Group]
GL_InstanceVariable[fa:fa-sliders GL_InstanceVariable]
GL_Instance -.->|GL_HasGroup| GL_Group
GL_Instance -->|GL_Defines| GL_InstanceVariable
GL_InstanceRole -.->|GL_CanSignUp| GL_Instance
GL_InstanceRole -.->|GL_CanCreateGroup| GL_Instance
GL_InstanceRole -.->|GL_CanCreateProject| GL_Instance