To configure CI secret scanning for GitLab, you will need to create two pipeline variables and create or add to your yaml pipeline script.
Note, this CL integration supports merge requests.
Create Variables:
The following two pipeline variables need to be created whether you are creating a new pipeline or using an existing pipeline:
Name: BLUBRACKET_INTEGRATION_KEY
Value: Create a BluBracket Integration API token
Steps to create a BluBracket API token:
https://support.blubracket.com/hc/en-us/articles/4403018405140-Event-and-Alert-APIs
Name: BLUBRACKET_CI_CD_API
Value: https://[your BluBracket tenant name]/api/analyzer/commit/scan
Example: https://acme.blubracket.com/api/analyzer/commit/scan
Pipeline Script:
The following should be added to your pipeline script:
secret-scan: # Use the official docker image. image: docker:latest stage: build services: - docker:dind script: - | set -ex env docker run \ -e SYSTEM_PULLREQUEST_PULLREQUESTNUMBER="$CI_MERGE_REQUEST_IID" \ -e BLUBRACKET_CI_CD_API="$BLUBRACKET_CI_CD_API" \ -e BLUBRACKET_CI_CD_TOKEN="$BLUBRACKET_INTEGRATION_KEY" \ -e BUILD_REPOSITORY_URI="$CI_PROJECT_URL" \ blubracket/ci-cd-scan:latest rules: - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
Comments
0 comments
Please sign in to leave a comment.