Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Table of Contents
minLevel1
maxLevel1
outlinefalse
typelist
printablefalse

Installation

Requirements

  • The GitLab installation must be exposed to the internet

  • The user following these instructions must have administrator permissions to the GitLab instance

  • AWS Account with Admin Access

Step 1: Generate a SAST Security Results API Key

Navigate to Data Theorem’s API key provisioning portal https://www.securetheorem.com/devsecops/v2/results_api_access

...

Keep the window open or securely store the API Key, you will need to enter it in a later step.

...

Step 2: Create A Data Theorem App In GitLab

Start with creating the GitLab application for the Data Theorem integration:

...

  • Clicking “Save application”

  • Securely make a note of the Application ID, Secret, and instance URL (from the address bar of your browser). You will need to enter these values in the next step

...

Screenshot 2024-07-24 at 15.02.09.png

Step 3: Create AWS Resources

Open the AWS CloudFormation Quick Create Link you received from Data Theorem, and sign in the AWS account where you want the SAST scanning resources to be created.

...

Paste the values for the GitLab App Id, Gitlab App Secret

Screenshot 2024-07-24 at 15.50.05.png

Step 4: Configuring The GitLab System Hook

The system hook will notify the GitLab integration of changes to any of the repositories present in the GitLab integration.

...

  • Log into the GitLab instance

  • Navigate to “System Hooks” in the Admin Area

  • Create a new system hook with the following settings:

    • URL: Copy/Paste the CloudFormation Stack Output named GitLabSystemHookUrl

    • Secret Token: Copy/Paste the CloudFormation Stack Output named GitLabSystemHookSecret

    • Trigger:

      • Check “Repository update events”

      • Check “Merge request events”

    • Check “SSL verification”

Screenshot 2024-07-24 at 15.15.20.png

Step 5: Update The GitLab App OAuth Redirect URI

  • Open “Applications” in the Admin Area

  • Edit the Data Theorem SAST application and update the Redirect URI setting

    • Redirect URI: Copy/Paste the CloudFormation Stack Output named GitLabOAuthRedirectUri

...