...
Table of Contents | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Installation
...
The GitLab installation must be exposed to the internet
The user following these instructions must have administrator permissions to the GitLab instance
AWS Account with Admin Access
Step 1
...
Navigate to Data Theorem’s API key provisioning portal https://www.securetheorem.com/devsecops/v2/results_api_access
Make sure the API key has the “SAST Scanning” feature permission
Keep the window open or securely store the API Key, you will need to enter it in a later step.
...
: Create A Data Theorem App In GitLab
Start with creating the GitLab application for the Data Theorem integration:
...
Clicking “Save application”
Securely make a note of the Application ID, Secret, and instance URL (from the address bar of your browser). You will need to enter these values in the next step
...
Step
...
2: Create AWS Resources
Open the AWS CloudFormation Quick Create Link you received from Data Theorem, and sign in the AWS account where you want the SAST scanning resources to be created.
Create a new system hook with Fill in the following settingstemplate parameters:
URLGitLabInstanceUrl: Copy/Paste the CloudFormation Stack Output named
GitLabSystemHookUrl
Secret Token: Copy/Paste the CloudFormation Stack Output named
GitLabSystemHookSecret
...
Enter the URL of your GitLab instance
GitLabAppClientId: Enter”Application ID” from Step 1
GitLabAppClientSecret: Enter the “Secret” from Step 1
...
Step
...
3: Configuring The GitLab System Hook
The system hook will notify the GitLab integration of changes to any of the repositories present in the GitLab integration.
...
Log into the GitLab instance
Navigate to “System Hooks” in the Admin Area
Create a new system hook with the following settings:
URL: Copy/Paste the CloudFormation Stack Output named
GitLabSystemHookUrl
Secret Token: Copy/Paste the CloudFormation Stack Output named
GitLabSystemHookSecret
Trigger:
Check “Repository update events”
Check “Merge request events”
Check “SSL verification”
Step
...
4: Update The GitLab App OAuth Redirect URI
Open “Applications” in the Admin Area
Edit the Data Theorem SAST application and update the Redirect URI setting
Redirect URI: Copy/Paste the CloudFormation Stack Output named
GitLabOAuthRedirectUri
...