Skip to end of banner Go to start of banner

GitLab integration setup

Skip to end of metadata

Created by bm, last modified by Victor Wang on Jun 27, 2023

You are viewing an old version of this page. View the current version.

This guide describes the setup for enabling SAST scans on source code repositories hosted on a GitLab installation. These steps require coordination with Data Theorem’s support team.

Requirements

The GitLab installation must be exposed to the internet
The user following these instructions must have administrator permissions to the GitLab instance

Onboarding the GitLab installation

Start with creating the GitLab application for the Data Theorem integration:

Log into the GitLab instance
Open “Applications” in the Admin Area
Create a new application with the following settings
- Name: Data Theorem SAST
- Trusted: Not required
- Redirect URI: https://www.securetheorem.com/gitlab-integration/onboarding
- Confidential: checked
- Scopes: read_api, read_repository
The application settings should look like this:
After pressing “Save application”, transmit the Client ID, Client Secret, and instance URL to the Data Theorem support team
Ensure that the Data Theorem support team has an email address that can be used to send you information confidentially

To complete the installation process, please check your inbox for an email from Data Theorem with the subject line that says “GitLab integration onboarding”. This email will contain a link to a confirmation page in GitLab to allow access to the installation. Approve the application to complete the process.

Configuring the system hook

The system hook will notify the GitLab integration of changes to any of the repositories present in the GitLab integration.

Once the Data Theorem SAST application has been created in the GitLab instance. You should have received an email titled “GitLab hook authorization token”. Please reach out to the Data Theorem support team if you haven’t received this email.

Configuration steps:

Log into the GitLab instance
Open “System Hooks” in the Admin Area
Create a new system hook with the following settings:
- URL: https://api.securetheorem.com/apis/sast/gitlab/v1/hook_events
- Secret Token: Copy and paste the code from the email
- Trigger:
  - Check “Repository update events”
  - Check “Merge request events”
- Check “SSL verification”
The system hook should look like this:
Press “Add system hook”
(Recommended) Test the newly created webhook by triggering “Repository update events”

No labels