Let’s connect your GitLab integration! Data Theorem’s SAST can connect to GitLab.com, GitLab On-Prem, and GitLab Ultimate.
Onboarding your GitLab instance will require communication with Data Theorem. Please reach out to support@datatheorem.com if you need help!
Jump to:
Onboard GitLab Ultimate
Note that the onboarding user must be an admin within your GitLab Ultimate workspace.
Navigate to GitLab.com.
Select
Groups
and select the group that you would like to connect to Data Theorem's SAST analyzer.Select
Settings
, thenApplications
.Select
Add new application
.Configure the application using the following options:
Name:
Data Theorem SAST
Redirect URI:
https://www.securetheorem.com/gitlab-integration/onboarding
Check
Confidential
Enable the
api
scope checkboxEnable the
read_repository
scope checkbox
Select
Save Application
Send the URL, the
Application ID
, and theSecret
to your Data Theorem contact. These are the credentials that the Data Theorem SAST Analyzer will use to connect to your GitLab instance.
Your Data Theorem contact will send you an email, so let us know what email address should receive it.
Important: Click the link in the email, then click
Authorize
.Your GitLab Ultimate instance has been successfully onboarded! Your source code will now continuously be scanned for security and privacy issues, which can be found on https://www.securetheorem.com/mobile-secure/v2/security/sast?view=issues or directly in your GitLab Ultimate merge requests.
Onboard GitLab
Requirements
The GitLab installation must be exposed to the internet
The user following these instructions must have administrator permissions to the GitLab instance
Onboarding the GitLab installation
Start with creating the GitLab application for the Data Theorem integration:
Log into the GitLab instance
Open “Applications” in the Admin Area
Create a new application with the following settings
Name: Data Theorem SAST
Trusted: Not required
Redirect URI: https://www.securetheorem.com/gitlab-integration/onboarding
Confidential: checked
Scopes:
api
,read_repository
The application settings should look like this:
After pressing “Save application”, transmit the Application ID, Secret, and instance URL (from the address bar of your browser) to the Data Theorem support team
Ensure that the Data Theorem support team has an email address that can be used to send you information confidentially
To complete the installation process, please check your inbox for an email from Data Theorem with the subject line that says “GitLab integration onboarding”. This email will contain a link to a confirmation page in GitLab to allow access to the installation. Approve the application to complete the process.
Configuring the system hook
The system hook will notify the GitLab integration of changes to any of the repositories present in the GitLab integration.
Once the Data Theorem SAST application has been created in the GitLab instance. You should have received an email titled “GitLab hook authorization token”. Please reach out to the Data Theorem support team if you haven’t received this email.
Configuration steps:
Log into the GitLab instance
Open “System Hooks” in the Admin Area
Create a new system hook with the following settings:
URL: https://api.securetheorem.com/apis/sast/gitlab/v1/hook_events
Secret Token: Copy and paste the code from the email
Trigger:
Check “Repository update events”
Check “Merge request events”
Check “SSL verification”
The system hook should look like this:
Press “Add system hook”
(Recommended) Test the newly created webhook by triggering “Repository update events”