Comment on page

GitLab

Integrating Reshift with GitLab.

You can run a Reshift scan in your GitLab Pipeline to automate security scanning on every code check-in. This makes it easy to detect and remediate security bugs before making them to deployment.
1. Secure Your Token
In your GitLab Project CI\CD settings you will find "variables". Here you can secure your token by creating a key and adding the Reshift token value found in your Reshift project settings.
2. Configure Your GitLab Project
At the base directory of your code repository, add a .gitlab-ci.yml pipeline configuration file by navigating to "Web IDE". Here you can choose a template that supports your language (in this case Maven) and configure it to run a Reshift scan. 
Add the command line found in your Reshift project settings along with the secure token to pull and run Reshift scans. A Maven example can be found below:
mvn compile com.softwaresecured.reshift:maven-plugin:LATEST:analyse com.softwaresecured.reshift:maven-plugin:LATEST:upload -Dreshift.token=$RESHIFT_TOKEN
3. Run It
Run it, once the job is complete, your project scan results will appear on your Reshift dashboard.
If you have any more questions, please email us at [email protected]!

Integrations - Previous

Jenkins

Next - Analysis Engine

Java Security Rules

Last modified 3yr ago