Comment on page

GitLab

Integrating Reshift with GitLab.
You can run a Reshift scan in your GitLab Pipeline to automate security scanning on every code check-in. This makes it easy to detect and remediate security bugs before making them to deployment.

1. Secure Your Token

In your GitLab Project CI\CD settings you will find "variables". Here you can secure your token by creating a key and adding the Reshift token value found in your Reshift project settings.

2. Configure Your GitLab Project

At the base directory of your code repository, add a .gitlab-ci.yml pipeline configuration file by navigating to "Web IDE". Here you can choose a template that supports your language (in this case Maven) and configure it to run a Reshift scan.
Add the command line found in your Reshift project settings along with the secure token to pull and run Reshift scans. A Maven example can be found below:
mvn compile com.softwaresecured.reshift:maven-plugin:LATEST:analyse com.softwaresecured.reshift:maven-plugin:LATEST:upload -Dreshift.token=$RESHIFT_TOKEN

3. Run It

Run it, once the job is complete, your project scan results will appear on your Reshift dashboard.
If you have any more questions, please email us at [email protected]!