The Accurics Web Console provides you an option to connect to your repositories to perform the code (IaC) analysis.
This topic provides you the necessary steps from connecting to the version control provider, such as Bitbucket, GitHub, GitLab, and AzureDevOps, selecting required repositories, adding configurations to the repositories, and finally select the project.
Step 1: Connecting to Version Control Provider
Perform this procedure to connect to the required version control providers.
- Sign in to Accurics Web Console.
- In the left panel, click symbol > Connection > Repository.
- In the workflow to discover section, select the Version Control option as the workflow to directly integrate with your source code management (SCM) tool.
- Click Continue.
- In the version control provider section, click the button for the required version control provider.
- Click Bitbucket.
The Bitbucket login page appears.
- Enter the bitbucket user name and click Continue.
- On the permissions dialog box, grant the necessary permissions.
Accurics initiates the connection and displays the tick mark on the button after successful connection with the version control provider.
- In case if you want to connect to other providers, click the corresponding button and provide the user account to connect with the provider.
Accurics initiates the connection and displays the tick mark on the button after successful connection.
- After connecting the required providers, click Continue to select and configure one or more repositories.
Step 2: Selecting the IaC repositories
After successfully connecting to the required version control provider, select the repositories that you want to add to the project for scanning.
- In the repository and configue settings section, select the requried repositories.
- In the Search Repos field, search for the required repository.
- and select the requisite reopsitory file.
- (Optional) Click Add custom/Public repository to create a new repository. Enter the repository name and path, and click Add.
Step 3: Performing the advanced settings for repositories
In the advanced settings for the repository, you specify the terraform plan input variables.
The following table provides the applicable values for each IaC Engine/ repository type. Based on the selected repository type, configure the respective setting, as applicable.
|Repo Type||IaC Engine Type||Select Version||Auto Remediate Settings||Plan Based Setup|
|Terraform||Terraform||Applicable to change/configure||Applicable to change/configure||Applicable to change /configure|
|Terragrunt||Terragrunt||Applicable to change/configure||Not applicable||Applicable to change/configure|
|CFT||CFT||Not applicable||Not applicable||Not applicable|
|Application||Application||Not applicable||Not applicable||Not applicable|
|Kubernetes YAML||Kubernetes YAML||Not applicable||Not applicable||Not applicable|
|Kustomize YAML||Kustomize YAML||Not applicable||Not applicable||Not applicable|
|Helm Chart||Helm Chart||Not applicable||Not applicable||Not applicable|
- For the selected repository, click Advanced Settings icon to configure the repository.
- In the advanced settings dialog box, enter appropriate values in the fields.
- Click the IaC Engine Type drop-down list and select IAC type.
- In the Select version field, select the terraform code version that you are using to run your terraform plan.
- Click the Auto-remediate settings drop-down list, select Auto-Remediation or Inline Reviews.
Auto-Remediation automatically fixes violation issues and Inline Reviews automatically creates issues for any violations found.
Step 4: Specifying the Terraform State file information
In cases when your resources do not have a name tag, Accurics might require access to terraform state files to get resource attribute information. This is to ensure that all cloud resources are accurately mapped to the terraform code even if resources do not have tags.
- In the Advanced settings dialog box, click the Plan based setup option to turn it on.
- In the first drop-down list, select TFSTATE_URL.
- In the corresponding text field, enter the S3 path of the state file.
- Click Save.
- In the repository and configure settings dialox box, click Continue to select a project.
Step 5: Selecting a project
- In the projects to add the repository to section, select one or more projects to add the repository.
- (Optional) Click Add a Project to add a new project. Enter the project details, such as project name and the cloud proivder, and click Create Project.
- Click Connect.
Accurics connects with the respository and displays a message for successful connection.