This topic explains the procedures to scan your GitLab enterprise repositories using Bot.
Creating an OAuth application in GitLab Server
- Sign in to the Gitlab Server console with admin level account credentials.
- Create an Application on the GitLab Server by going to Preferences > Applications.
- On the Add new application page, create an application with the following configuration:
- Specify a name for the application.
- Select Confidential to use the application where the client secret can be kept confidential.
- Under Scopes, select:
- api – to grant read/write access to the API
- read_repository – to grant read-only access to repositories on private projects
- Once the application is created, open the newly created application.
- Note down the Application ID, Secret, and the Authorization callback URL:
Authorizing the BOT to access GitHub Enterprise Server
- Launch the URL displayed in the output above in a browser which should navigate to the OAuth Application Authorization page:
- Specify the values for the Application ID and Secret as noted in above procedure (step 5).
- Specify the Auth Server Address:
- Specify the Bot URL.
- Click the Authorize button.
- Once the Authorization is completed, the page will navigate back to the Bot service page and a success message should appear.
Connecting an IaC from Gitlab server to Accurics project
- Sign in to the Accurics Web Console.
- In the left panel, click icon.
- Click Connection > Repository.
- In the list of version control provider, select GitLab and On-premise bot.
- Click Continue.
- Select the repository.
- Configure the advanced settings for the selected repository.
For more information, see Repository Configuration Parameters and Types of IaC scans.
- Click Save to save the settings.
- Click Continue.
- Select your project.
- Click Connect to complete the configuration.