Page tree
Skip to end of metadata
Go to start of metadata

GitLab is a web application for git-based version control, issue tracking, and continuous integration. RIPS can be easily integrated into a GitLab CI/CD pipeline as a quality gate to notify the developers about new security issues in their code.

GitLab Pipelines

Setup

In the most straightforward setup RIPS can be used as one of the build steps inside your .gitlab-ci.yml file. The following example showcases this setup that stops the build if the analysis detects one or more high or critical security vulnerabilities, or more than 5 vulnerabilities in total:

.gitlab-ci.yml
rips:
    script:
      - rips-cli rips:scan:start -p . -T "$CI_COMMIT_REF_NAME" -t high:0 -t critical:0 -t 5 -a app_id

The app id has to replaced with the actual numeric id of an existing RIPS application. If you do not have an application yet you can create it with rips-cli. To authenticate with RIPS you can use Secret Variables to set the rips-cli environment variables. The Secret Variables can be found at Settings, CI / CD.

GitLab Settings

You have to install rips-cli on your GitLab Runner. Installation instructions are located in the rips-cli documentation.

For more advanced .gitlab-ci.yml configuration options please refer to the GitLab documentation.

  • No labels