GitLab is a web application for git-based version control, issue tracking, and continuous integration. RIPS can be easily integrated into a GitLab CI/CD pipeline as a quality gate to notify the developers about new security issues in their code.
In the most straightforward setup RIPS can be used as one of the build steps inside your
.gitlab-ci.yml file. The following example showcases this setup that stops the build if the analysis detects one or more high or critical security vulnerabilities, or more than 5 vulnerabilities in total:
The app id has to replaced with the actual numeric id of an existing RIPS application. If you do not have an application yet you can create it with rips-cli. To authenticate with RIPS you can use Secret Variables to set the rips-cli environment variables. The Secret Variables can be found at Settings, CI / CD.
For more advanced
.gitlab-ci.yml configuration options please refer to the GitLab documentation.