GitLab Boards

You can connect your GiLab repository to a Bright scan to get the reports on every detected vulnerability in automatically opened GitLab issues. Each report provides the following information:
  • Issue severity level
  • Details of discovery
  • Possible exposure
  • Remediation suggestions
For each new scan, you can select any of your GitLab repositories integrated with your Bright projects.

Setup

To enable the integration, you should first register the Bright application in GitLab.

  1. Go to your GitLab account preferences. For that, in the upper-right corner, click the down-arrow and select Preferences.
19151915
  1. In the left pane, select Applications.
  2. On the Applications page, do the following:
    a) In the Name field, enter a name for the integration application, for example, Nexploit.
    b) In the Redirect URI field, enter <https://app.brightsec.com/organization/services/gitlab/callback>.
    c) In the Scopes section, select the api checkbox.
    d) Click Save application.
    The created Application ID and Secret will then be required for enabling the integration in the Bright app.
18771877

Step-by-step guide

Connecting Bright to your GitLab repository

  1. Go to the Bright app.
  2. In the left pane, select Organization.
  3. On the Organization page, scroll down to the TICKET MANAGEMENT INTEGRATION section.
  4. Click next to GitLab, and then select Settings.
18861886
  1. In the GITLAB INTEGRATION CONFIG dialog box, do the following:
    a) Copy the Application ID and the Secret created in GitLab and paste them in the relative fields.
    b) (Optional). If your GitLab application is hosted on a private cloud or you are using on-premise GitLab, enter the relative link in the Base URL field.
    c) Click Connect. You will be redirected to an authorization page on GitLab. Click Authorize to allow Bright to access your GitLab account.

The Bright connection to GitLab is enabled.

19061906

Configure GitLab Integration with Bright Projects

After you have connected Bright to GitLab , you need to integrate a specific Bright project with your GitLab repository(ies) to be used for a scan. The integration allows Bright to automatically provide the scan reports in the associated GitLab repositories. Moreover, you can select a certain severity level of issues (findings) to be sent to the repositories associated with your Bright project.

To integrate a certain Bright project with your GitLab repository(ies), follow these steps.