GitLab Boards

You can connect your GiLab repository to a Bright scan to get the reports on every detected vulnerability in automatically opened GitLab issues. Each report provides the following information:
  • Issue severity level
  • Details of discovery
  • Possible exposure
  • Remediation suggestions

Setup

To enable the integration, you should first register the Bright application in GitLab.

  1. Go to your GitLab account preferences.
    For that, in the upper-right corner, click the down-arrow and select Preferences.
  1. In the left pane, select Applications.
  2. On the Applications page, do the following:
    a) In the Name field, enter a name for the integration application, for example, Bright. b) In the Redirect URI field, enter https://app.brightsec.com/organization/services/gitlab/callback. c) In the Scopes section, select the api checkbox. d) Click Save application. The created Application ID and Secret will then be required for enabling the integration in the Bright app.

Step-by-step guide

Connecting Bright to your GitLab repository

  1. Go to the Bright app.

  2. In the left pane, select Settings and navigate to the Integrations tab.

  3. Click next to GitLab Ticketing, and then select Settings.

  4. In the GitLab integration config dialog box, do the following:

    1. Copy the Application ID and the Secret created in GitLab and paste them in the relative fields.

    2. (Optional). If your GitLab application is hosted on a private cloud or you are using on-premise GitLab, enter the relative link in the Base URL field.

    3. Click Connect. You will be redirected to an authorization page on GitLab. Click Authorize to allow Bright to access your GitLab account.

  5. The Bright connection to GitLab is enabled.

Configure GitLab Integration with Bright Projects

After you have connected Bright to GitLab, you need to integrate a specific Bright project with your GitLab repositories. The integration allows Bright to automatically provide the scan reports in the associated GitLab repositories. You can configure a minimum severity level of issues (findings) to be sent to the associated repositories.

To integrate a certain Bright project with your GitLab repositories, follow these steps.