GitLab
Last updated
Last updated
Heeler connects to GitLab at the group level and integrates into GitLab Pipelines to automate assessment code and dependencies. The permission scopes required by Heeler are:
GitLab role: Reporter
read_api : This is a mandatory permission to allow Heeler to gather information about the groups and projects in your environment.
read_repository : This is a mandatory permission to read contents of the repositories in order to run security analysis and correlate Heeler Services to source code repositories.
A GitLab group with access to the projects you want Heeler to analyze
Ability to create Gitlab Group access token
Group access token with required permission scopes
Select Connections -> Code Organizations then select 'Add Code Organization'
Enter a name that helps tie the token to the Group
Copy the GitLab Project access token to Heeler
Upon saving the name and token, copy the Installation Token to create the CI/CD Variable
Use the Installation Token provided in the Heeler GitLab setup for the value of the variable. The token enables secure communication between the Heeler image and platform.
Job Config YAML
Add the job configuration to the desired CI/CD pipeline.
Description of jobs
SCA Scan - enumerates packages and vulnerabilities with output to heeler-sca-scan.json
SAST Scan - scans source code for secrets, PII, and security defects with output to heeler-sast-scan.json
OSS Analysis - runs license checks, dependency scorecard, and malicious package analysis with output to heeler-oss-results.json
Select the icon from the top navigation
