Skip to main content

Set up the GitLab connector

The Veracode Risk Manager (VRM) connector for GitLab lets VRM deliver the most impactful best next actions by ingesting security findings from GitLab's Static Application Security Testing (SAST) and Container Scanning features. It also performs origin analysis of code repositories for Container Scanning, so you can quickly triage issues in your code.

Complete the following tasks to set up your VRM connector for GitLab.

Create a personal access token

You must create a GitLab personal access token that has the read_api scope to grant VRM access to your groups, projects, container registry, and package registry.

To complete this task:

  1. In GitLab, select your profile avatar.
  2. Select Preferences.
  3. Select Access Tokens from the left sidebar.
  4. Select Add new token.
  5. Enter a token name and select an expiration date.
  6. Select read_api. Select read_api scope
  7. Select Create personal access token.
  8. Copy the token and save it to a secure location.

Create a VRM connector

  1. In VRM, from the left navigation menu, select the Settings icon settings_icon.png.
  2. Select Add Connector.
  3. Select the GitHub tile.
  4. Enter a name for the connector.
  5. Paste the access token you generated in GitLab.
  6. Select Add Connector.
Last updated on