Prerequisites
- Snyk account: Organization's Administrator.
-
GitLab project personal access token.
- It is recommended to use access token instead of password.
- If you enabled MFA, the personal access token is a MUST.
Integration
Create a Personal Access Token
Please ensure that your token meets the following requirements:
- role: at least
Developer
- scopes:
read_api
read_registry
Configure Integration
- At the left navigation bar, go to Settings.
- Under Organization Settings, go to Integrations.
- Find GitLab Container Registry, under Container Registries section.
- From the Account credentials box, we have to input:
-
Username
:<your-gitlab-username>
-
Password
:<your-gitlab-access-token>
-
Container registry name
:registry.gitlab.com
-
- Then click the save changes button.
Add project for scanning
- At the left navigation bar, go to Projects.
- Click the Add projects button.
- From the Image Name box, we input our project URL as follows:
<namespace>/<project>/<image>
References
- https://docs.snyk.io/scan-containers/image-scanning-library/gitlab-container-registry-image-scanning/scan-container-images-from-gitlab-container-registry-in-snyk
- https://docs.snyk.io/scan-containers/image-scanning-library/gitlab-container-registry-image-scanning/container-security-with-gitlab-container-registry-integration
Top comments (0)