Skip to content

Integrate GitLab with BoostSecurity

BoostSecurity lets you connect your GitLab instance to scan repositories, provision security scanners onto the repositories, and merge commits for security issues.

Prerequisites

To integrate GitLab into BoostSecurity, you will need the following:

  • Create a GitLab Personal Access Token with the api scope selected.
    • It is advised that a protected, non-human GitLab account entity is assigned to this Personal Access Token. Otherwise, the connection between Boost and GitLab can be severed if the associated entity's account is removed during standard offboarding or change management procedures.
  • The entity that the Personal Access Token is assigned to will need to have Owner permissions for the repositories that are associated with the GitLab groups that are being ingested into Boost.

1. Connect GitLab to BoostSecurity

To install the BoostSecurity integration for GitLab:

  1. Navigate to the Integrations page.

  2. Select the GitLab integration from the Available section and select the Install button.

    Select GitLab

  3. A window directs to providing the Personal Access Token to GitLab. Provide the Personal Access Token and select Next.

    Installation

  4. Select the Group in GitLab: Once the Personal Access Token is provided, the GitLab Group, which enables the integration, needs to be selected from the menu.

    Group

  5. Select Complete.

Once the installation is completed, the BoostSecurity GitLab card is added to the Settings > Integrations > Installed section. At this point, BoostSecurity integration is enabled for your GitLab group. Note that the steps can be repeated to allow integration with additional GitLab groups.

2. Default Scanner Protection

After successfully integrating into your GitLab organization, enabling the BoostSecurity scanner is recommended.

To do this,

  1. Navigate to the Scanner Coverage page and select the Default Scanner Protection column for your GitLab integration.

  2. Toggle SBOM, SCA, or Secrets to enable the BoostSecurity Scanner default protection on your GitLab resource..

    Enable CI/CD Scanner