Configure Scanners¶
The Global Configuration feature allows users to centrally manage scanner settings across supported tools. It provides a unified location to configure tokens for Semgrep Pro and Snyk, and to define and maintain advanced rule sets for Semgrep and CodeQL. Additionally, it supports configuration of the Gitleaks scanner for secrets detection. This centralized approach streamlines the provisioning and management of scanner coverage across your assets.
Common Configuration Steps¶
Before configuring any scanner, follow these initial steps:
-
Navigate to the Scanner Coverage page.
-
Click the Actions button at the top right corner of the page.
-
Click the Configure Scanners button.
1. CodeQL¶
To configure the CodeQL scanner,
- Complete the Common Configuration Steps.
-
Select "Enable" for the CodeQL scanner.
-
Click the Add Configuration button.
-
Provide the
requiredfields Configuration and Language.Optionalparameters include Create Arguments and Analyze Arguments.- Refer to the list of supported languages.
- Learn more about your CodeQL configuration.
-
Click the Save button to finalize the configuration.
2. Semgrep¶
To configure the Semgrep scanner:
- Complete the Common Configuration Steps.
-
Select "Enable" for the Semgrep scanner.
-
Click the Add Rule Set button to add the Rule Set (Name) and the corresponding Rule.
-
Click the Save button to finalize the configuration.
3. Semgrep Pro¶
To configure the Semgrep Pro scanner:
- Complete the Common Configuration Steps.
-
Select "Enable" for the Semgrep Pro scanner.
-
Enter your Token and click the Add Rule Set button to add the Rule Set (Name) and the corresponding Rule.
-
Click the Save button to finalize the configured scanner.
4. Snyk¶
To configure the Synk scanner:
- Complete the Common Configuration Steps.
-
Select "Enable" for the Synk scanner.
-
Enter the Token and click the Save button to finalize the details.
