GitLab

Akto integrates with GitLab to add automated AI Red Teaming to your CI/CD pipeline. This integration enables you to:

Run red teaming scans during your GitLab pipelines
View security scan results directly in merge requests
Block merges based on security scan results

Prerequisites

GitLab account with maintainer or owner permissions
GitLab repository with CI/CD enabled
Docker runner configured in GitLab
Akto dashboard access
Akto API credentials (API key and dashboard URL)
Valid test ID from your Akto Probe

Steps to Configure GitLab

Add GitLab CI Configuration
1. Create or update .gitlab-ci.yml in your repository root:

stages:    # List of stages for jobs, and their order of execution
  - build
  - test

build-job:       # This job runs in the build stage, which runs first.
  stage: build
  script:
    - echo "Compiling the code..."
    - echo "Compile complete."

variables:
  AKTO_DASHBOARD_URL: "https://app.akto.io"
  AKTO_API_KEY: "${AKTO_API_KEY}"        # Use GitLab CI/CD variable
  AKTO_TEST_ID: "${AKTO_TEST_ID}"        # Use GitLab CI/CD variable
  WAIT_TIME_FOR_RESULT: "1000"

test_scan:
  stage: test
  image: aktosecurity/akto-testing-scan:latest # Use Docker image to run docker commands
  script:
    - cd /usr/src/app
    - echo $AKTO_DASHBOARD_URL
    - echo $AKTO_API_KEY
    - echo $AKTO_TEST_ID
    - node index.js

Configure GitLab CI/CD Variables
1. Go to Settings > CI/CD > Variables
2. Add these variables:
  - AKTO_API_KEY (mark as masked and protected)
  - AKTO_TEST_ID

3. Verify Integration

Create a merge request
Pipeline will automatically run
Check "CI/CD > Pipelines" for scan results

Note: Never commit sensitive credentials like API keys directly in your configuration files. Always use GitLab CI/CD variables for sensitive data.

PreviousAzure DevOps NextGeneric CI/CD

Last updated 1 month ago