GitLab

Akto integrates with GitLab to add automated API security testing to your CI/CD pipeline. This integration enables you to:

Run API security tests during your GitLab pipelines
View security test results directly in merge requests
Block merges based on security test results

Prerequisites

GitLab account with maintainer or owner permissions
GitLab repository with CI/CD enabled
Docker runner configured in GitLab
Akto dashboard access
Akto API credentials (API key and dashboard URL)
Valid test ID from your Akto test

Steps to Configure GitLab

Add GitLab CI Configuration
1. Create or update .gitlab-ci.yml in your repository root:

stages:    # List of stages for jobs, and their order of execution
  - build
  - test

build-job:       # This job runs in the build stage, which runs first.
  stage: build
  script:
    - echo "Compiling the code..."
    - echo "Compile complete."

variables:
  AKTO_DASHBOARD_URL: "https://app.akto.io"
  AKTO_API_KEY: "${AKTO_API_KEY}"        # Use GitLab CI/CD variable
  AKTO_TEST_ID: "${AKTO_TEST_ID}"        # Use GitLab CI/CD variable
  WAIT_TIME_FOR_RESULT: "1000"

test_scan:
  stage: test
  image: aktosecurity/akto-testing-scan:latest # Use Docker image to run docker commands
  script:
    - cd /usr/src/app
    - echo $AKTO_DASHBOARD_URL
    - echo $AKTO_API_KEY
    - echo $AKTO_TEST_ID
    - node index.js

Configure GitLab CI/CD Variables
1. Go to Settings > CI/CD > Variables
2. Add these variables:
  - AKTO_API_KEY (mark as masked and protected)
  - AKTO_TEST_ID

3. Verify Integration

Create a merge request
Pipeline will automatically run
Check "CI/CD > Pipelines" for test results

Note: Never commit sensitive credentials like API keys directly in your configuration files. Always use GitLab CI/CD variables for sensitive data.

PreviousAzure DevOps NextHow To

Last updated 1 month ago