A GitLab Runner is used to run CI/CD jobs and send the results back to GitLab. It is used in conjunction with GitLab CI/CD, the open-source continuous integration service included with GitLab that coordinates the jobs.
Integrating Bridgecrew with a GitLab Runner makes it possible for Bridgecrew to scan your Infrastructure-as-code files (Terraform and CloudFormation), review scan results in a number of formats, display Incidents on the Console and, optionally, cause a build to fail.
Get API Token
From Integrations, select API Token and copy the API key. Save the key in a Gitlab environment variable.
Add a new job in the .gitlab-ci.yml file in your repository as part of whichever stage is appropriate for you.
stages: - validate bridgecrew: image: name: bridgecrew/bridgecrew:latest entrypoint: - '/usr/bin/env' - 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' stage: validate script: - bridgecrew -d . --bc-api-key $BC_API_KEY --repo-id $CI_PROJECT_NAMESPACE/$CI_PROJECT_NAME --branch $CI_COMMIT_REF_NAME -s - bridgecrew -d . -o junitxml > bridgecrew.xml artifacts: paths: - bridgecrew.xml reports: junit: bridgecrew.xml
<bc_api_key> - Bridgecrew issued API key (for more details, see Get API Token
<repo_id> - the ID of the repo, for example: bridgecrewio/terragoat
- the name of the branch scanned. If it is not specified, value will be master
Updated about 2 years ago