Skip to main content

Enable pull requests for GitLab

To use automatic pull requests for Veracode Software Composition Analysis (SCA) agent-based scanning, you need permission to create merge requests in GitLab.

To complete this task:

  1. Go to GitLab.com.

  2. If prompted, enter your GitLab credentials to log in.

  3. On the Personal Access Tokens page, enter a token name.

  4. Select the api checkbox.

  5. Click Create personal access token.

  6. After generating the token, copy it to your clipboard and save it to a safe location.

    note

    After you leave the page, you cannot access this token again.

  7. Add your token using one of these methods:

    • Add this code to the agent.yml file installed in your ~/.srcclr folder:

      scmType: GITLAB
      scmToken: {token copied in earlier step}

    • Set the token as an environment variable in your CI/CD settings or in a command script. For example, add this code in Linux bash:

      export SRCCLR_SCM_TYPE="GITLAB"
      export SRCCLR_SCM_TOKEN="{token copied in earlier step}"

  8. If you are using an installation of GitLab other than GitLab.com, add your project URL using one of these methods:

    • Add the project URL to the agent.yml file installed in your ~/.srcclr folder:

      scmUrl: https://gitlab.acme.io

    • Set the project URL as an environment variable in your CI/CD settings.

    • Set the project URL as an environment variable in a command script. For example, add this code in Linux bash:

      export SRCCLR_SCM_URL=https://gitlab.acme.io