Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Integrating iCR Into Your CI/CD Workflows
  3. GitLab CI/CD Workflow

Configuring the GitLab Script variables

To trigger a workflow in GitLab CI/CD a special yml script to invoke the container is inserted into the project’s repository. This script MUST be named: .gitlab-ci.yml. Below is a sample script for use with GitLab CI/CD. This script can be incorporated into a previous workflow script or edited to make the workflow operate as needed. Let’s quickly review the sample script:

stages:
  - icr  # Define the pipeline stage

icr:
  # Use this image for Gitlab CI/CD
  image: openrefactory/icr-gitlab-cicd:5.0.0 
  stage: icr  # Assign this job to the 'icr' stage
  # Uncomment the tag section if using self-hosted runners
  # tags:
  #   - icr  # Use tag for your runner

  script:
    - '/workspace/configure_run.sh ${CI_COMMIT_BRANCH} \
      ${CI_PROJECT_URL} \
      ${OR_ICR_URL} \
      ${OR_ICR_USER_NAME} \
      ${OR_ICR_CI_CD_ACCESS_TOKEN} \
      ${OR_PERSONAL_ACCESS_TOKEN} \
      ${OR_MAIL_ADDRESS} \
      ${OR_LANGUAGE} \
      ${OR_LANGUAGE_VERSION}'

# Instructions for Setting Up GitLab CI/CD Variables:
# 1. Go to your GitLab repository > Settings > CI/CD > Variables.
# 2. Click "Add variable" and enter the following details:
#    - Key: OR_ICR_URL, Value: Your OpenRefactory instance URL (e.g., https://icr.example.com)
#    - Key: OR_ICR_USER_NAME, Value: Your OpenRefactory username
#    - Key: OR_ICR_CI_CD_ACCESS_TOKEN, Value:Log in to iCR Dashboard > Settings > CI/CD Access Token > Copy CICD access token
#    - Key: OR_PERSONAL_ACCESS_TOKEN, Value: GitLab personal access token
#    - Key: OR_MAIL_ADDRESS, Value: Email to receive notifications
#    - Key: OR_LANGUAGE, Value: Programming language (e.g., java, python)
#    - Key: OR_LANGUAGE_VERSION, Value: Language version (only for python, 3.2 to 3.12)
# 3. Set the variable type to "Masked" for sensitive values.
# 4. Save the variables and trigger the pipeline under "CI/CD > Pipelines".

There are 2 key sections to the script. The image section is where the name of the docker component to be executed can be found. This is the component that will connect securely to the Navigator and initiate an analysis.

The script section invokes the component with a number of important variables. The variables are needed to be able to locate the targeted iCR server and to provide the Navigator with the information required so it can authenticate itself with the proper username and identify the project and branch name.

There are 9 variables in the script. Let’s look at all of them. They are broken into 2 groups: preconfigured environment variables and user supplied variables.

PreviousGitLab CI/CD OverViewNextEnvironment Variables

Last updated 3 months ago

If this script exists in a repository, then it will be checked whenever an event occurs that affects the repository. You can learn more about how GitLab CI/CD works by checking out the .

GitLab CI/CD Website