Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Integrating iCR Into Your CI/CD Workflows
  3. GitLab CI/CD Workflow
  4. Configuring the GitLab Script variables

Creating a Personal Access Token

PreviousUser Supplied VariablesNextSetting the User Defined Variable Values

Last updated 6 months ago

When operating within a GitLab CI/CD framework, a Personal Access Token (PAT) needs to be provided so that iCR is authorized to access that User’s repository. If the User already has PATs defined, they can choose to use an existing one. However, it may be desirable to create a new one and identify it as being used specifically for iCR.

Refer to this video which provides an example of all of the steps to create your PAT for accessing GitLab.

From the example above, assuming that the User is already logged into GitLab, let's walk through the steps to create a new PAT:

  • Open the pull-down menu under the user icon;

  • Select the Preferences menu;

  • From there, scroll down the menu on the left side of the page and locate Access Tokens;

  • Clicking on that opens the Personal Access Tokens page;

  • Enter a name for your token. You may choose a name that reminds you why you created this token. In our example we have chosen to name it: iCR-Access-Token;

  • You can set a finite expiration date or make it last forever. Since most CI/CD workflows run on a regular basis, it may be preferred to never have the PAT expire. In that case, just clear out the Expiration date field;

  • Then, make sure to enable api access by clicking in the box under Select scopes.

  • To create the new token, click on Create personal access token.

Your new PAT has been created. You will need to copy it (you can use the Copy icon to the right of the token) as you will need itvariable.

to set your ${OR_SECRET_TOKEN}