Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Integrating iCR Into Your CI/CD Workflows
  3. GitLab CI/CD Workflow

GitLab CI/CD OverView

PreviousGitLab CI/CD WorkflowNextConfiguring the GitLab Script variables

Last updated 3 months ago

Adding a CI/CD capability into a project repository requires connecting a workflow yml script created and managed in GitLab with the iCR server offering the analysis. It is assumed that there is a DevOps engineer, or someone with equivalent skill, who is already familiar with GitLab CI/CD and who will prepare iCR for integration into GitLab. The diagram below will be used as the reference for the steps.

Step 1. GitLab CI/CD employs a framework where customizable functionality can be easily added and controlled. A yml script is added to any repository where CI/CD automation is requested. iCR is invoked by executing an OpenRefactory supplied Docker container that is named in the yml script. The image tag defines the name of the iCR container. You may want to view the sample yml script in the section. The script determines the manner in which iCR will be triggered. The script provides the iCR server with necessary details about the project. GitLab CI/CD and provide iCR with the necessary values to select the correct branch and authenticate with GitLab.

Step 2. When the trigger specified in the yml occurs, the script is executed. The Navigator will be requested to start an analysis using information provided from the script variables.

Step 3. The Navigator uses the information in the variables to determine the specific branch to be analyzed from this repository. The Navigator will automatically fetch the source code of the configured repository in GitLab and initiate an analysis.

Step 4. Once the analysis completes, the user is notified via an email message. The email is sent to the address defined by the OR_MAIL_ADDRESS. This email address MUST be provided so that iCR has a way of not only signaling completion, but also a way of communicating any errors that may have occurred.

Step 5. Once notified that analysis is complete and that results are available, the user may login directly to the iCR server which ran the analysis. From that login, the user can enter the Reviewer to process results in exactly the same manner as described in the .

Reviewing Your Results
Configuring the GitLab Script variables
environment variables
user supplied variables