From b8a703d3a179738ebf96502b934649421ec7f4cb Mon Sep 17 00:00:00 2001 From: gotbadger Date: Tue, 16 Jan 2024 15:56:36 +0000 Subject: [PATCH] docs: update gitlab cloud docs --- docs/_data/examples/ci/gitlab/cloud.yaml | 1 - docs/guides/bearer-cloud.md | 9 +++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/docs/_data/examples/ci/gitlab/cloud.yaml b/docs/_data/examples/ci/gitlab/cloud.yaml index b655b8eb1..69106b9a5 100644 --- a/docs/_data/examples/ci/gitlab/cloud.yaml +++ b/docs/_data/examples/ci/gitlab/cloud.yaml @@ -1,5 +1,4 @@ bearer_cloud: - stage: bearer image: name: bearer/bearer entrypoint: [""] diff --git a/docs/guides/bearer-cloud.md b/docs/guides/bearer-cloud.md index 0da274f31..d8ed9aa69 100644 --- a/docs/guides/bearer-cloud.md +++ b/docs/guides/bearer-cloud.md @@ -44,6 +44,15 @@ Set up the [GitLab CI/CD configuration](/guides/gitlab), then adjust your settin We recommend using [GitLab's CI/CD variables](https://docs.gitlab.com/ee/ci/variables/) to protect your token. In the example above, the variable is named `BEARER_TOKEN`. +#### Enhanced Integration + +Once the above is configured and your first scan is complete, visit the integrations section to configure our direct GitLab integration. This gives developers the ability for ignore findings directly in the MR workflow, and for your Security team to review those in Bearer Cloud Dashboard. Setup is done per project with the following steps: + +- Create an access token with the 'api' scope and 'maintainer' role. We recommend using a [project access token](https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html). +- Enter the details for your desired project. +- Behind the scenes we validate the token and automatically create and configure a webhook to capture MR events. +- Open a MR and see bearer results directly in the comments! + ### Local projects Use the `--api-key` flag with the `scan` command: