From a19fb82f191d5f15ad1d00a4ae91e28c2eb667a4 Mon Sep 17 00:00:00 2001
From: gotbadger
Date: Wed, 10 Jan 2024 14:17:50 +0000
Subject: [PATCH 1/2] docs: update gitlab cloud example to do diffscan on mr
---
docs/_data/examples/ci/gitlab/cloud.yaml | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/docs/_data/examples/ci/gitlab/cloud.yaml b/docs/_data/examples/ci/gitlab/cloud.yaml
index 60f04c202..b655b8eb1 100644
--- a/docs/_data/examples/ci/gitlab/cloud.yaml
+++ b/docs/_data/examples/ci/gitlab/cloud.yaml
@@ -1,5 +1,11 @@
-bearer:
+bearer_cloud:
+ stage: bearer
image:
name: bearer/bearer
entrypoint: [""]
+ rules:
+ - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
+ - if: $CI_PIPELINE_SOURCE == "merge_request_event"
+ variables:
+ BEARER_DIFF: 1
script: bearer scan . --api-key=$BEARER_TOKEN
From 88d1056da20419f351aa4362055bbd315728741f Mon Sep 17 00:00:00 2001
From: gotbadger
Date: Tue, 16 Jan 2024 15:56:36 +0000
Subject: [PATCH 2/2] docs: update gitlab cloud docs
---
docs/_data/examples/ci/gitlab/cloud.yaml | 1 -
docs/guides/bearer-cloud.md | 9 +++++++++
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/docs/_data/examples/ci/gitlab/cloud.yaml b/docs/_data/examples/ci/gitlab/cloud.yaml
index b655b8eb1..69106b9a5 100644
--- a/docs/_data/examples/ci/gitlab/cloud.yaml
+++ b/docs/_data/examples/ci/gitlab/cloud.yaml
@@ -1,5 +1,4 @@
bearer_cloud:
- stage: bearer
image:
name: bearer/bearer
entrypoint: [""]
diff --git a/docs/guides/bearer-cloud.md b/docs/guides/bearer-cloud.md
index 0da274f31..ed97182e6 100644
--- a/docs/guides/bearer-cloud.md
+++ b/docs/guides/bearer-cloud.md
@@ -44,6 +44,15 @@ Set up the [GitLab CI/CD configuration](/guides/gitlab), then adjust your settin
We recommend using [GitLab's CI/CD variables](https://docs.gitlab.com/ee/ci/variables/) to protect your token. In the example above, the variable is named `BEARER_TOKEN`.
+#### Enhanced Integration
+
+Once the above is configured and your first scan is complete, visit the integrations section to configure our direct GitLab integration. This gives developers the ability to ignore findings directly in the MR workflow, and for your Security team to review those in the Bearer Cloud Dashboard. Setup is done per project with the following steps:
+
+- Create an access token with the ‘api’ scope and ‘maintainer’ role. We recommend using a [project access token](https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html).
+- Enter the details for your desired project.
+- Behind the scenes, we validate the token and automatically create and configure a webhook to capture MR events.
+- Open an MR and see bearer findings directly in the comments!
+
### Local projects
Use the `--api-key` flag with the `scan` command: