Introducing GitLab security scanner integration

Bearer CLI’s CI/CD integration with GitLab is a great way to add security scanning to your projects. We’ve taken things a step further and now support GitLab’s SAST security scanner integration directly in GitLab CI for GitLab Ultimate users. This feature is available in Bearer CLI v1.9.0 and later. See our upgrade guide for your platform. Let’s dive into how it works.

What’s new

Where you could previously generate and download reports from Bearer CLI as part of your CI pipeline in GitLab, now you can receive alerts and view findings directly in GitLab’s security interface, as shown below.

GitLab vulnerability report screenshot

This makes collaborating with team members and triaging findings much easier. In addition, this integration brings the remediation guides found in Bearer CLI’s documentation directly to your GitLab workspace.

GitLab vulnerability report details screenshot

We understand how resource-constrained application and product security teams are. This helps your team resolve issues faster—right within the tools they already use.

 

Get started with GitLab

To use Bearer CLI with GitLab’s security dashboard, your project needs to be part of a GitLab Ultimate plan. If you don’t have an Ultimate plan, you can still generate the report, but you won’t have access to their security dashboard user interface.

Once the security dashboard is enabled on your GitLab account, add Bearer CLI’s details to your .gitlab-ci.yml file.

image:
    name: bearer/bearer
    entrypoint: [ "" ]

bearer:
    script:         
            bearer scan . --format gitlab-sast --output gl-sast-report.json
    artifacts:
        reports:
            sast: gl-sast-report.json

This tells GitLab to use Bearer CLI’s docker image, run a scan on the project directory, and output a report in GitLab’s preferred format. For more information on how to set up the integration, view our CI/CD documentation.

From here, anyone with access can view the SAST vulnerability report by navigating to the “Security and Compliance” section of the repository.

More to come

The GitLab security dashboard integration comes as a direct result of suggestions and feedback from users like you! Using GitHub for your CI/CD? We have a similar integration available for GitHub’s code scanner. Be the first to hear about new Bearer CLI releases by starring the repo on GitHub. We’d love to hear your feedback and how you’re making your applications more secure with Bearer CLI. Let us know in the community discord and on Twitter.