search
Book a demo

GitLab Container Registry

Integrate GitLab with OX to centralize security findings alongside container, pipeline, cloud, and runtime signals already in OX.

OX scans GitLab on a schedule and on demand, enriches findings with OX context (application mapping, workflows, and compliance), and presents a unified queue for investigation and reporting.

After you connect, GitLab scan results appear in the Active issues page (use the filter Source tool > GitLab).

hashtag
What OX adds

  • Context and correlation: OX maps findings to applications, services, and teams to show impact and ownership.

  • Prioritization with severity factors: OX may reprioritize scanner severities when exploitability and environment context reduce risk (for example, Critical → High). Severity factors explain why the priority changed.

  • Evidence at a glance: When available, OX displays scanner evidence, file locations, and remediation guidance alongside OX analytics to speed triage.

hashtag
Connection Methods

For general information about connection methods, see Connection methods.

Connect to OX with a GitLab token.

hashtag
Prerequisites

OX

OX permission to configure connectors

GitLab

  • Admin permissions to the GitLab account you want to connect.

hashtag
Connect with username and token

hashtag
Step 1: Create personal access token [GitLab]

  1. Verify that the prerequisites are in place.

  2. Log in to your GitLab account.

  3. From the Profile icon, select Edit Profile.

  4. From the left menu pane, select Personal access tokens.

  5. In Personal access tokens, select Add new token.

  6. On the next screen enter:

    • Token name

    • Expiration date

  7. In Scopes, select:

    • read_user

    • Read_registry

    • Read_api

  8. Scroll down and select Generate token.

  9. From the next screen, copy the token and save it securely. You won’t see it again after this step. Best practice: Store credentials in a secrets manager and set a reminder to rotate them according to your policy.

hashtag
Step 2: Connect OX to GitLab [OX]

  1. Verify that the prerequisites are in place.

  2. In OX, go to Connectors > Registry and select GitLab Container Registry.

  3. Enter the following parameters.

Parameter
Details

GitLab Container Registry Host URL

URL for GitLab cloud or on-premise

Token

GitLab token

  1. Select CONNECT. OX validates the credentials.

  2. In Configure your GitLab credentials, select VERIFY CONNECTIVITY. A green checkmark indicates a successful connection. If verification fails, check your credentials and permissions.

Optional configurations

  • To change the images OX scans and monitors, see the section Change the locations OX scans.

  • To connect more GitLab accounts to the same organization in the OX platform, repeat the process.

  • For information on the OX Broker, see the article OX Broker.

hashtag
Change the locations OX scans

Once you have a connection, you can change the locations that OX scans and monitors.

  1. Use the Gear icon at the bottom of the Configuration screen.

  2. The locations or objects OX scans and monitors display.

  3. Change the selection as needed.

  4. Select SAVE.

Last updated