GitLab CI/CD

OX Security integrates with GitLab CI/CD pipelines to detect vulnerabilities in Docker-based jobs.

To run scans on merge requests before they are merged, you must enable merge request pipelines in your GitLab CI/CD settings.

Prerequisites

Docker support: Your GitLab runners must support Docker and be able to run Docker-based jobs.

Required environment variables

Variable

Description

OX_API_KEY

The OX Security API key.

Optional environment variables

Variable

Description

OX_OVERRIDE_BLOCKING

Set to true to override job failure caused by blocking issues.

OX_TIMEOUT

Maximum duration of the scan, in minutes.

OX_FAIL_ON_TIMEOUT

Set to true to fail the job if a scan times out.

OX_FAIL_ON_ERROR

Set to true to fail the job if a system or network error occurs.

Advanced environment variables

Variable

Description

OX_DISABLE_SSL_VALIDATION

Set to true to disable SSL certificate validation for self-signed certificates in on-premise environments.

Integration example (`.gitlab-ci.yml`)

stages:
  - test

ox_security_scan:
  stage: test
  image: oxsecurity/ox-block-mode:latest
  variables:
    OX_API_KEY: $OX_API_KEY
    # OX_OVERRIDE_BLOCKING: false
    # OX_TIMEOUT: 20
    # OX_FAIL_ON_TIMEOUT: false
    # OX_FAIL_ON_ERROR: false
  script:
    - ox-block-mode
  allow_failure: false

Last updated 4 months ago

Prerequisites

Required environment variables

Optional environment variables

Advanced environment variables

Integration example (.gitlab-ci.yml)

Integration example (`.gitlab-ci.yml`)