GitGuardian CI/CD integration with GitLab pipeline is performed through our CLI application gg-shield. gg-shield is a wrapper around GitGuardian API for secrets detection that requires an API key to work.
- Create an API key within the API section of your GitGuardian workspace.
- Add this API key to the
GITGUARDIAN_API_KEYenvironment variable in your project settings.
- Add a new step using gg-shield to your GitLab project's pipeline.
stages: - scanning 🦉 gitguardian scan: image: gitguardian/ggshield:latest stage: scanning script: ggshield scan ci
You may be interested in using GitGuardian's GitLab integration to ensure full coverage of your GitLab projects as well as full git history scans and reporting.