GitLab CI/CD Integration
Integrate Threatspy with GitLab CI/CD to automatically trigger security scans during your CI/CD pipeline. This enables continuous security testing of your web applications and APIs, helping identify vulnerabilities early in the development lifecycle.
Prerequisites
Before you begin, ensure you have:
- A Threatspy account with an active subscription or trial.
- An application already created in Threatspy.
- A valid Threatspy API Key.
- The Application ID of the application you want to scan.
- Your registered Threatspy email address.
- A GitLab repository with CI/CD enabled.
Step 1: Generate Threatspy Credentials
Log in to your Threatspy dashboard and collect the following credentials.
| Credential | Description |
|---|---|
| API Key | Used to authenticate API requests to Threatspy. |
| Application ID | Unique identifier of the application to be scanned. |
| User Email | Registered email address associated with your Threatspy account. |
> Note: Keep your API Key confidential and never expose it in your source code.
Step 2: Configure GitLab CI/CD Variables
In your GitLab project, navigate to:
Project → Settings → CI/CD → Variables
Create the following CI/CD variables:
| Variable Name | Description |
|---|---|
| `THREATSPY_API_KEY` | Your Threatspy API Key |
| `THREATSPY_APP_ID` | Your Threatspy Application ID |
| `THREATSPY_USER_EMAIL` | Your registered Threatspy email address |
For enhanced security, enable the following options for sensitive variables:
- ✅ Masked
- ✅ Protected
Step 3: Configure the Pipeline
Open your project's `.gitlab-ci.yml` file and add the following job.
security_scan:
stage: test
script:
- |
curl -X POST https://api.threatspy.secureblink.com/start-scan \
-H "x-api-key: $THREATSPY_API_KEY" \
-H "x-app-id: $THREATSPY_APP_ID" \
-H "email: $THREATSPY_USER_EMAIL" \
-H "Content-Type: application/json"This job initiates a Threatspy security scan whenever the pipeline reaches the test stage.
Step 4: Commit and Push Changes
Commit the updated pipeline configuration and push it to your repository.
git add .gitlab-ci.yml
git commit -m "Add Threatspy security scan"
git push origin mainPushing the changes will automatically trigger a new GitLab pipeline.
Step 5: Verify Pipeline Execution
After the pipeline starts:
- Navigate to CI/CD → Pipelines in your GitLab project.
- Open the latest pipeline execution.
- Verify that the security_scan job has started successfully.
- Ensure the job completes without any errors.
Once completed successfully, the security scan request will be submitted to Threatspy for processing.