IntegratingdotTEST with Integrating dotTEST with GitLab allows you to review the results reported bydotTEST in by dotTEST in GitLab.
To integrate with GitLab, modify your GitLab workflow to include a job that will:
rundotTESTrun dotTEST.
- upload the results in the GitLab-specific SAST format.
- upload the reports in other formats (XML, HTML, etc.).
To ensure that the result are displayed, you must properly configure analysis withdotTEST with dotTEST. In particular, you must be sure to configure : the SAST report format.
...
thedotTEST setting that includes source control information in the report (report.scontrol=min
or report.scontrol=full
).
...
When the workflow executes, you can review the results in the Security tab of the GitLab pipeline and on GitLab's Vulnerability Report.
...