APIAikido login

AutoFix for GitLab Self Managed

Introduction

Aikdo Autofix is a tool you can use to have Aikido fix vulnerabilities in 3rd party dependencies in your projects. It will do this by creating pull requests that remove the vulnerability via package updates or by other means. In some cases an Aikido Autofix can remove a whole class of vulnerabilities instead of just 1 issue.

Setup Autofix for GitLab Self Managed

By default, Aikido only has read access on your Gitlab Self Managed instance. To use Aikido Autofix a separate access token with write access is required.

Step 1. Enable Autofix on the Autofix Settings page or go to Autofix Page and click on Enable Autofix.

Step 2. Click Authorize, and you will see this modal:

Prompt for entering a GitLab personal access token for Aikido autofix integration.

Step 3. Head over to your Self Managed Gitlab account. Click on your personal account icon top left and go to preferences.

User profile dropdown menu with options for status, profile, preferences, and sign out.

Step 4. In the sidebar, select Access Token. Then click the "Add new token"-button

GitLab Access Tokens page for managing active personal access tokens and their permissions.

Step 5. Name the token 'Aikido Autofix' and add the following permissions: api & write_repository

Creating a GitLab personal access token with API and repository write permissions.

Step 6. Copy the newly created token and paste it into the modal in Aikido.

Personal access token generated; copy and save it now, as it won't be shown again.
GitLab personal access token entry for API read and write permissions.

Step 7. Click save and you are all set. You will now be able to execute autofix PRs from the Autofix page or from the action menu for subissues in the sidebar.

Last updated

Was this helpful?