APIAikido login

Gitlab Self Managed Container Registry

You can now integrate your Gitlab Self Managed Container Registry with Aikido to scan your containers for known vulnerabilities.

Follow the simple steps below to activate this feature:

Step 1: Log into your Gitlab account to gather some data.

We'll have to gather your username (see screenshot)

User profile menu showing name, username, and status option on a web app interface.

Step 2: Copy the group ID where the container registry resides (see screenshot)

Organization profile showing name, privacy status, free plan, and group ID.

Step 3: Under personal preferences, Access tokens, create a new token for Aikido (direct link: ). https://gitlab.com/-/profile/personal_access_tokens

The scopes included must be: read_api, read_registry

See screenshot:

Form for creating a personal access token with selectable scopes and expiration date.

Step 4: Enter the collected data in Aikido (direct link: https://app.aikido.dev/settings/container-image-registry/add/gitlab-self)

Form to connect GitLab self-hosted container image registry with required credentials.

Step 5: Aikido will now find all container repositories you can access and list them.

Step 6: Repositories can be linked to a code repository in order to perform better deduplication of findings. This step is optional!

Step 7: In the action menu next to the registry, click 'scan repos in registry' to get started. Results will appear in the Feed!

Last updated

Was this helpful?