Skip to main content
Setting up CI Integrations
Aikido CI Gating Functionality

Aikido CI Gating Functionality

Introduction

CI gating is available for all of Aikido's CI integrations. With Aikido's CI Gating feature you can scan your feature branches for known vulnerabilities in open-source software packages (CVE), IaC and SAST.

Aikido currently supports PR gating and Release Gating (local scanners only).

How does it work

Setup configuration via Aikido dashboard or via Code

Aikido supports 1-click configuration and management for GitHub and Azure accounts via our Aikido dashboard. We recommend using this functionality as it allows for easy configuration, better overview and does not use CI minutes.

You can also set up CI gating via code via GitHub Actions, Azure Pipelines, GitLab and Bitbucket Pipes. If your integration is not in the list, you can still integrate by using our Public CI API.

Checking results

After running inside of your CI, Aikido will display a link with the scan results for this specific branch. Given we scan the specific branch (and not the entire repo again), Aikido tells you about both fixed and newly introduced issues for this specific change.

If Aikido detects an issue is fixed inside of a feature branch, it will be marked inside of Aikido's feed as "PR open", so you can easily verify an issue will be fixed even before merging a feature branch.

Bypassing a failed state

In case you would like to bypass a failed state, this is possible by ignoring the issues that caused the CI gate to fail. You can do this by clicking the issue and in the top right Actions menu select Ignore/or snooze.

Only users that have the permission to snooze or ignore issues can bypass the CI gate.