Aikido CI Gating Functionality

Introduction

CI gating is available for all of Aikido's CI integrations. With Aikido's CI Gating feature you can scan your feature branches for known vulnerabilities in open-source software packages (CVE), IaC, Secrets and SAST. We also support malware scanning and checking third party-packages/licenses for legal risk.

PR gating is mostly supported via native integrations. Release gating can be done with our CLI tool

How does it work

Setup configuration via Aikido dashboard or via Code

Aikido supports 1-click configuration and management for GitHub, Gitlab, Bitbucket and Azure accounts via our Aikido dashboard. We recommend using this functionality as it allows for easy configuration, better overview and does not use CI minutes.

You can also set up CI gating via code for GitLab and Bitbucket Pipes. If your integration is not in the list, you can still integrate by using our Public CI API.

Checking results

After running inside of your CI, Aikido will display a link with the scan results for this specific branch. Given we scan the specific branch (and not the entire repo again), Aikido tells you about both fixed and newly introduced issues for this specific change.

If Aikido detects an issue is fixed inside of a feature branch, it will be marked inside of Aikido's feed as "PR open", so you can easily verify an issue will be fixed even before merging a feature branch.

Bypassing a failed state

In case you would like to bypass a failed state, this is possible by ignoring the issues that caused the CI gate to fail. You can do this by clicking the issue and in the top right Actions menu select Ignore or Snooze. This issue will then be ignored/snoozed in any future branches in your CI.

Only users that have the permission to snooze or ignore issues can bypass the CI gate.

Allowing IP addresses for DAST & Surface monitoring

CI Scan History Overview