Aikido's integration with GitLab CI allows you to flag or block risky code from being merged. Our CI scans target IaC, SAST, and dependency issues.

If you're on the Aikido Pro plan, you can also use this integration for CI Gating.

Step 1. Go to our CI integrations page

Step 2. Generate a new authentication token and make sure to copy it.

Step 3. Click GitLab CI

By clicking on "GitLab CI" you will be redirected to the GitLab repo hosting the code to run the action, in the Readme, we give a few examples on how you can integrate the action into your pipeline.

​As a final step, you need to make the authentication token available to the CI runner in GitLab.

First, you need to go to your group's Settings page and then navigate to the CI/CD sub-page.

Click on 'Expand' next to variables and click on 'Add variable'. You can then add the authentication with the following configuration:
​

Paste the authentication token you copied in the previous step in the 'value' box and click on 'Add variable'.
​

Note: it's important to uncheck the 'Protect variable' checkbox, as that will prevent the variable from being available on branches which do not have deletion protection (which would be often the case for CI checks).

Note. Ensure that the repository you're scanning is part of the GitLab group that's linked with Aikido.

In case of any questions, you can always contact support for more information.