Gitlab Self Managed Container Registry

You can integrate your Gitlab Self Managed Container Registry with Aikido to scan your containers for known vulnerabilities.

Follow the simple steps below to activate this feature:

Step 1: Log into your Gitlab account to gather some data.

We'll have to gather your username (see screenshot)

Step 2: Copy the group ID where the container registry resides (see screenshot)

Step 3: Go to Personal Preferences >> Access tokens, and create a new personal access token for Aikido (direct link). Make sure to set the correct scopes: read_api, read_registry

Make sure to create a Personal Access Token, and not an Impersonation Token.

Step 4: Enter the collected data in Aikido (direct link: https://app.aikido.dev/settings/container-image-registry/add/gitlab-self)

Step 5: Aikido will now find all container repositories you can access and list them.

Step 6: Repositories can be linked to a code repository in order to perform better deduplication of findings. This step is optional!

Step 7: In the action menu next to the registry, click 'scan repos in registry' to get started. Results will appear in the Feed!

Last updated 21 days ago

Was this helpful?