Introduction
Multi-branch scanning in Aikido allows developers to maintain high-security standards across multiple branches of a specific repository. You can add as many branches as you want.
Use Cases
This functionality is useful when you have an old legacy branches that needs nightly scanning (eg branch V3, branch V4), that live in parallel, and you want to scan both as separate projects, even though they are in the same repository.
If you want to integrate AIkido in your CI/CD pipeline/set up CI gating, check out our CI Integrations.
Prerequisites
For Bitbucket and GitHub connect repositories only. For GitLab, contact us.
Multi-branch scanning needs to be enabled for your account.
Adding multiple branches
Step 1: Navigate to your repository's detail page and click on the current branch name (often tagged master). This action will open a modal window.
Step 2: Click 'Scan multiple branches.’
Step 3: Enter the name of the branch you wish to add to the scanning process.
Result: Aikido clones the specified repo and scans the repository nightly, or you can trigger a scan manually for instant results. A label will appear next to the cloned repo so you know which repo contains which branch that is being scanned.
Looking to scan more than 2 branches? You can go into any of the repositories and go through this process again.
Note: It's important to note that secret scanning is conducted only on the initial repository. This is because the secret scanning feature is designed to automatically cover all branches by default.