Scanning code repositories
Scan YAML files for misconfigurations in your local or remote repositories, and then use ARMO Platform to visualize the scan results and to access suggested remediation steps more intuitively.
The following vendors are supported:
- GitHub
- GitLab
- Azure
- BitBucket
ARMO Platform also offers integrations with some of these vendors.
Add a repository
-
Open the Repository Scanning page and click on Get started with repository scanning. Alternatively, navigate to Settings > Code Repositories, and click Add Repo.
-
Select your operating system, and then copy and paste the code in a terminal connected to the repository.
-
After the script has run successfully, click I ran the script.
-
Replace
REPOSITORY_LOCATION
with your repository's remote URL or local path, and then copy and paste the code in the same terminal. -
Click Verify installation.
Add a private repository
We also support private repositories by using an environment variable to set the authorization token for the scanner.
GitHub
- Generate a GitHub token.
- Run the following command and use the generated token instead of my-access-token:
export GITHUB_TOKEN=my-access-token
set GITHUB_TOKEN=my-access-token
GitLab
- Generate a GitLab token.
- Run one of the following commands and use your token instead of my-access-token:
export GITLAB_TOKEN=my-access-token
set set GITLAB_TOKEN=my-access-token
Azure
- Generate an Azure token.
- Run one of the following commands and use your token instead of my-access-token:
export AZURE_TOKEN=my-access-token
set AZURE_TOKEN=my-access-token
BitBucket
- Generate a BitBucket token.
- Run one of the following commands and use your token instead of my-access-token:
export BITBUCKET_TOKEN=my-access-token
set BITBUCKET_TOKEN=my-access-token
Remove a repo
- Navigate to Settings, and then click Code Repositories.
- On the repository you want to remove, click More, and then click Delete.
Updated about 1 year ago