Scanning code repositories

Scan YAML files for misconfigurations in your local or remote repositories, and then use ARMO Platform to visualize the scan results and to access suggested remediation steps more intuitively.

The following vendors are supported:

GitHub
GitLab
Azure
BitBucket

ARMO Platform also offers integrations with some of these vendors.

Add a repository

Open the Repository Scanning page and click on Get started with repository scanning. Alternatively, navigate to Settings > Code Repositories, and click Add Repo.
Select your operating system, and then copy and paste the code in a terminal connected to the repository.
After the script has run successfully, click I ran the script.
Replace REPOSITORY_LOCATION with your repository's remote URL or local path, and then copy and paste the code in the same terminal.
Click Verify installation.

Add a private repository

We also support private repositories by using an environment variable to set the authorization token for the scanner.

GitHub

Generate a GitHub token.
Run the following command and use the generated token instead of my-access-token:
```
export GITHUB_TOKEN=my-access-token  
```
```
set GITHUB_TOKEN=my-access-token
```

GitLab

Generate a GitLab token.
Run one of the following commands and use your token instead of my-access-token:
```
export GITLAB_TOKEN=my-access-token   
```
```
set set GITLAB_TOKEN=my-access-token  
```

Azure

Generate an Azure token.
Run one of the following commands and use your token instead of my-access-token:
```
export AZURE_TOKEN=my-access-token    
```
```
set AZURE_TOKEN=my-access-token
```

BitBucket

Generate a BitBucket token.
Run one of the following commands and use your token instead of my-access-token:
```
export BITBUCKET_TOKEN=my-access-token  
```
```
set BITBUCKET_TOKEN=my-access-token
```

Remove a repo

Navigate to Settings, and then click Code Repositories.
On the repository you want to remove, click More, and then click Delete.