Integrating Invicti Enterprise with GitLab Issues (Issue Tracking)
The GitLab issue tracker is an advanced tool for collaboratively developing ideas, solving problems, and planning work. It can allow you, your team, and your collaborators to share and discuss proposals before, and during, their implementation. It can also be used for a variety of other purposes, customized to your needs and workflow.
This topic explains how to configure Invicti Enterprise to send a detected vulnerability to GitLab Issues, enabling seamless integration between security scanning and collaborative development workflows.
For further information, see What Systems Does Invicti Integrate With? external documentation.
GitLab Issues Fields
This table lists and explains the GitLab fields in the New GitLab Integration window.
| Button/Section/Field | Description |
|---|---|
| Name | This is the name of the configuration that will be shown elsewhere. |
| Mandatory | This section contains fields that must be completed. |
| Access Token | This is the personalized access token of the user. |
| Project ID | This is the project identifier of the issue. |
| Title Format | This is the string format that is used to create the vulnerability title. |
| Optional | This section contains optional fields. |
| On-Premise Base URL | The issue can be sent to on-premise with your base URL. |
| Assignee ID | This is the assignee identifier. |
| Milestone ID | This is the issue milestone id. |
| Weight | This is the value of the weight. It can be set from 0-9. |
| Due Days | This is the number of days from the date the issue was created to the date it's due. |
| Create Sample Issue | Once all relevant fields have been configured, click to create a sample issue. |
How to Integrate Invicti Enterprise with GitLab Issues (Issue Tracking)
Follow these steps to establish the connection between Invicti Enterprise and your GitLab project:
-
Log in to Invicti Enterprise.
-
From the main menu, select Integrations > New Integration.
- From the Issue Tracking Systems section, select GitLab Issues.
-
In the Name field, enter a name for the integration.
-
In the Mandatory section, complete the connection details:
- Access Token
- Project ID
- Title Format
-
Select Create Sample Issue to confirm that Invicti Enterprise can connect to the configured system. A confirmation message is displayed to confirm that the sample issue has been successfully created.
-
In the confirmation message, select the Issue number link to open the issue in your default browser.
-
If the GitLab integration is not configured correctly, Invicti Enterprise will correctly route the following descriptive error messages to you. Sample error messages may be displayed as illustrated:
- If the URL or Access Token was entered incorrectly
- If the Project Id was entered incorrectly
- Select Save to save the integration.
How to Export Reported Vulnerabilities to Projects in GitLab Issues (Issue Tracking)
There are several ways to send issues to GitLab with Invicti Enterprise:
Automatic Issue Submission
Once notifications have been configured, you can configure Invicti Enterprise to automatically send vulnerabilities after scanning has been completed. See How to Configure a Notification to Report Vulnerabilities to an Issue Tracking System external documentation for detailed instructions.
Send Issues from the Issues Window
You can send one or more issues from the Issues window:
- From the main menu, select Issues, then All Issues.
- From the Issues page, select one or more issues you want to send.
- Select Send To > GitLab Issues.
A pop-up is displayed, with a link to the issue you have sent to GitLab. If there is an error, this information will be displayed instead.
Send Issues from the Recent Scans Window
You can send an issue from the Recent Scans window:
- From the main menu, select Scans > Recent Scans.
- Next to the relevant scan, select Report.
- Scroll down to the Technical Report section.
- From the list of detected vulnerabilities, select an issue and display its details.
- Click Send To > GitLab Issues.
If you have previously submitted this vulnerability to GitLab, it will already be accessible. You cannot submit the same issue twice.
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center