Configure Mend for GitLab Server Repos for IaC
Overview
Mend for GitLab Server Repos offers several parameters to configure your IaC scans, checks, and issues.
Getting it Done
Note: IaC scans can only be performed on base branches.
Configuration at the local repository level is done via the .whitesource file. To set up your configuration file for IaC scans, see the Parameters section provided in this documentation. Below is an example of fine-tuning an IaC scan within a repository’s .whitesource file:
{
"scanSettings": {
"enableIaC": true,
"baseBranches": ["integration"]
},
"checkRunSettings": {
"useMendCheckNames": true
}
}
Note: For global configuration, parameters are set via the repo-config.json file. See our Set up a global configuration Mend for GitLab Server documentation for more information.
Reference
Parameters
Scan Settings (scanSettings
)
Parameter | Type | Description |
---|---|---|
enableIaC | Boolean | When enabled, a new Mend IaC Check will be generated for each valid push. This will scan cloud infrastructure configurations to find misconfigurations before they are deployed, and alert on these via the creation of a Work item. NOTES:
|
baseBranches | Array | Optional. Default Value: Example usage:
CODE
This will set both Note: For each specified branch, a Mend project will be created. The name of the project will contain a suffix "_branchname". For example, MyApp_dev. This suffix will not apply to the default branch. |
Status Name Settings
Parameter | Type | Description |
---|---|---|
useMendStatusNames | Boolean | Optional. Default Value:
Note: When a .whitesource file is created, the value of useMendCheckNames is |
Supported Environments
The following IaC environments and their configuration files are supported:
Terraform
Bicep
CloudFormation
Kubernetes
ARM Templates
Serverless
Helm