Eureka
Eureka

GitLab

Follow the step-by-step instructions below to set up the Radar CLI in your GitLab pipeline.

Prerequisites

Before configuring your GitLab pipeline, ensure you have:

Required

  • Credential Token: Created in Credentials
    • You'll need this for the EUREKA_AGENT_TOKEN variable

Optional

  • Any scanner API credential/token for scanners that require them

Step by step instructions

  1. Log in to GitLab.

  2. Navigate to the desired project to integrate the Radar CLI with.

  3. Navigate to SettingsCI/CD in the left sidebar.

  4. Select the Variables dropdown.

  5. Navigate to the Project variables section of the Variables dropdown.

  6. Select the Add variable button to add the following variables:

    Required Variables

    Add the following credentials created in the prerequisites:

    Variable NameValueDescription
    EUREKA_AGENT_TOKENYour tokenAuthentication token for uploading scan results to Eureka
    Optional Scanner Variables

    See below for optional variables associated with scanners you may be using:

    Veracode
    Variable NameValueDescription
    SRCCLR_API_TOKENYour SCA tokenVeracode Source Clear (SCA) API token
    VERACODE_API_KEY_IDYour API key IDVeracode Static Analysis API key ID
    VERACODE_API_KEY_SECRETYour API secretVeracode Static Analysis API key secret

    💡 Click the Masked and hidden option to keep sensitive variables secure.

    📚 For more information on adding variables to GitLab, see the official documentation: GitLab CI/CD Variables

  7. After successfully adding the project variables:

    • If you do not have an existing Gitlab pipeline yaml, create a new .gitlab-ci.yml file in the root of your repository.
    • If you have an existing .gitlab-ci.yml, open it.

  8. Add the following code to your new or existing gitlab-ci.yml file:

    image: node:22

stages:
  - scan

radar_scan:
  stage: scan
  services:
    - docker:dind
  variables:
    DOCKER_HOST: tcp://docker:2375
  before_script:
    - apt-get update && apt-get install -y docker.io
  script:
    - npm i -g @eurekadevsecops/radar
    - radar scan

  9. Commit and push the changes to your .gitlab-ci.yml file. The Radar CLI is now integrated into your pipeline and will automatically run when triggered for the configured branch.

  10. Navigate to CI/CD → Jobs in the left sidebar to view your pipeline jobs.

  11. View the job running for the new or existing .gitlab-ci.yml commit.

  12. Once the job is completed, check the Eureka Web Application for your scan results.

Prev
BitBucket