# Pynt for GitLab ## **What is GitLab?** {% hint style="info" %} 💡 [**GitLab**](https://about.gitlab.com/) is a comprehensive DevOps platform that provides a unified CI/CD solution, enabling teams to plan, develop, and deploy applications seamlessly. GitLab’s built-in CI/CD tools allow for automation, version control, and monitoring. {% endhint %}

*** ## Pynt's integration with GitLab As part of its [API security testing](https://docs.pynt.io/documentation/api-security-testing), Pynt allows seamless [integration](https://docs.pynt.io/documentation/security-testing-integrations/pynt-on-ci-cd) with GitLab. Pynt for GitLab enables you to seamlessly integrate powerful API security testing into your GitLab CI/CD pipelines. By incorporating Pynt into your GitLab workflows, you can automate comprehensive security scans with every build, ensuring that your APIs are protected from vulnerabilities throughout the development process. Pynt’s integration with GitLab is designed to be straightforward, allowing you to enhance your security posture without disrupting your existing CI/CD practices. *** ## GitLab Configuration Copy your [Pynt ID](https://docs.pynt.io/documentation/security-testing-integrations/pynt-on-ci-cd/how-to-get-pynt-id-for-ci-cd-authentication) into a variable in your GitLab variables Settings -> CICD -> Variables

Add Pynt to you workflow, see following example of a job in GitLab workflow that runs Pynt on our goat vulnerable application: ```yaml stages: - security_scan run_pynt: stage: security_scan image: python:3.11 script: # Get and install Pynt Binary - wget https://cdn.pynt.io/binary-release/install.sh - chmod +x install.sh - ./install.sh - cd ~/.pynt/bin/ # Get sample pytest - wget https://raw.githubusercontent.com/pynt-io/pynt/main/goat_functional_tests/goat_functional_test.py - python3 -m pip install --upgrade pip - pip install pytest - pip install requests # Run Pynt on the pytest file - export PYNT_ID=$pyntid - ./pynt command --cmd "python3 -m pytest goat_functional_test.py" --severity-level none artifacts: paths: - ~/.pynt/results expire_in: 1 hour ``` *** ## Controlling the return code from Pynt `pynt newman` and `pynt command` have an optional flag `--severity-level` With this flag, you have granular control over whether Pynt returns an error code (non zero) in the event of findings. Use this flag to control when Pynt will break the CI/CD run, allowed values are: ``` 'all', 'medium', 'high', 'critical', 'none' (default) ``` *** {% hint style="info" %} 💡 **Need Help?** For any questions or troubleshooting, reach out to the [**Pynt Community Support**](https://www.pynt.io/community). {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.pynt.io/documentation/security-testing-integrations/pynt-on-ci-cd/pynt-for-gitlab.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.