🔘Pynt for GitLab

Integrate Pynt with GitLab for automated API security testing. Enhance your CI/CD pipeline by adding Pynt’s robust security scans to your GitLab workflows.

What is GitLab?

💡 GitLab is a comprehensive DevOps platform that provides a unified CI/CD solution, enabling teams to plan, develop, and deploy applications seamlessly. GitLab’s built-in CI/CD tools allow for automation, version control, and monitoring.

Pynt's integration with GitLab

As part of its API security testing, Pynt allows seamless integration with GitLab.

Pynt for GitLab enables you to seamlessly integrate powerful API security testing into your GitLab CI/CD pipelines. By incorporating Pynt into your GitLab workflows, you can automate comprehensive security scans with every build, ensuring that your APIs are protected from vulnerabilities throughout the development process. Pynt’s integration with GitLab is designed to be straightforward, allowing you to enhance your security posture without disrupting your existing CI/CD practices.

GitLab Configuration

Copy your Pynt ID into a variable in your GitLab variables

Settings -> CICD -> Variables

Add Pynt to you workflow, see following example of a job in GitLab workflow that runs Pynt on our goat vulnerable application:

stages:
  - pynt
  
pynt-api-security:
  # Use the official docker image.
  image: docker
  stage: pynt
  services:
    - docker:dind
  before_script:
    - apk add --update curl && rm -rf /var/cache/apk/*
    - apk add --update python3
    - apk add py3-pip
  
  variables:
    SHARED_PATH: /builds/shared/$CI_PROJECT_PATH
  
  script:
    # create shared folder
    - mkdir -p ${SHARED_PATH}
    # pynt should run from ${SHARED_PATH} context. 
    - cd ${SHARED_PATH}
    # set $PYNT_CREDENTIALS environment variable
    - export PYNT_ID=$pyntid
    # get collection to test
    - curl https://raw.githubusercontent.com/pynt-io/pynt/main/goat_functional_tests/goat.postman_collection.json --output goat.json
    # install pyntcli
    - python3 -m venv venv
    - source venv/bin/activate
    - pip install pyntcli
    # run pynt security scan against goat.json collection
    - pynt newman --collection ${SHARED_PATH}/goat.json --reporters --return-error=errors-only
    # results both html and json will be created at ${SHARED_PATH}: ${SHARED_PATH}/pynt_results.json, ${SHARED_PATH}/pynt_results.html
    - cat ${SHARED_PATH}/pynt_results.json

Controlling the return code from Pynt

pynt newman and pynt command have an optional flag --return-error

With this flag, you have granular control over whether Pynt returns an error code (non zero) in the event of findings. Use this flag to control when Pynt will break the CI/CD run, allowed values are:

'all-findings' (warnings or errors),
'errors-only',
'never' (default)

💡 Need Help? For any questions or troubleshooting, reach out to the Pynt Community Support.

PreviousPynt for Azure DevOps PipelinesNextPynt for Jenkins

Last updated