diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-23 03:09:21 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-23 03:09:21 +0000 |
| commit | 5b51129e3356a12283f0ba2da15db897ee30cf1a (patch) | |
| tree | 81aab0c51c265782c093da49f089908761d5426d /doc/development/integrations | |
| parent | 71da67f3262eeffe59cc228986e0a2bb97b6dba5 (diff) | |
| download | gitlab-ce-5b51129e3356a12283f0ba2da15db897ee30cf1a.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'doc/development/integrations')
| -rw-r--r-- | doc/development/integrations/secure_partner_integration.md | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/doc/development/integrations/secure_partner_integration.md b/doc/development/integrations/secure_partner_integration.md index 9991ee57257..d8badda4125 100644 --- a/doc/development/integrations/secure_partner_integration.md +++ b/doc/development/integrations/secure_partner_integration.md @@ -1,6 +1,6 @@ # Secure Partner Integration - Onboarding Process -If you want to integrate your product with the [Secure Stage](https://about.gitlab.com/direction/secure), +If you want to integrate your product with the [Secure Stage](https://about.gitlab.com/direction/secure/), this page will help you understand the developer workflow GitLab intends for our users to follow with regards to security results. These should be used as guidelines so you can build an integration that fits with the workflow GitLab @@ -56,12 +56,12 @@ best place to integrate your own product and its results into GitLab. This section describes the steps you need to complete to onboard as a partner and complete an intgration with the Secure stage. -1. Read about our [partnerships](https://about.gitlab.com/partners/integrate/index.md). +1. Read about our [partnerships](https://about.gitlab.com/partners/integrate/). 1. [Create an issue](https://gitlab.com/gitlab-com/alliances/alliances/issues/new?issuable_template=new_partner) using our new partner issue template to begin the discussion. 1. Get a test account to begin developing your integration. You can - request a [GitLab.com Gold Subscription Sandbox](https://about.gitlab.com/partners/integrate/index.md#gitlabcom-gold-subscription-sandbox-request) - or an [EE Developer License](https://about.gitlab.com/partners/integrate/index.md#requesting-ee-dev-license-for-rd). + request a [GitLab.com Gold Subscription Sandbox](https://about.gitlab.com/partners/integrate/#gitlabcom-gold-subscription-sandbox-request) + or an [EE Developer License](https://about.gitlab.com/partners/integrate/#requesting-ee-dev-license-for-rd). 1. Provide a [pipeline job](../../development/pipelines.md) template that users could integrate into their own GitLab pipelines. 1. Create a report artifact with your pipeline jobs. @@ -72,12 +72,12 @@ and complete an intgration with the Secure stage. - Read about [job artifacts](../../user/project/pipelines/job_artifacts.md). - Your report artifact must be in one of our currently supported formats. For more information, see the [documentation on reports](secure.md#report). - - Documentation for [SAST reports](../../user/application_security/sast/index.md#reports-json-format). - - Documentation for [Dependency Scanning reports](../../user/application_security/dependency_scanning/index.md#reports-json-format). - - Documentation for [Container Scanning reports](../../user/application_security/container_scanning/index.md#reports-json-format). - - See this [example secure job definition that also defines the artifact created](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml). - - If you need a new kind of scan or report, [create an issue](https://gitlab.com/gitlab-org/gitlab/issues/new#) - and add the label `devops::secure`. + - Documentation for [SAST reports](../../user/application_security/sast/index.md#reports-json-format). + - Documentation for [Dependency Scanning reports](../../user/application_security/dependency_scanning/index.md#reports-json-format). + - Documentation for [Container Scanning reports](../../user/application_security/container_scanning/index.md#reports-json-format). + - See this [example secure job definition that also defines the artifact created](https://gitlab.com/gitlab-org/gitlab/blob/master/lib/gitlab/ci/templates/Security/Container-Scanning.gitlab-ci.yml). + - If you need a new kind of scan or report, [create an issue](https://gitlab.com/gitlab-org/gitlab/issues/new#) + and add the label `devops::secure`. - Once the job is completed, the data can be seen: - In the [Merge Request Security Report](../../user/project/merge_requests/index.md#security-reports-ultimate) ([MR Security Report data flow](https://gitlab.com/snippets/1910005#merge-request-view)). - While [browsing a Job Artifact](../../user/project/pipelines/job_artifacts.md). @@ -87,17 +87,17 @@ and complete an intgration with the Secure stage. - To automatically create issues without user interaction, use the [issue API](../../api/issues.md). This will be replaced by [Standalone Vulnerabilities](https://gitlab.com/groups/gitlab-org/-/epics/634) in the future. 1. Optional: Provide auto-remediation steps: - If you specified `remediations` in your artifact, it is proposed through our [auto-remediation](../../user/application_security/index.md#solutions-for-vulnerabilities-auto-remediation) - interface. + interface. 1. Demo the integration to GitLab: - After you have tested and are ready to demo your integration please - [reach out](https://about.gitlab.com/partners/integrate/index.md) to us. If you - skip this step you won’t be able to do supported marketing. + [reach out](https://about.gitlab.com/partners/integrate/) to us. If you + skip this step you won’t be able to do supported marketing. 1. Begin doing supported marketing of your GitLab integration. - - Work with our [partner team](https://about.gitlab.com/partners/integrate/index.md) - to support your go-to-market as appropriate. - - Examples of supported marketing could include being listed on our [Security Partner page](https://about.gitlab.com/partners/index.md#security), - doing an [Unfiltered blog post](https://about.gitlab.com/handbook/marketing/blog/unfiltered/index.md), - doing a co-branded webinar, or producing a co-branded whitepaper. + - Work with our [partner team](https://about.gitlab.com/partners/integrate/) + to support your go-to-market as appropriate. + - Examples of supported marketing could include being listed on our [Security Partner page](https://about.gitlab.com/partners/#security), + doing an [Unfiltered blog post](https://about.gitlab.com/handbook/marketing/blog/unfiltered/), + doing a co-branded webinar, or producing a co-branded whitepaper. If you have any issues while working through your integration or the steps above, please create an issue to discuss with us further. |