Mobb can be integrated into any CI/CD platform of your choice. In this guide, the process of integration with GitLab Pipeline will be demonstrated.
After logging into Mobb, select the last option in the menu: “Connect Mobb to Your Workflow”.
To run Mobb within GitLab, select “GitLab”.
You will be presented with a sample GitLab yaml script that you can use within a GitLab pipeline. This particular example uses Checkmarx as the SAST scanner, however, you may want to modify the script to use the SAST tool of your choice. \
# This example utilizes Mobb with Checkmarx via GitLab CI/CD pipelinesimage:name:"node:latest"stages: - checkmarx-sast-scan - mobb-autofixerworkflow:# Run on every merge requestrules: - if:$CI_PIPELINE_SOURCE == 'merge_request_event' - if:$CI_PIPELINE_SOURCE == 'web'checkmarx-sast-scan-job:stage:checkmarx-sast-scantags: - saas-linux-medium-amd64script: - wget https://github.com/Checkmarx/ast-cli/releases/download/2.0.61/ast-cli_2.0.61_linux_x64.tar.gz -O checkmarx.tar.gz
- tar -xf checkmarx.tar.gz - ./cx configure set --prop-name cx_apikey --prop-value $CX_API_KEY - ./cx configure set --prop-name cx_base_auth_uri --prop-value $CX_BASE_AUTH_URI - ./cx configure set --prop-name cx_base_uri --prop-value $CX_BASE_URI - ./cx configure set --prop-name cx_tenant --prop-value $CX_TENANT - ./cx scan create --project-name "My-Sample-Project" -s ./ --report-format json --scan-types sast --branch nobranch --threshold "sast-high=1"
artifacts:paths: - "*.json"when:alwaysmobb-autofixer-job:stage:mobb-autofixertags: - saas-linux-medium-amd64script: - npx mobbdev@latest analyze -f cx_result.json -r $CI_PROJECT_URL --ref $CI_COMMIT_REF_NAME --api-key $MOBB_API_KEYwhen:on_failure# Run Mobb only if there's a finding to fix
For a demonstration of how this integration works, you can visit the following YouTube video:
You can find the GitLab sample integration used in the video here.
