Configure your GitLab Repository

SourceClear Software Composition Analysis

Procedure

  1. To scan using SourceClear, add the following to the after_script step in your .gitlab-ci.yml file:
    after_script:
        - curl -sSL https://download.sourceclear.com/ci.sh | bash
    
  2. Commit the change to start a build for your repository.

Results

SourceClear performs a scan, displaying results to your SourceClear environment.

What to do next

If you want to add SourceClear scanning to other repositories, add the installation and scan code above to any .gitlab-ci.yml files you want to scan, as well as the SRCCLR_API_TOKEN environment variable and you can perform scans on each new build.