You must have access to a DefectDojo server and set `DEFECTDOJO_SERVER_URL` variable according to this server's URL. This server must be configured to allow "Login with Gitlab" for the Gitlab which hosts your projects.
You must have access to a DefectDojo server and set `DEFECTDOJO_SERVER_URL` variable according to this server's URL. This server must be configured to allow "Login with GitLab" for the GitLab which hosts your projects.
### Login with Gitlab, include template and define variables in your project
### Login with GitLab, include template and define variables in your project
The initial mandatory step for a developer is to click on "Login with Gitlab" button on login page (see [dedicated section](#first-connection-to-defectdojo)) in order to retrieve his DefectDojo API v2 key.
The initial mandatory step for a developer is to click on "Login with GitLab" button on login page (see [dedicated section](#first-connection-to-defectdojo)) in order to retrieve his DefectDojo API v2 key.
All GitLab projects you are developer / maintainer / owner of will be automatically imported into DefectDojo dashboard. The name of the DefectDojo product will be set to the `CI_PROJECT_PATH` variable of the GitLab project.
@@ -92,9 +92,9 @@ Depending on the security tools you launch, and their configuration, you may hav
## First connection to DefectDojo
Connect to the DefectDojo server and click on "Login with Gitlab". You will be redirected to the Gitlab login screen. Once logged in, you will be presented with a consent screen where you can accept to share your information with DefectDojo. DefectDojo will then automatically create a DefectDojo Product for each Gitlab project in which you have either owner or maintainer role.
Connect to the DefectDojo server and click on "Login with GitLab". You will be redirected to the GitLab login screen. Once logged in, you will be presented with a consent screen where you can accept to share your information with DefectDojo. DefectDojo will then automatically create a DefectDojo Product for each GitLab project in which you have either owner or maintainer role.
:warning: Synchronization between your Gitlab projects and your DefectDojo products occurs only each time you "login with Gitlab". Therefore, if you have a new Gitlab project, or if you leave a Gitlab project, you need to login to DefectDojo once again.
:warning: Synchronization between your GitLab projects and your DefectDojo products occurs only each time you "login with GitLab". Therefore, if you have a new GitLab project, or if you leave a GitLab project, you need to login to DefectDojo once again.
Once logged into DefectDojo for the first time, retrieve your API v2 key by clicking on the user logo in the top-right corner. Store this API key into a variable named `DEFECTDOJO_API_KEY`.
