I need to integrate my security product with Gitlab to control faulty code from getting into production
Is it possible to write a custom plugin for Gitlab pipeline which will launch a scan and get security posture of the project:
- *I am new to Gitlab and don’t know many options. What I see is file hooks and other is Gitlab source code service contributions.
What I am looking for is a configuration UI which will accept my product credentials and build pass/fail criteria if vulnerabilities found.
Then when this task is incorporated in the CI, it will launch scan, get the vuln data and evaluate against configured criteria to pass/fail build. And a report can be generated accordingly.
Is there any mechanism similar to Jenkins/Bamboo plugins which allows extending the functionality in Gitlab?