Enable OAuth
Role required: User Manager
You can connect Fluid Attacks' platform to your account on the code repository hosting providers GitLab, GitHub, Bitbucket and Azure via OAuth (Open Authorization). Allowing this connection, you authorize Fluid Attacks to access the repositories there to clone them without you sharing your credentials with Fluid Attacks.
The following is a step-by-step example of using OAuth for Fluid Attacks to access your GitLab repositories.
- From the platform's initial page, go to the Credentials sections.
- Select the provider of your convenience that you want to authorize to connect to the platform.
- You will be redirected to the provider's authorization page, where you will be asked to authorize the connection between Fluid Attacks' platform and your account.
- Click on Authorize to establish the connection.
When you authorize the connection, you will be redirected to the platform to the Global Credentials view, where you can see the new credential created as of the type OAUTH.
Note: From the moment the connection is established, the hosting provider you selected will not be shown in the options when you hover over Add credential.
This method will recognize the repositories that have had activity in the last 60 days. To see a list, you can do it in the Outside section.
The repositories that are listed in this view are those that are not associated with any group of that specific organization in the platform. You must wait about 30 minutes to 1 hour for them to appear while the service connection is made.
Import repositories
Role required: User Manager
To import repositories leveraging OAuth, you must first enter the Outside section. To add a single repository, click on the plus symbol in the Action column.
When you click on it, you can specify to which group of that organization you will add that repository.
By clicking on Confirm you can start adding a new root, with the previously set URL and branch.
To add several repositories, select them with the check box on the left and click the Add new roots button.
You will get a pop-up window asking which selected roots will be part of the group.
When you select the group, you will get a pop-up window where you can fill in the requested information. If you want to know what each field refers to, you can enter here.
Remove OAuth connection
Role required: User Manager
You can remove the OAuth credential by selecting the credential to be removed and then clicking the Remove button.
The credential will be removed along with the linked repositories in the Outside section.