Ctrlk

Quick start with your code repository

Use Managed Scans to connect a repository and run scans from Xygeni.

Xygeni configures the required automation for you. You can start with GitHub or GitLab.

Open Managed Scans

Go to Home → Managed Scans.

Click Add Repository.

Connect a GitHub repository

Select GitHub to install the Xygeni GitHub Application.

Choose the installation scope. You can install it for a user or an organization.

Choose whether Xygeni can access all repositories or only selected repositories.

Click Install & Authorize. Xygeni adds the integration and lists the repositories it can access.

Click Scan Now for the repository you want to scan.

Xygeni starts a GitHub workflow for that scan.

After the scan finishes, results appear in the Dashboard. The project name matches the repository name.

You can also enable notifications. See Notifications.

Connect a GitLab repository

1. Create the integration

  1. Go to Managed Scans.

  2. Click Add Repository.

  3. Select GitLab.

  4. Enter a Personal Access Token with these scopes:

    • api

    • read_repository

    • write_repository

  5. Select the group you want to onboard.

  6. Click Configure.

2. Let Xygeni prepare the pipeline

Click Scan Now for the repository you want to scan.

Xygeni configures the repository based on the default branch settings:

  • If the default branch is not protected, Xygeni commits the pipeline files directly.

  • If the default branch is protected, Xygeni creates a setup merge request.

3. Review the setup merge request for protected branches

If GitLab creates a setup merge request, review and merge it before the first scan runs.

  1. Open the setup merge request in GitLab.

  2. Review the new files:

    • .xygeni-scan-ci.yml

    • .xygeni-scan-now-ci.yml

  3. Review the new include block in .gitlab-ci.yml:

  1. Confirm that XYGENI_TOKEN exists under Settings → CI/CD → Variables.

  2. Approve the merge request if your project requires approvals.

  3. Merge the setup merge request.

4. Run the first scan

When the repository status changes to Ready, click Scan Now again.

Run scans

Managed Scans supports three scan modes for connected repositories.

Run a scan now

  1. Open Managed Scans.

  2. Find the repository.

  3. Click Scan Now.

Xygeni triggers a pipeline on the default branch. Results appear in the dashboard a few minutes later.

Schedule a daily scan

  1. Open Managed Scans.

  2. Find the repository.

  3. Click Scheduled Scan.

  4. Select the daily run time.

  5. Save the schedule.

Xygeni runs the scan automatically at the selected time.

Scan on merge requests or pull requests

  1. Open Managed Scans.

  2. Find the repository.

  3. Click Scan on MR/PR.

Xygeni runs a scan for new or updated merge requests or pull requests that target the default branch.

For more details and additional options, see Manage Scans.

PreviousCreate a Free Trial AccountNextQuick start with Xygeni GUI

Last updated