Integrating Acunetix with GitLab for CI/CD

The first step is to prepare the Acunetix Target information. In step 2, integrate Acunetix with GitLab for Continuous Integration and Deployment.

Prepare your Acunetix Target information

  1. Log in to your Acunetix installation

  1. Access your list of targets and click on the desired target. Retrieve the Target ID from the URL. Next, go to your Profile page and obtain your API Key.

Configure Gitlab to Integrate with Acunetix

  • Log in to your GitLab account

  • Navigate to your list of projects and click on the project you wish to work with

  • Click Set up CI/CD
  • This will require you to create a yml file: edit this file to have the following contents:

ScanJob:

  script: |-

    curl -k -i --request POST --url "https://online.acunetix.com/api/v1/scans" --header "X-Auth: [APIKEY]" --header "content-type: application/json" --data '{"profile_id":"11111111-1111-1111-1111-111111111111","schedule":{"disable":false,"start_date":null,"time_sensitive":false},"user_authorized_to_scan":"yes","target_id":"[Target ID]"}'

  • Replace the 3 highlighted fields:
  • To set the correct X-Auth value, replace the "[API KEY]" text with the API key you retrieved in Step 1.
  • The suggested value for profile_id is "11111111-1111-1111-1111-111111111111" - this default value is for a Full Scan. If you wish to specify a different scan profile, you can set one of the following values:
  1. For the Online version of Acunetix:
  • Full Scan: 11111111-1111-1111-1111-111111111111
  • High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112
  • SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113
  • Weak Passwords: 11111111-1111-1111-1111-111111111115
  • Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116
  • Crawl Only: 11111111-1111-1111-1111-111111111117
  • Malware Scan: 11111111-1111-1111-1111-111111111120
  • Full Web and Network Scan: 11111111-1111-1111-1111-211111111111
  • Network Scan: 11111111-1111-1111-1111-211111111112
  • Network Scan (Safe Checks): 11111111-1111-1111-1111-211111111113
  • Network Scan Quick: 11111111-1111-1111-1111-211111111114
  1. For the On-Premises version of Acunetix:
  • Full Scan: 11111111-1111-1111-1111-111111111111
  • High Risk: 11111111-1111-1111-1111-111111111112
  • SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113
  • Weak Passwords: 11111111-1111-1111-1111-111111111115
  • Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116
  • Crawl Only: 11111111-1111-1111-1111-111111111117
  • High / Medium Risk: 11111111-1111-1111-1111-111111111119
  • Malware Scan: 11111111-1111-1111-1111-111111111120
  1. Alternatively, use the scan profile ID of any custom scan profiles you've created. Retrieve the scan profile ID of custom scan profiles programmatically via the Acunetix API or by checking the URL when navigating to the custom scan profile:

  • To set the correct target_id value, replace the "[Target ID]" text with the target ID you retrieved in Step 1.
  • Click on the "Commit changes" button to save your settings. This will trigger a manual run of the pipeline, and therefore add an immediate scan request to Acunetix.

  • Subsequently, all future pipeline runs will also trigger scan requests to Acunetix.

 

« Back to the Acunetix Support Page