Source Code Management (SCM)

Source Code Management (SCM) is a critical component for managing and tracking changes in your code repositories. SCM tools help teams collaborate on code, maintain version control, and automate workflows. At Gomboc, we currently support the following SCM providers:

Access Requirements

To integrate your SCM provider with Gomboc, you need to grant us access to your repositories. The way you provide access varies by provider:

SCM Provider

Access Method

GitHub

Install the Gomboc GitHub App.

GitLab

Provide a Group Access Token.

BitBucket

Provide a Workspace Access Token.

Azure DevOps

Provide an OAuth token.

Access Scopes

We require specific permissions to read and write to your repositories and pull requests. This ensures we can perform necessary operations such as scanning your code and applying remediations.

Integration Details

Each SCM provider has unique terms and structures. Here’s a quick guide to understand the terminology and integration process:

GitHub

Repository: A GitHub Repository.
Repo Owner: A GitHub Organization.
Integration: Installation of the Gomboc GitHub App at the organization level.

GitLab

Repository: A GitLab Project.
Repo Owner: A GitLab Group.
Integration: Group Access Token for accessing repositories within the group.

BitBucket

Repository: A BitBucket Repository.
Repo Owner: A BitBucket Workspace.
Integration: Workspace Access Token for accessing repositories within the workspace.

Azure DevOps

Repository: An Azure Repo.
Repo Owner: An Azure Project within an Azure Organization.
Integration: OAuth token scoped to the organization or project level.

PreviousOrca Security NextAzure Devops

Last updated 26 days ago