Source Code Management (SCM)
Source Code Management (SCM) is a critical component for managing and tracking changes in your code repositories. SCM tools help teams collaborate on code, maintain version control, and automate workflows. At Gomboc, we currently support the following SCM providers:
Access Requirements
To integrate your SCM provider with Gomboc, you need to grant us access to your repositories. The way you provide access varies by provider:
GitHub
Install the Gomboc GitHub App.
GitLab
Provide a Group Access Token.
BitBucket
Provide a Workspace Access Token.
Azure DevOps
Provide an OAuth token.
Access Scopes
We require specific permissions to read and write to your repositories and pull requests. This ensures we can perform necessary operations such as scanning your code and applying remediations.
Integration Details
Each SCM provider has unique terms and structures. Here’s a quick guide to understand the terminology and integration process:
Repository: A GitHub Repository.
Repo Owner: A GitHub Organization.
Integration: Installation of the Gomboc GitHub App at the organization level.
Repository: A GitLab Project.
Repo Owner: A GitLab Group.
Integration: Group Access Token for accessing repositories within the group.
Repository: A BitBucket Repository.
Repo Owner: A BitBucket Workspace.
Integration: Workspace Access Token for accessing repositories within the workspace.
Repository: An Azure Repo.
Repo Owner: An Azure Project within an Azure Organization.
Integration: OAuth token scoped to the organization or project level.
Last updated