Source Code Management (SCM)

Source Code Management (SCM) is a critical component for managing and tracking changes in your code repositories. SCM tools help teams collaborate on code, maintain version control, and automate workflows. At Gomboc, we currently support the following SCM providers:

Cover

GitHub

Cover

GitLab

Cover

BitBucket

Cover

Azure Devops

Access Requirements

To integrate your SCM provider with Gomboc, you need to grant us access to your repositories. The way you provide access varies by provider:

SCM Provider
Access Method

GitHub

Install the Gomboc GitHub App.

GitLab

Provide a Group Access Token.

BitBucket

Provide a Workspace Access Token.

Azure DevOps

Provide an OAuth token.

Access Scopes

We require specific permissions to read and write to your repositories and pull requests. This ensures we can perform necessary operations such as scanning your code and applying remediations.

Integration Details

Each SCM provider has unique terms and structures. Here’s a quick guide to understand the terminology and integration process:

GitHub

  • Repository: A GitHub Repository.

  • Repo Owner: A GitHub Organization.

  • Integration: Installation of the Gomboc GitHub App at the organization level.

GitLab

  • Repository: A GitLab Project.

  • Repo Owner: A GitLab Group.

  • Integration: Group Access Token for accessing repositories within the group.

BitBucket

  • Repository: A BitBucket Repository.

  • Repo Owner: A BitBucket Workspace.

  • Integration: Workspace Access Token for accessing repositories within the workspace.

Azure DevOps

  • Repository: An Azure Repo.

  • Repo Owner: An Azure Project within an Azure Organization.

  • Integration: OAuth token scoped to the organization or project level.

PreviousWizNextAzure Devops

Last updated