Skip to main content
GitLab Container Registry provides a secure space for your Docker images. CybeDefend integrates with GitLab’s registry to scan your containers for vulnerabilities.

CybeDefend Configuration

FieldDescriptionExample
GitLab Project IDNumeric project ID in GitLab12345
Registry URLGitLab registry URLregistry.gitlab.com
Project PathProject path in GitLabusername/project or group/project
Project Access TokenGitLab project access tokenglpat-xxxxxxxxxxxx

How to Create a Project Access Token in GitLab

1

Access GitLab Project

Go to your GitLab project → SettingsAccess Tokens
2

Create Token

Create a new token with a name (e.g., CybeDefend Scanner)
3

Select Role

Select the role: Developer
4

Select Scopes

Select the required scopes:
  • read_api (required to list images)
  • read_registry (required to access the registry)
5

Create and Copy

Click Create project access token and copy it immediately (you won’t see it again!)
6

Configure CybeDefend

Paste the credentials with your project information in CybeDefend
The Project Access Token is only displayed once when created. Make sure to copy it immediately before closing the dialog.

Security Best Practices

Use Project Tokens

Prefer project access tokens over personal tokens for better security isolation.

Minimal Scopes

Only grant read_api and read_registry scopes for scanning.

Set Expiration

Always set an expiration date for your tokens to limit exposure.

Reporter Role

Use Reporter role instead of Developer when only read access is needed.

Troubleshooting

  • Verify token has both read_api and read_registry scopes
  • Check if the token has expired
  • Ensure the registry URL is correct
  • Verify the project ID is correct
  • Check project visibility settings
  • Ensure registry is enabled for the project