Abstract: The goal of this thesis was to develop an automation that enables developers to seamlessly integrate SCA Tool into their development workflows. To this end, an OpenAPI-compliant CI/CD-Integration was implemented for both the GitHub and GitLab platforms. A user-friendly guide was created to support the configuration of the provided pipelines. For the safe communication with the backend, an authentication mechanism based on API keys was introduced. A TypeScript script was developed to serve as the integration core, enriched with platform-specific extensions for improved usability. On GitHub, the script was used to implement a custom JavaScript-based GitHub-Action, which was published on the GitHub-Marketplace. For GitLab, a GitLab-Component was developed that loads the script and executes it within a Node.js container. This component is also publicly available via the GitLab CI/CD-Catalog. The project placed particular emphasis on the secure generation and handling of API keys, as well as on a maintainable and extensible architecture. Thanks to the modular structure of the integration script and the server components, the solution can be easily adapted to meet future requirements.
Keywords: SCA Tool, CI Integration
PDF: Master Thesis
Reference: Emanuel Erben. SCA Tool API für automatisierte CI Workflows. Master Thesis. Friedrich-Alexander-Universität Erlangen-Nürnberg: 2025.
Discover more from Professorship for Open-Source Software
Subscribe to get the latest posts sent to your email.