GitLab Compliance - Hands-On Lab: Compliance Reports

This Hands-On Guide walks you through viewing various compliance reports in your project.

Estimated time to complete: 15 minutes

Objectives

This lab will outline how to access the various compliance reports, including audit reports and SBOM reports.

Task A. Viewing Compliance Reports and Permissions

  1. Navigate to your project.

  2. In the left sidebar, select Secure > Compliance center.

  3. Review the contents of the report.

  4. To view user permissions, navigate to Manage > Members.

  5. Review the different users and roles in this section. Note that your user is the owner of the project, allowing you to view all details of all reports.

  6. In the top right, you will see different options for adding users to your project. Explore each option and the different roles available in each option.

Task B. Viewing an SBOM Report

As a part of our compliance labs, we have been running a dependency scanner. This scanner produces an SBOM report when it runs. To view the SBOM report:

  1. In the left sidebar, select Build > Pipelines.

  2. Select the most recently passed pipeline.

  3. Select the dependency-scanning job.

  4. In the right sidebar, select Browse under Job artifacts.

  5. Review the reports shown here. You can download these reports to view them in more detail.

Lab Guide Complete

You have completed this lab exercise. You can view the other lab guides for this course.

Suggestions?

If you’d like to suggest changes to the Hands-On Guide for GitLab Compliance, please submit them via merge request.

Last modified February 7, 2025: Adding compliance labs (5801aa7b)
View page source - Edit this page - please contribute. Creative Commons License