Auto-Remediation not Working with On-Premises Scanner

If you connect a GitLab repository to an on-premises code scanner and enable auto-remediation, automatic pull requests might not be created after the scan. Automatic pull request creation might fail if you use the IP address of the on-premises code scanner in the authorization callback URL instead of the fully qualified domain name.

Solution:

Add the IP address of the on-premises scanner to the allow list of the GitLab server. Perform the following steps in GitLab:

  1. On the top bar, select Main menu > Admin.

  2. On the left sidebar, select Settings > Network.

  3. Expand Outbound requests.

    1. Select the Allow requests to the local network from system hooks check box.

    2. In the Local IP address and domain names that hooks and services may access box, specify the IP address of the on-premise scanner host and port.

For more information, see Webhooks and insecure internal web services.