Auto-Remediation not Working with On-Premises Scanner
If you connect a GitLab repository to an on-premises code scanner and enable auto-remediation, automatic pull requests might not be created after the scan. Automatic pull request creation might fail if you use the IP address of the on-premises code scanner in the authorization callback URL instead of the fully qualified domain name.
Solution:
Add the IP address of the on-premises scanner to the allow list of the GitLab server. Perform the following steps in GitLab:
-
On the top bar, select Main menu > Admin.
-
On the left sidebar, select Settings > Network.
-
Expand Outbound requests.
-
Select the Allow requests to the local network from system hooks check box.
-
In the Local IP address and domain names that hooks and services may access box, specify the IP address of the on-premise scanner host and port.
For more information, see Webhooks and insecure internal web services.