Security is often an afterthought in the rapid cycle of web development, but a new partnership between Laravel Forge
and Aikido
changes that dynamic. By integrating these tools, you gain an instant overview of code and cloud security vulnerabilities without leaving your management console. This guide walks you through connecting your repositories to ensure every deployment meets rigorous security standards.
Tools and Prerequisites
To get started, you need an active Laravel Forge
account and a project hosted on a version control provider. Aikido
supports major platforms including GitHub
, Bitbucket
, and GitLab
. Ensure you have administrative access to your repository to grant the necessary permissions during the setup phase.
Connecting Your Security Workspace
Begin by logging into your Laravel Forge
dashboard and selecting a specific server. Look for the new Aikido item in the left-hand navigation sidebar. Clicking this will prompt you to connect an account. Choose your provider—such as GitHub
—and authorize the connection. Once authenticated, create a new workspace and select the repositories you wish to monitor. You must provide a contact email and grant final permissions to allow the scanner to analyze your codebase.
Analyzing Vulnerabilities in Real-Time
After the initial handshake, Aikido
performs a non-intrusive scan of your repository. It specifically analyzes the code on your Git provider rather than accessing your live production server. The results appear directly within the Laravel Forge
UI, categorized by severity. You can identify high-priority issues immediately or jump to the full dashboard for detailed remediation steps, estimated fix times, and branch-specific scanning.
Managing Your Integration
If you need to manage multiple projects, navigate to your account settings within Forge. A dedicated page displays all connected workspaces and their unique IDs. From here, you can manage active connections or unlink a workspace if you no longer require monitoring for a specific project. This streamlined management ensures your security footprint remains organized as your application list grows.
Conclusion
By following these steps, you transform your deployment environment into a security-aware platform. You no longer have to guess about dependency vulnerabilities or misconfigurations. Instead, you get actionable insights delivered straight to your sidebar, allowing you to fix critical issues before they ever reach your users.
