feat: Allows to add a header while fetching the report from a URL to …

…make an integration with GitLab CI possible (#29)

README.adoc

@@ -19,6 +19,18 @@ Now load this file in the vulnerability explorer and start exploring. You can fi
 
 The data never leaves your browser, because all processing is handled inside your browser. Of course you can feel free to fork this project and deploy your own version. If you do so, I would be happy if you leave me a comment and a star on the repository.
 
+=== Integration with GitLab Job
+
+If you are using a GitLab Job to generate the Trivy report, you can supply a direct URL to the json file. The app will fetch the report and display the results without the hassle to first download the file. You might need to provide a token for authentication, you can do that by clicking the shield symbol next to the URL field. Make sure to create a personal access token with the scope `read_api`. The token will be persisted in the local storage, so that you can reuse it the next time you want to load a report from the same GitLab instance.
+
+It is a good idea to print the URL of the artifact at the end of the job log, so that it can be grabbed easily. If the name of the report is `trivy-results.json`, the url schema would look like this:
+
+----
+https://$CI_SERVER_URL/api/v4/projects/$CI_PROJECT_ID/jobs/$CI_JOB_ID/artifacts/trivy-results.json
+----
+
+NOTE: While the feature was built having GitLab in mind, it should work for every artifact storage, where the json can be downloaded with a GET http request that needs at most a single HTTP header for authentication.
+
 == Contribute
 
 See link:CONTRIBUTING.adoc[How to contribute]