Azure DevOps
Paste the following code segment in the azure-pipelines.yml file for a SAST scan.
trigger:
— main
pool:
vmImage: ubuntu-latest
steps:
–task: Bash@3
displayName: Install_Run_SAST
inputs:
targetType: 'inline'
script: |
env | grep -E "AZURE_HTTP_USER_AGENT|BUILD_BUILDID" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest
Paste the following code segment in the azure-pipelines.yml file for a DAST scan.
trigger:
— main
pool:
vmImage: ubuntu-latest
steps:
– task: Bash@3
displayName: Install_Run_DAST
inputs:
targetType: 'inline'
script: |
env | grep -E "AZURE_HTTP_USER_AGENT|BUILD_BUILDID" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest