Drone CI
Paste this code segment in the workflow drone.yml file for a SAST scan.
---
kind: pipeline
type: exec
name: SCAN
platform:
os: linux
arch: amd64
steps:
#Run FortiDevSec SAST Scanner, once the build step is done.
- name: SAST
commands:
- env | grep -E "DRONE|DRONE_BUILD_NUMBER|CI_COMMIT_BRANCH|CI_COMMIT_SHA" > /tmp/env
- docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
- docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest
Paste this code segment in the workflow drone.yml file for a DAST scan.
---
kind: pipeline
type: exec
name: SCAN
platform:
os: linux
arch: amd64
#Run FortiDevSec DAST Scanner, once the deploy step is done.
- name: DAST
commands:
- env | grep -E "DRONE|DRONE_BUILD_NUMBER|CI_COMMIT_BRANCH|CI_COMMIT_SHA" > /tmp/env
- docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest
- docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest