CircleCI
We have a CircleCl Orb. Paste this code segment in the .circleci/config.yml file for a SAST scan. Refer to the Orb Registry page to use the latest version.
version: 2.1
jobs:
SAST:
machine: yes
steps:
— checkout
— run: |
env | grep -E "CIRCLECI|CIRCLE_BUILD_NUM|CIRCLE_BRANCH|CIRCLE_SHA1" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest
workflows:
Scans:
jobs:
— SAST
Paste this code segment in the .circleci/config.yml file for a DAST scan.
version: 2.1
jobs:
DAST:
machine: yes
steps:
— checkout
— run: |
env | grep -E "CIRCLECI|CIRCLE_BUILD_NUM|CIRCLE_BRANCH|CIRCLE_SHA1" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest
workflows:
Scans:
jobs:
— DAST