GitHub Actions

GitHub Actions

Paste this code segment in the workflow main.yml file for a SAST scan.

name: FortiDevSec Scanner CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]

jobs:
build:
runs-on: ubuntu-latest
steps:
– uses: actions/checkout@v2

– name: SAST
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest

Paste this code segment in the workflow main.yml file for a DAST scan.

name: FortiDevSec Scanner CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]

jobs:
build:
runs-on: ubuntu-latest
steps:
– uses: actions/checkout@v2

– name: DAST
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest
docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest

GitHub Actions

Paste this code segment in the workflow main.yml file for a SAST scan.

     docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest

Paste this code segment in the workflow main.yml file for a DAST scan.

name: FortiDevSec Scanner CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]

jobs:
build:
runs-on: ubuntu-latest
steps:
– uses: actions/checkout@v2

– name: DAST
run: |
env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest

     docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest

User Guide

GitHub Actions

GitHub Actions