GitLab Setup
Integrate the FortiDAST with GitLab for CI/CD.
Perform the following steps to configure FortiDAST with GitLab.
- Login into the GitLab setup and select a project.
- Click CI/CD configuration. This opens a CI/CD editor to update/create the yml file, .gitlab-ci.yml.
-
Copy the following contents in the editor and update the highlighted variables.
ScanJob:
tags:
- Your tag name
before_script:
- pip3 install requests
variables:
#input variable(string type)
scanurl: "Your scan url"
#input variable(string type)
uuid: "Your asset uuid"
#input variable(string type)-Example:https://fortidast.com/api/v1.0
apiUrl: "FortiDAST API Url"
#input variable(string type)
apikey: "Your API Key"
script:
- python scan.py $apiUrl $scanurl $uuid $scantype $apikey
#input variable(int type)Quick scan=0,Full scan=1
scantype: either 0 or 1
- Enter the tag name used while registering the runner. See https://docs.gitlab.com/runner/register/.
- scanurl - The URL of the asset to scan.
- uuid - The asset UUID. See Asset Authorization.
- scantype - Type 0 for quick scan and 1 for full scan.
- apiURL - The FortiDAST URL.
- apiKey - Obtain the API key from FortiDAST GUI. See REST API.
Note: Only the Privileged key is supported.
Click Commit Changes. The .gitlab-ci.yml file is created.
Commit the file scan.py; click here to download the file.
This image is a snapshot of the added file.
Click Commit Changes.
The configured asset scan is triggered and a scan request to FortiDAST is triggered for all future commits.