Bamboo
Paste the following code segment in the bamboo.yml file for a SAST scan.
— —
version: 2plan:
project-key: MYAPP
name: Build the myapp
key: MYAPP
stages:
-scan the myapp stage:
jobs:
— Scan
Scan:
tasks:
– clean # To keep the working directory clean
-script:
- env | grep -E "bamboo_buildNumber|bamboo_repository_branch_name|bamboo_repository_revision_number" > /tmp/env
– docker pull registry.fortidevsec.forticloud.com/fdevsec_sast:latest
– docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest
Paste the following code segment in the bamboo.yml file for a DAST scan.
— —
version: 2plan:
project-key: MYAPP
name: Build the myapp
key: MYAPP
stages:
-scan the myapp stage:
jobs:
— Scan
Scan:
tasks:
– clean # To keep the working directory clean
-script:
- env | grep -E "bamboo_buildNumber|bamboo_repository_branch_name|bamboo_repository_revision_number" > /tmp/env
– docker pull registry.fortidevsec.forticloud.com/fdevsec_dast:latest
– docker run --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest