Fortinet black logo

User Guide

24.1.a
24.1.a
24.1.0
23.4.a
23.4.0
23.3.0
23.2.a
23.2.0
23.1.a
23.1.0
22.4.a
22.4.0
22.1.0

AWS CodePipeline

AWS CodePipeline

Following is a sample code segment that can be configured in buildspec.yml file to perform a SAST scan.

Note: Make sure to update the parameters in the sample code according to your environment before using it.

version: 0.1
phases:
    install:
        commands:
            - echo "Entered the install phase..."
        finally:
            - echo "This always runs even if the update or install command fails"
    pre_build:
        commands:
            - echo "Entered the pre_build phase..."
        finally:
            - echo "This always runs even if the login command fails."
    build:
        commands:
            - echo "Entered the build phase..."
            - echo "Build started on `date`"
        finally:
            - echo "This always runs even if the install command fails"
    post_build:
        on-failure: CONTINUE
        commands:
            - echo "Entered the post_build phase..."
            - echo "Build completed on `date`"
            - echo "Running FortiDevSec SAST scanner..."
            - env | grep -E "CODEBUILD_CI|CODEBUILD_BUILD_NUMBER|CODEBUILD_RESOLVED_SOURCE_VERSION" > /tmp/env
            - "docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest"
Previous
Next

AWS CodePipeline

Following is a sample code segment that can be configured in buildspec.yml file to perform a SAST scan.

Note: Make sure to update the parameters in the sample code according to your environment before using it.

version: 0.1
phases:
    install:
        commands:
            - echo "Entered the install phase..."
        finally:
            - echo "This always runs even if the update or install command fails"
    pre_build:
        commands:
            - echo "Entered the pre_build phase..."
        finally:
            - echo "This always runs even if the login command fails."
    build:
        commands:
            - echo "Entered the build phase..."
            - echo "Build started on `date`"
        finally:
            - echo "This always runs even if the install command fails"
    post_build:
        on-failure: CONTINUE
        commands:
            - echo "Entered the post_build phase..."
            - echo "Build completed on `date`"
            - echo "Running FortiDevSec SAST scanner..."
            - env | grep -E "CODEBUILD_CI|CODEBUILD_BUILD_NUMBER|CODEBUILD_RESOLVED_SOURCE_VERSION" > /tmp/env
            - "docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest"
Previous
Next