Fortinet white logo
Fortinet white logo

Drone CI

Drone CI

Following is a sample code segment that can be configured in drone.yml file to perform a SAST scan.

Note: Make sure to update the parameters in the sample code according to your environment before using it.

---
kind: pipeline
type: exec
name: SCAN

platform:
    os: linux
    arch: amd64

steps:
#Run FortiDevSec SAST Scanner, once the build step is done.
- name: SAST
  commands:
  - env | grep -E "DRONE|DRONE_BUILD_NUMBER|CI_COMMIT_BRANCH|CI_COMMIT_SHA" > /tmp/env
  - docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest

Following is a sample code segment that can be configured in drone.yml file to perform a DAST scan.

---
kind: pipeline
type: exec
name: SCAN

platform:
    os: linux
    arch: amd64

steps:
#Run FortiDevSec SAST Scanner, once the build step is done.
- name: DAST
  commands:
  - env | grep -E "DRONE|DRONE_BUILD_NUMBER|CI_COMMIT_BRANCH|CI_COMMIT_SHA" > /tmp/env
  - docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest

Drone CI

Drone CI

Following is a sample code segment that can be configured in drone.yml file to perform a SAST scan.

Note: Make sure to update the parameters in the sample code according to your environment before using it.

---
kind: pipeline
type: exec
name: SCAN

platform:
    os: linux
    arch: amd64

steps:
#Run FortiDevSec SAST Scanner, once the build step is done.
- name: SAST
  commands:
  - env | grep -E "DRONE|DRONE_BUILD_NUMBER|CI_COMMIT_BRANCH|CI_COMMIT_SHA" > /tmp/env
  - docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest

Following is a sample code segment that can be configured in drone.yml file to perform a DAST scan.

---
kind: pipeline
type: exec
name: SCAN

platform:
    os: linux
    arch: amd64

steps:
#Run FortiDevSec SAST Scanner, once the build step is done.
- name: DAST
  commands:
  - env | grep -E "DRONE|DRONE_BUILD_NUMBER|CI_COMMIT_BRANCH|CI_COMMIT_SHA" > /tmp/env
  - docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest