Azure DevOps
Following is a sample code segment that can be configured in azure-pipelines.yml file to perform a SAST scan.
Note: Make sure to update the parameters in the sample code according to your environment before using it.
trigger: - main pool: vmImage: 'ubuntu-latest' stages: - stage: SAST displayName: 'Static Application Security Testing (SAST) Stage' jobs: - job: RunSAST displayName: 'Run SAST' steps: - task: Bash@3 displayName: 'Install and Run SAST' inputs: targetType: 'inline' script: | env | grep -E "AZURE_HTTP_USER_AGENT|BUILD_BUILDID|BUILD_SOURCEBRANCHNAME|BUILD_SOURCEVERSION" > /tmp/env docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest
Following is a sample code segment that can be configured in azure-pipelines.yml file to perform a DAST scan.
trigger: - main pool: vmImage: 'ubuntu-latest' stages: - stage: DAST displayName: 'Dynamic Application Security Testing (DAST) Stage' jobs: - job: RunDAST displayName: 'Run DAST' steps: - task: Bash@3 displayName: 'Install and Run DAST' inputs: targetType: 'inline' script: | env | grep -E "AZURE_HTTP_USER_AGENT|BUILD_BUILDID|BUILD_SOURCEBRANCHNAME|BUILD_SOURCEVERSION" > /tmp/env docker run --pull always --rm --env-file /tmp/env --mount type=bind,source="$PWD",target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest