Fortinet white logo
Fortinet white logo

User Guide

GitHub Actions

GitHub Actions

Following is a sample code segment that can be configured in main.yml file to perform a SAST scan.

Note: Make sure to update the parameters in the sample code according to your environment before using it.

name: FortiDevSec Scanner CI
on:
    push:
        branches: [ master ]
    pull_request:
        branches: [ master ]
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
        - uses: actions/checkout@v2
        - name: SAST
          run: |
            env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
            docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest

Following is a sample code segment that can be configured in main.yml file to perform a DAST scan.

name: FortiDevSec Scanner CI
on:
    push:
        branches: [ master ]
    pull_request:
        branches: [ master ]
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
        - uses: actions/checkout@v2
        - name: SAST
          run: |
            env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
            docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest

GitHub Actions

GitHub Actions

Following is a sample code segment that can be configured in main.yml file to perform a SAST scan.

Note: Make sure to update the parameters in the sample code according to your environment before using it.

name: FortiDevSec Scanner CI
on:
    push:
        branches: [ master ]
    pull_request:
        branches: [ master ]
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
        - uses: actions/checkout@v2
        - name: SAST
          run: |
            env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
            docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest

Following is a sample code segment that can be configured in main.yml file to perform a DAST scan.

name: FortiDevSec Scanner CI
on:
    push:
        branches: [ master ]
    pull_request:
        branches: [ master ]
jobs:
    build:
        runs-on: ubuntu-latest
        steps:
        - uses: actions/checkout@v2
        - name: SAST
          run: |
            env | grep -E "GITHUB_ACTIONS|GITHUB_RUN_NUMBER|GITHUB_REF_NAME|GITHUB_SHA" > /tmp/env
            docker run --pull always --rm --env-file /tmp/env --mount type=bind,source=$PWD,target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest