GCP Cloud Build
Following is a sample code segment that can be configured in cloudbuild.yml file to perform a SAST scan.
Note: Make sure to update the parameters in the sample code according to your environment before using it.
steps: # Run FortiDevSec SAST Scanner, once the build step is done. - name: 'gcr.io/cloud-builders/docker' entrypoint: bash args: ['-c','docker run --pull always --rm --env GCP_CLOUDBUILD_CI=$GCP_CLOUDBUILD_CI --env BUILD_ID=$BUILD_ID --env BRANCH_NAME=$BRANCH_NAME --env COMMIT_SHA=$COMMIT_SHA --mount type=bind,source=$(pwd),target=/scan registry.fortidevsec.forticloud.com/fdevsec_sast:latest']
Following is a sample code segment that can be configured in cloudbuild.yml file to perform a DAST scan.
steps: # Run FortiDevSec DAST Scanner, once the deploy step is done. - name: 'gcr.io/cloud-builders/docker' entrypoint: bash args: ['-c','docker run --pull always --rm --env GCP_CLOUDBUILD_CI=$GCP_CLOUDBUILD_CI --env BUILD_ID=$BUILD_ID --env BRANCH_NAME=$BRANCH_NAME --env COMMIT_SHA=$COMMIT_SHA --mount type=bind,source=$(pwd),target=/scan registry.fortidevsec.forticloud.com/fdevsec_dast:latest']