TechQA.

How to integrate Veracode SAST and DAST scan in Gitlab CI/CD pipeline

694 views Asked by At

I am trying to integrate a SAST and DAST scan in a Gitlab CI/CD pipeline. Here is my gitlab-ci.yml so far:

Pipeline Scan Static Analysis:

image: veracode/pipeline-scan:latest stage: Security_Scan only: - Feature Branch script: - zip myapp.zip ./sample/* - java -Dpipeline.debug=true -jar /opt/veracode/pipeline-scan.jar -vid $TEAM_ANALYSISCENTER_ID -vkey $TEAM_ANALYSISCENTER_KEY --file myapp.zip --issue_details true --gl_issue_generation true -jf results.json 2>&1 | tee policy_scan_output.txt artifacts: paths: - results.json - policy_scan_output.txt when: always name: "veracode-POLICY-SCAN-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA" allow_failure: false

gitlab-ci veracode gitlab-pipelines sast
Original Q&A
0

There are 0 answers

Related Questions in GITLAB-CI

Related Questions in VERACODE

Related Questions in GITLAB-PIPELINES

Related Questions in SAST

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions