How to integrate Veracode SAST and DAST scan in Gitlab CI/CD pipeline

681 views Asked by At

I am trying to integrate a SAST and DAST scan in a Gitlab CI/CD pipeline. Here is my gitlab-ci.yml so far:

Pipeline Scan Static Analysis:

image: veracode/pipeline-scan:latest stage: Security_Scan only: - Feature Branch script: - zip myapp.zip ./sample/* - java -Dpipeline.debug=true -jar /opt/veracode/pipeline-scan.jar -vid $TEAM_ANALYSISCENTER_ID -vkey $TEAM_ANALYSISCENTER_KEY --file myapp.zip --issue_details true --gl_issue_generation true -jf results.json 2>&1 | tee policy_scan_output.txt artifacts: paths: - results.json - policy_scan_output.txt when: always name: "veracode-POLICY-SCAN-$CI_COMMIT_REF_NAME-$CI_COMMIT_SHORT_SHA" allow_failure: false

0

There are 0 answers