CI/CD Integration: Travis CI

Modified on Thu, 5 Sep at 7:27 PM

Introduction


The Cloud Defense CLI now offers seamless integration with Continuous Integration/Continuous Deployment (CI/CD) pipelines. This user guide will walk you through the steps to initiate online scans using the CLI, ensuring the security of your repositories.

Method 1: Scan Repository Using Our Cluster


You can initiate scans directly from your command line interface using the cdefense online command. Follow the syntax and options provided below:

cdefense online --api-key={} --repository-url={} --branch-name={optional} --tag={optional}



Ensure that you have set the environment variable SCAN_URL to console.clouddefenseai.com.

Options:

  • -api-key: Your unique API key.

  • -repository-url: The URL of your repository.

  • -branch-name: (Optional) Specify the branch name.

  • -tag: (Optional) Specify a tag.

Example:

cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://github.com/username/repo --branch-name=example --tag=example


This command will return an exit status of 1 if the build policy fails.


Scan Private Repositories


Cloud Defense also supports scanning private repositories. Here's how you can do it:

  • For GitHub:

<https://{private-access-token}@github.com/username/repo.git>

  • For GitLab:

<https://{username}:{access-token}@gitlab.com/username/repo.git>

  • For Azure Repo:

<https://{private-access-token}@dev.azure.com/orgname/projectname/_git/repo>

  • For Bitbucket:

<https://{username}:{access-token}@bitbucket.org/username/repo.git>



Example Output


Without Verbose:


// cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://bitbucket.org/kilaruoleh/vulnado

2022/07/15 16:59:52 [INFO] Connecting to server...

...

[INFO] Scan started at 16:59:52 finished at 17:01:19

[INFO] Total scan time: 1m27s



With Verbose:


// cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://bitbucket.org/kilaruoleh/vulnado --verbose

2022/07/15 17:00:16 [INFO] Connecting to server...

...

[INFO] Scan started at 17:00:16 finished at 17:01:43

[INFO] Total scan time: 1m27s



Method 2: Scan Repository on Your System


You can also scan repositories directly from your system using the Cloud Defense CLI. Here's how:

cdefense clidocker --api-key={} --scan-url=https://console.clouddefenseai.com --project-name={} --git=true --repourl={} --branch={optional} --tag={optional}



Method 3: Scan Repository on Your System (Copy Project from Your PC)


If you prefer to scan repositories located on your system, follow this method:

cdefense clidocker --api-key={} --scan-url=https://console.clouddefenseai.com --project-name={} --path={path-to-folder-with-app} --repo-url={} --branch={optional} --tag={optional}



Note:


This command will push data to console.clouddefenseai.com.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article