CloudDefense
Search…
⌃K

Methods for CI/CD integration with CLI

CI/CD integration with CLI Now you can start online scans with the new CLI command:

Method 1: cdefense online

Options:

--api-key {value}, -a {value} API Key for Cloud Defense server
-repository-url {value}, -u {value} URL to Git repository
--verbose Show JSON output
--help, -h Show help

Example:

cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://github.com/mono/mono
Command will return exit status 1 if build policy was failed.

Scan private repo

We also support private repositories. To do this you need to provide API key related to account where integration is configured or provide an access token into repository URL:
GitHub:
https://{private-access-token}@github.com/username/repo.git

GitLab:

https://oauth2:{personal-access-token}@gitlab.com/username/repo.git
https://{username}:{password}@gitlab.com/username/repo.git

Azure Repo:

https://{private-access-token}@dev.azure.com/orgname/projectname/_git/repo

Bitbucket:

https://{username}:{access_token}@bitbucket.org/username/repo.git

Example output

Without verbose:

// cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://bitbucket.org/kilaruoleh/vulnado
2022/07/15 16:59:52 [INFO] Connecting to server...
2022/07/15 16:59:53 [INFO] Welcome [[email protected]]. You have been successfully connected to [Cloud Defense] organization
2022/07/15 16:59:53 [INFO] Running full online scan...
2022/07/15 17:01:19 [INFO] Scan was finished
2022/07/15 17:01:19 [INFO] Build policy status: FAILURE
Failed build policy results:
/app/pom.xml : java_maven:
- Rule [CWE PART_OF_OWASP Injection] failed. Number of occurrences: 1
- Rule [TITLE CONTAINS inje] failed. Number of occurrences: 1
[INFO] Scan started at 16:59:52 finished at 17:01:19
[INFO] Total scan time: 1m27s

With verbose:

// cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://bitbucket.org/kilaruoleh/vulnado --verbose
2022/07/15 17:00:16 [INFO] Connecting to server...
2022/07/15 17:00:16 [INFO] Welcome [[email protected]]. You have been successfully connected to [Cloud Defense] organization
2022/07/15 17:00:17 [INFO] Running full online scan...
2022/07/15 17:01:43 [INFO] Scan was finished
2022/07/15 17:01:43 [INFO] Build policy status: FAILURE
{
"/app/pom.xml : java_maven": {
"failureBuildPolicyResults": [
{
"message": "Rule [CWE PART_OF_OWASP Injection] failed. Number of occurrences: 1",
"rule": {
"operand": "CWE",
"operator": "PART_OF_OWASP",
"value": "Injection"
},
"count": 1
},
{
"message": "Rule [TITLE CONTAINS inje] failed. Number of occurrences: 1",
"rule": {
"operand": "TITLE",
"operator": "CONTAINS",
"value": "inje"
},
"count": 1
}
],
"passedBuildPolicyResults": [
{
"message": "Success",
"rule": {
"operand": "CRITICAL_SEVERITY_COUNT",
"operator": "GREATER_THAN",
"value": "1"
},
"count": 1
},
{
"message": "Success",
"rule": {
"operand": "CWE",
"operator": "PART_OF_OWASP",
"value": "Broken Authentication"
},
"count": 0
},
{
"message": "Success",
"rule": {
"operand": "CWE_ID",
"operator": "CONTAINS",
"value": "264"
},
"count": 0
}
]
}
}
[INFO] Scan started at 17:00:16 finished at 17:01:43
[INFO] Total scan time: 1m27s

Method 2: cdefense clidocker

Example:
cdefense clidocker --api-key=API_KEY --scan-url=https://console.clouddefenseai.com --path=path --project-name=CICDGITHUBACTIONS
Command will push data to console.clouddefenseai.com