Created
January 21, 2019 17:30
-
-
Save palichis/269791dd77bb333f9bae52aba85d1d72 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| stages: | |
| - dev | |
| analisis_SAST: | |
| stage: dev | |
| image: docker:stable | |
| variables: | |
| DOCKER_DRIVER: overlay2 | |
| allow_failure: false | |
| services: | |
| - docker:stable-dind | |
| script: | |
| - export SP_VERSION=$(echo "$CI_SERVER_VERSION" | sed 's/^\([0-9]*\)\.\([0-9]*\).*/\1-\2-stable/') | |
| - docker run | |
| --env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}" | |
| --volume "$PWD:/code" | |
| --volume /var/run/docker.sock:/var/run/docker.sock | |
| "registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code | |
| artifacts: | |
| reports: | |
| sast: gl-sast-report.json | |
| analisis_DAST: | |
| stage: dev | |
| image: registry.gitlab.com/gitlab-org/security-products/zaproxy | |
| variables: | |
| website: "https://reporteprecios-test.msp.gob.ec" | |
| allow_failure: false | |
| script: | |
| - docker run | |
| --volume $PWD:/zap/wrk | |
| registry.gitlab.com/gitlab-org/security-products/zaproxy zap-baseline.py -t $website -J gl-dast-report.json || true | |
| artifacts: | |
| reports: | |
| dast: gl-dast-report.json | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
para proyectos con java, agregar el parámetro a la ejecución de docker
- docker run
--env SAST_CONFIDENCE_LEVEL="${SAST_CONFIDENCE_LEVEL:-3}"
--volume "$PWD:/code"
--volume /root/.m2:/root/.m2
--volume /var/run/docker.sock:/var/run/docker.sock
"registry.gitlab.com/gitlab-org/security-products/sast:$SP_VERSION" /app/bin/run /code