ArmourZero's AI-powered Code Scan seamlessly integrates code security analysis into your cloud software development platforms, without the need to copy or retrieve any of your confidential source codes. Everything done within your CI/CD pipeline tools.
Supported CI/CD pipeline tools:
1. Github
2. Gitlab
3. Bitbucket
4. CircleCI
5. Azure Pipeline
6. Jenkins
7. Gitea
Step 1: Create repository and branch
You can create the number of repository according to your subscription plan.
1. Go to left menu and select "Code" under VULNERABILITY SCANNERS section, then click "Add New Repository".
2. Select what type application source code you would like to scan. If you are using GitHub or GitLab, you can have single sign-on (SSO) to retrieve your repositories and branches. ArmourZero supported both web and mobile application source code scan or review.
Click here if you are using GitHub or GitLab.
3. Click on the Project ID or the three dots action icon on the project, select "View Scan Details". You will be asked to create a branch by clicking "Add New Branch".
Notes:
It is very important to name your branch that match and identical with your working project branch name in your repository.
Step 2: Obtain unique API integration key
1. Go to left menu and select "Code" under VULNERABILITY SCANNERS section, then click "Configuration".
2. You will see an unique API Key that have generated for you. Copy that API Key for next step.
Step 3: Integrating to your CI/CD pipeline tools
Integration to your CI/CD pipeline tools just a one-time setup task, irregardless to the type of application you selected in Step 1! Yes it's that's easy. Depending on which CI/CD pipeline tools that you currently using, each platform comes with different but simple configurations.
You can refer to below links for the CI/CD pipeline tools' configuration.
Congratulation! You have completed the seamless integration of security into your CI/CD pipeline tools. The Code Scan will be done automatically and at each time you and your team committed a code in the project and branch! Experience the automated vulnerability management evolution and view the scan results at your convenience.