After you obtained the API integration key and completed project and branch creation, next is to seamlessly integrate AmourZero's AI-powered Code Security Analysis into your CircleCI.
Integration guide
1. Don't forget the unique API Key. You can go to left menu and select "Configuration" under DEVSECOPS section. You will see an unique API Key that have generated for you. Copy that API Key for following step.
2. Create CircleCI Configuration File
Create a new file in your repository named .circleci/config.yml and paste the provided configuration.
1 version: 2.1
2 jobs:
3 build_and_test:
4 docker:
5 - image: cimg/base:2021.11
6 steps:
7 - checkout
8 - setup_remote_docker
9 - run:
10 name: Run Security Test
11 command: |
12 docker login -u $DOCKER_USERNAME -p $DOCKER_TOKEN
13 docker run -v "$(pwd):/app/wrk" --rm armourzero/pipe-scan-dev:latest --apikey="$AZ_TOKEN" --projectkey="TvIrAgIyArEtYzQhCQtixJRldHGqmMdF" --branch="$CIRCLE_BRANCH" --repo="$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME" --runEnv="demo"
14
15 workflows:
16 version: 2
17 az_security_test:
18 jobs:
19 - build_and_test
20
21
3. Commit and Push
Save the changes to the .circleci/config.yml file. Commit and push the changes to your repository.
4. Follow this video to Add Environment Variables in your CircleCI repository.
In your CircleCI project settings, go to "Environment Variables." Add a variable named AZ_TOKEN with your ArmorZero API key.
5: Monitor Builds
Go to your CircleCI dashboard. You'll see your project listed with the status of your builds. Click on a build to view details.
Notes:
You can also access to the integration information by going to left menu and select "Projects" under DEVSECOPS section, click on the Project ID or the three dots action icon on the project, select "View Project". Then select Integrate menu.