DevSecOps with Gitlab | Part - 2 | Implementing Pipeline

I include a build stage just to exemplify some developer actions
graudit: 
tags:
- your_tag
stage: SAST
script:
- graudit -d /your/path/graudit/signatures/php.db ./
trufflehog: 
tags:
- your_tag
stage: secret-scanning
script:
- trufflehog . --json | tee secert.json
stages:   
- build # this is build stage
- secret-scanning # SCA stage
- SAST # this is test stage

build:
tags:
- your_tag
stage: build
script:
- echo "build stage goes here"



trufflehog:
tags:
- your_tag
stage: secret-scanning
script:
- trufflehog . --json | tee secert.json



graudit:
tags:
- threatmeter
stage: SAST
script:
- graudit -d /your/path/graudit/signatures/php.db ./

--

--

--

i4mmaddy

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How Does Garbage Collection Work in Python

Learning Path for DevOps

Migration of DB Schemas

Advanced AI Text Generation Made Easy

An artistic illustration of text with the caption “GPT-2 Made Easy”

5 Tips for Developing ARM-Templates

Five Steps Toward a Clean Commit History

Un-Shorten your urls.

Vagrant, AWS and temporary security credentials

Stormtrooper guarding a desk

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Madhavan M

Madhavan M

i4mmaddy

More from Medium

Using GitLab CI/CD pipeline to build WebAPI and deploy to Azure Appservice-Part1

Deploying Maven package and Docker image to Github Registry using Github Action workflow

Setting Up a Load Balancer With HAProxy

Kubernetes Resource Setting in a local K3D Cluster