Skip to content
This repository has been archived by the owner on Mar 20, 2024. It is now read-only.
JonZeolla edited this page Jan 1, 2020 · 2 revisions

Welcome to the easy_sast wiki! easy_sast is a docker container for use in integration pipelines to submit an application's build artifacts to a static analysis tool. This has been developed in a way to serve as a build pattern for other containers meant to facilitate similar functionality, and natively integrates with Veracode's Static Analysis product.

Features

This code base was developed in line with the Rugged Manifesto. As such, it is:

  • Simple to use: It contains intentionally limited dependencies and provides easy-to-use make commands for standard use cases.
  • Easily configurable: Practical defaults are in place, but configuration options include a config file, environment variables, and CLI arguments.
  • Clear and understandable code: Regular use of type hints, keyword arguments, and a normalized code style make understanding the code intent easy.
  • Engineered to be robust: Error handling, automated security validation, and pervasive validation.
  • 100% tested: 100% code coverage for unit tests on all commits.
  • 100% consistently formatted: Linting of Docker, make, YAML, git commits, and Python on all commits.

Getting Started

See the Quickstart for more information on how to get started.

Clone this wiki locally