Skip to content

Monedar/vulnerableReactJSApp

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.circleci
.circleci
 
 
public
public
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
appscan-config.xml
appscan-config.xml
 
 
package.json
package.json
 
 

Repository files navigation

Introduction

This is an example that demonstrate the ease of use of ASoC's powerful REST API capabilities integrating with Circle CI.

Within 7 simple REST API method calls, we were was able to check out a source code from a github repo, have a SAST scan submitted into ASoC for static analysis and get scan result/report back.

The example shows the process of scanning a node JS project using React. The full Circle CI YAML script is in the file config.yml

ASoC REST API used in this example

Account/ApiKeyLogin

/FileUpload

/Scans/StaticAnalyzer

/Scans/$scan_ID/Executions

/Reports/Security/Scan/$scan_ID

/Reports/$report_ID

/Reports/Download/$report_ID

ASoC's full REST API list:

https://cloud.appscan.com/swagger/ui/index

To set this up, first setup ASoC API Key and Secret as environment variables for the Circle CI project

1

Screenshot of the pipeline steps

2

The report is automatically saved as a Circle CI artifact

3

Checking out the "html" report in Circle CI

4

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 92.1%
  • HTML 4.8%
  • CSS 3.1%