This article shows you how to integrate ShiftLeft CORE's NG SAST into your Bamboo workflow to provide automated code analysis.
This tutorial assumes that you have:
Step 1: Create your environment variables
Log into your Bamboo server using an account that has administrator privileges.
Create the following environment variables containing authentication information for ShiftLeft:
|Your Access Token|
When running in a production environment, we recommend using a CI token as the access token. You can create your CI token in the ShiftLeft Dashboard.
Please note that the presence of any set environment variables will override those in a configuration file.
Step 2: Create a script to run NG SAST
Provide Bamboo instructions on running NG SAST by creating a shell script containing task running information.
You will be asked to provide values for the following parameters when creating the script:
|Working sub directory|
Ensure that the script called to run NG SAST is the last build task listed since it should run after all of your other Bamboo tasks.