This article shows you how you can integrate ShiftLeft CORE's NG SAST into your Bamboo workflow to provide automated code analysis.
This tutorial assumes that you have:
Step 1: Create Your Environment Variables
Log into your Bamboo server using an account that has administrator privileges.
Create the following environment variables containing authentication information for ShiftLeft:
|Your Access Token|
When running in a production environment, we recommend that you use a CI token as the access token. You can create your CI token in the ShiftLeft Dashboard.
Please note that the presence of any set environment variables will override those in a configuration file.
Step 2: Create a Script to Run NG SAST
Provide Bamboo instructions on running NG SAST by creating a shell script that contains task running information.
You will be asked to provide values for the following parameters when creating the script:
|Working sub directory|
Make sure that the script called to run NG SAST is the last build task listed since it should run after all of your other Bamboo tasks.