This article shows you how you can integrate ShiftLeft CORE's NG SAST into your TeamCity workflow to provide automated code analysis.
This tutorial assumes that you have:
Step 1: Create Your Environment Variables
In TeamCity, define the following environment variables containing authentication information for ShiftLeft:
|Your Access Token|
When running in a production environment, we recommend that you use a CI token as the access token. You can create your CI token in the ShiftLeft Dashboard.
Please note that the presence of any set environment variables will override those in a configuration file.
Step 2: Configure Your Build
Once you've defined your ShiftLeft authentication variables, you'll need to create a TeamCity job that executes ShiftLeft.
If you haven't already, log in to TeamCity and go to Project > Settings > General Settings > Build Configurations.
Next, click Edit. Select Build Step using the sidebar and click Add build step. This opens up the configuration window that allows you define your new build step with the following information:
|Runner type||Command Line|
|Execute step||If all previous steps finished successfully|
|Run||Executable with parameters|
When done, save your changes.