Page tree
Skip to end of metadata
Go to start of metadata

Circle CI is the second largest Continuous Integration system used at GitHub.

Since it is built on docker RIPS can be quickly integrated using our rips-cli docker container.

Setup

1. Add a directory named .circleci to your repository.

2. Place a file named config.yml in this directory with the following content:

.circleci/config.yml
version: 2
jobs:
  build:
    docker:
      - image: rips/rips-cli:circleci

    working_directory: ~/repo

    steps:
      - checkout
      - run: rips-cli -vvv rips:scan:start -a $RIPS_APP_ID -p ~/repo/ -t 1

We have a special docker image for Circle CI. It is able to perform a git checkout and start a RIPS Scan. This example showcases this setup that breaks the build if the analysis detects more than one security vulnerability.

Circle CI Configuration

3. In the builds overview in Circle CI, select your project and click on project settings ().

4. From the menu select Environment Variables and add the following values according to our documentation:

Further Reading

Since it is the rips-cli that is running in the docker container it is best to consult the rips-cli documentation to find out more commands and configuration options.

  • No labels