Page tree
Skip to end of metadata
Go to start of metadata

Travis CI is a hosted continuous integration service used to build and test software projects. RIPS can be easily integrated into Travis CI as a quality gate to notify the developers about new security issues in their code.

Setup

To integrate RIPS into your Travis process you only have to download and run the rips-cli Docker container. The following .travis.yml example showcases a setup that stops the build if the analysis detects one or more high or critical security vulnerabilities, or more than 5 vulnerabilities in total:

.travis.yml
sudo: required

language: php

services:
 - docker

before_install:
 - docker pull rips/rips-cli

script:
 - docker run --rm -it -e RIPS_BASE_URI -e RIPS_PASSWORD -e RIPS_USERNAME -v `pwd`:/data rips/rips-cli rips:scan:start -p /data -T "$TRAVIS_BRANCH" -t high:0 -t critical:0 -t 5 -a app_id

The app id has to replaced with the actual numeric id of an existing RIPS application. If you do not have an application yet you can create it with rips-cli. To authenticate with RIPS it is highly recommended to use environment variables. The variables can be set at "More options", "Settings", "Environment Variables". Make sure to disable "Display value in build log" to avoid information leaks through the log files.


  • No labels