intigriti-cicd-plugin

module

v1.0.0 Latest Latest Go to latest Published: Jun 9, 2020 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hazcod/intigriti-cicd-plugin

Links

Open Source Insights

README ¶

intigriti-cicd-plugin

Tool that can block your CI/CD pipeline depending on outstanding (open) intigriti issues.

Setup

Download the latest icp release.
Retrieve your intigriti API token and pass your (external) IP address for whitelisting.
Create your configuration file:

# your intigriti API credentials
intigriti_client_id: "XXXXXXXXXXX"
intigriti_client_secret: "XXXXXXXXXXX"

# what maximum amount of findings you tolerate per severity
tresholds:
  # we allow no criticals
  critical: 0
  # we allow no highs
  high: 0
  # we allow 1 medium
  medium: 1
  # we allow arbitrary amount of lows
  low: 100000

Run icp in your CI/CD pipeline with arguments:

./icp -conf=my-conf.yml

icp will return an error code whenever your defined tresholds are set, stopping your pipeline.

Building

This requires make and go to be installed. Just run make.

Directories ¶

Path	Synopsis
checker
cmd
config

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL