Now, initiating online scans is made easier with the new CLI command. Here's how:
Method 1: Scan Repository Using Our Cluster
You can scan your repository using our cluster by running:
cdefense online
Options:
cdefense online --api-key={} --repository-url={} --branch-name={} --tag={}
(Ensure you have the environment variable SCAN_URL set to https://console.clouddefenseai.com)
Example:
cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=example --branch-name=example --tag=example
(Ensure you have the environment variable SCAN_URL set to https://console.clouddefenseai.com)
The command will return exit status 1 if the build policy fails.
Scanning Private Repositories:
We also support scanning private repositories. To do this, provide the API key related to the account where the integration is configured or provide an access token into the repository URL:
GitHub: https://{private-access-token}@github.com/username/repo.git
GitLab:
Using OAuth2: https://oauth2:{personal-access-token}@gitlab.com/username/repo.git
Using Username and Password: https://{username}:{password}@gitlab.com/username/repo.git
Azure Repo: https://{private-access-token}@dev.azure.com/orgname/projectname/_git/repo
Bitbucket: https://{username}:{access_token}@bitbucket.org/username/repo.git
Example Output:
Without Verbose:
// cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://bitbucket.org/kilaruoleh/vulnado
2022/07/15 16:59:52 [INFO] Connecting to server...
2022/07/15 16:59:53 [INFO] Welcome [[email protected]]. You have been successfully connected to [Cloud Defense] organization
2022/07/15 16:59:53 [INFO] Running full online scan...
2022/07/15 17:01:19 [INFO] Scan was finished
2022/07/15 17:01:19 [INFO] Build policy status: FAILURE
Failed build policy results:
/app/pom.xml : java_maven:
- Rule [CWE PART_OF_OWASP Injection] failed. Number of occurrences: 1
- Rule [TITLE CONTAINS inje] failed. Number of occurrences: 1
[INFO] Scan started at 16:59:52 finished at 17:01:19
[INFO] Total scan time: 1m27s
With Verbose:
// cdefense online --api-key=76858509-fe91-4969-b57a-decc36d0726a --repository-url=https://bitbucket.org/kilaruoleh/vulnado --verbose
2022/07/15 17:00:16 [INFO] Connecting to server...
2022/07/15 17:00:16 [INFO] Welcome [[email protected]]. You have been successfully connected to [Cloud Defense] organization
2022/07/15 17:00:17 [INFO] Running full online scan...
2022/07/15 17:01:43 [INFO] Scan was finished
2022/07/15 17:01:43 [INFO] Build policy status: FAILURE
{
"/app/pom.xml : java_maven": {
"failureBuildPolicyResults": [
{
"message": "Rule [CWE PART_OF_OWASP Injection] failed. Number of occurrences: 1",
"rule": {
"operand": "CWE",
"operator": "PART_OF_OWASP",
"value": "Injection"
},
"count": 1
},
{
"message": "Rule [TITLE CONTAINS inje] failed. Number of occurrences: 1",
"rule": {
"operand": "TITLE",
"operator": "CONTAINS",
"value": "inje"
},
"count": 1
}
],
"passedBuildPolicyResults": [
{
"message": "Success",
"rule": {
"operand": "CRITICAL_SEVERITY_COUNT",
"operator": "GREATER_THAN",
"value": "1"
},
"count": 1
},
{
"message": "Success",
"rule": {
"operand": "CWE",
"operator": "PART_OF_OWASP",
"value": "Broken Authentication"
},
"count": 0
},
{
"message": "Success",
"rule": {
"operand": "CWE_ID",
"operator": "CONTAINS",
"value": "264"
},
"count": 0
}
]
}
}
[INFO] Scan started at 17:00:16 finished at 17:01:43
[INFO] Total scan time: 1m27s
Method 2: Scan Repository on Your System, Downloading Repo from External (Any Git)
Example:
cdefense clidocker --api-key={} --scan-url=https://console.clouddefenseai.com --project-name={} --git=true --repourl=https://github.com/scalesec/vulnado --branch={} --tag={}
Method 3: Scan Repository on Your System, Copying Project from Your PC
Example:
cdefense clidocker --api-key={} --scan-url=https://console.clouddefenseai.com --project-name={} --path={path-to-folder-with-app} --repo-url=https://github.com/scalesec/vulnado --branch={} --tag={}
(This command will push data to console.clouddefenseai.com)
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article