Pull Request Scanning

Modified on Thu, 5 Sep at 7:37 PM

The process of scanning changes in a pull request for Git systems is a critical stage in software development, ensuring code quality and safety before integration into the main codebase. It begins with a developer creating a pull request and proceeds through automated testing, code review, and automated change scanning. Each step aims to identify and address potential issues such as code errors, style violations, and security vulnerabilities. Upon successful completion of checks and positive approval from reviewers, changes can be safely merged into the main project branch. This process promotes a balanced approach to development, ensuring high-quality and reliable software.


Incorporating our code scanning process into your development workflow empowers end-users to significantly enhance code security. Our scanning solution possesses unique capabilities for detecting vulnerabilities that developers may inadvertently introduce.


Utilizing our product for code scanning during development offers several advantages:


  1. Early Vulnerability Detection: Our tool detects vulnerabilities early in development, minimizing the risk of these issues reaching production environments.
  2. Comprehensive Scanning: Our product provides extensive scanning capabilities, identifying various vulnerabilities across different code layers, including dependencies and third-party libraries.
  3. Actionable Insights: Our scanning reports offer practical insights into identified vulnerabilities, equipping developers with the necessary information for effective issue resolution.
  4. Seamless Integration: Our product seamlessly integrates with your existing development process, allowing you to effortlessly incorporate security scanning into your development pipeline.



How to Implement PR Scans


Below is the code you need to add to your workflow file to implement it:

Github


you need to add the following code to your existing GitHub Actions configuration file or create a new file. Configuration files are typically located in the `.github` folder. Here's an example project demonstrating how to add delta scan to your GitHub repository: [link to example project](https://github.com/CloudDefenseOleksii/delta-scan-demo).


Please remember to insert your API key into the `delta-scan-action.yml` file on line 10, replacing the `secrets.your-api-key` variable.


For more detailed information on configuring GitHub Actions, we recommend visiting the official documentation page at the following link: [GitHub Actions official documentation page](https://docs.github.com/en/actions/quickstart).


GitLab


You need to add the following code to your existing GitLab CI configuration file or create a new file. Configuration files are typically named `.gitlab-ci.yml` and are located in the root directory of your repository. Here's an example project demonstrating how to integrate delta scan into your GitLab repository: [link to example project](https://gitlab.com/clouddefenseoleksii/delta-scan-demo).


Please remember to insert your API key into the `.gitlab-ci.yml` file, replacing the placeholder variable `YOUR_API_KEY`.


For more detailed information on configuring GitLab CI/CD pipelines, we recommend visiting the official documentation page at the following link: [GitLab CI/CD official documentation page](https://docs.gitlab.com/ee/ci/quick_start/).

Bitbucket  


You need to add the following code to your existing Bitbucket Pipelines configuration file or create a new one. Configuration files are typically named `bitbucket-pipelines.yml` and are located in the root directory of your repository. Here's an example project demonstrating how to integrate delta scan into your Bitbucket repository: [link to example project](https://bitbucket.org/clouddefenseoleksii/delta-scan/src/master).


Please remember to insert your API key into the `bitbucket-pipelines.yml` file, replacing the placeholder variable `YOUR_API_KEY`.


For more detailed information on configuring Bitbucket Pipelines, we recommend visiting the official documentation page at the following link: [Bitbucket Pipelines official documentation page](https://support.atlassian.com/bitbucket-cloud/docs/get-started-with-bitbucket-pipelines).


How to See the Scan results:


Step 1: Go to the Application Page and Select the Scanned Application



Step 2: Click on The Pull Request Tab




Feedback on PR will automatically be published by CloudDefense.AI 



Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article