Tenable Web App Scanning CI/CD Scanning with GitLab Integration

You can deploy a Tenable Web App Scanning Docker image in continuous integration and continuous delivery/continuous deployment CI/CD against your application in GitLab. For more information on this integration, see the GitLab documentation.

Before you begin:

• Be able to deploy your app to an integration environment available to your GitLab build agent, or run it directly on the build agent for testing.

• Review the overview information in CI/CD Application Scan Overview.

Pipeline workflow file example for GitLab:

stages:
    - build
build-run-scan:
    stage: build
    image: docker
    services:
    - docker:dind
    script:
    - docker pull swaggerapi/petstore
    - docker run -d -e SWAGGER_URL=http://petstore:8080 -e SWAGGER_BASE_PATH=/v2 --name petstore swaggerapi/petstore
    - docker pull tenable/was-scanner:latest
    - docker run -v $(pwd):/scanner -t -e WAS_MODE=cicd -e ACCESS_KEY=${ACCESS_KEY} -e SECRET_KEY=${SECRET_KEY} --link petstore tenable/was-scanner:latest

Example integrations for CI/CD tools:

• Atlassian Bamboo

• Azure

• CircleCI

• GitHub

• Jenkins