Tenable Web App Scanning CI/CD Scanning with GitLab Integration

You can deploy a Tenable Web App Scanning Docker image in continuous integration and continuous delivery/continuous deployment CI/CD against your application in GitLab. For more information on this integration, see the GitLab documentation.

Before you begin:

Be able to deploy your app to an integration environment available to your GitLab build agent, or run it directly on the build agent for testing.
Review the overview information in CI/CD Application Scan Overview.

Pipeline workflow file example for GitLab:


stages:
	- build
build-run-scan:
	stage: build
	image: docker
	services:
	- docker:dind
	script:
	- docker pull swaggerapi/petstore
	- docker run -d -e SWAGGER_URL=http://petstore:8080 -e SWAGGER_BASE_PATH=/v2 --name petstore swaggerapi/petstore
	- docker pull tenable/was-scanner:latest
	- docker run -v $(pwd):/scanner -t -e WAS_MODE=cicd -e ACCESS_KEY=${ACCESS_KEY} -e SECRET_KEY=${SECRET_KEY} --link petstore tenable/was-scanner:latest

Example integrations for CI/CD tools: