Note: The default ITS GitLab runner is a shared resource and is subject to slowdowns during heavy usage.
You can run your own GitLab runner that is dedicated just to your group if you need to avoid processing delays.

Commit f26c2958 authored by Ben Balk's avatar Ben Balk
Browse files

Update README.md

parent 810a9fc2
Pipeline #2950 passed with stage
in 21 seconds
......@@ -4,10 +4,10 @@ An automated way to test your code for vulnerabilities!
## Getting Started
It couldn't be easier to get started. Simply create a file in your repo called .gitlab-ci.yml and paste the following text into it:
It couldn't be easier to get started. Simply create a file in your repo called
.gitlab-ci.yml and paste the following text into it:
```yaml
---
stages:
- sast
......@@ -19,35 +19,70 @@ bandit:
- bandit -r .
allow_failure: true
```
An example .gitlab-ci.yml file is included in this project.
### Prerequisites
### If You Are Already Using GitLab's CI/CD Pipelines
Your code repo needs to be hosted in GitLab (https://gitlab.umich.edu)
To add this test to an existing GitLab Pipeline, use the following
as an example:
```yaml
---
stages:
- lint
- test
- sast # <---Add this line to your pipeline stages.
flake8:
image: python:2.7-jessie
stage: lint
before_script:
- pip install flake8
script:
- flake8 tests src *.py
allow_failure: true
```
Give examples
test-py27:
image: python:2.7-jessie
stage: test
before_script:
- pip install pytest-cov pytest-mock
- pip install -e .
script:
- pytest --cov=src --junitxml=junit.xml
artifacts:
reports:
junit: junit.xml
# Add a job like this one and specify the "sast" stage.
bandit:
stage: sast
image: python:latest
script:
- pip install bandit
- bandit -r .
allow_failure: true
```
## Running the tests
### Prerequisites
Your code repo needs to be hosted in GitLab (https://gitlab.umich.edu).
The University of Michigan instance of GitLab has a built-in GitLab Runner
that will be used automatically if you create a .gitlab-ci.yml file.
Simply by creating the .gitlab-ci.yml file in your repo, GitLab will begin automatically testing your code using the shared GitLab Runner.
### Break down into end to end tests
Out of the box we are offering an easy entry point into automatically testing your python code for static vulnerabilities.
```
Give an example
```
Out of the box we are offering an easy entry point into automatically testing
your python code for static vulnerabilities. This simple test will use Bandit
to find common security issues in Python code.
## Authors
* **Rick Getchell** - rgetchel@umich.edu
* **Patrick Steffes** - psteffes@umich.edu
* **Patrick Steffes** - psteffes@umich.edu
* **Greg Benn** - gbenn@umich.edu
* **Ben Balk** - bbalk@umich.edu
## Acknowledgments
* The 2019 Hacks With Friends Volunteers
* The 2019 Hacks With Friends Volunteers!!!
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment