Break the build
Fluid Attacks offers an automated security measure for your CI/CD pipeline to prevent builds with vulnerabilities from passing. Breaking the build compels your team to fix the code so that it can pass. To use this feature, you need to have Fluid Attacks' CI Agent installed.
You can run the CI Agent locally and in your CI/CD pipeline.
Follow these steps to run the CI Agent locally:
-
Get the required token as shown in Install the CI Agent to break the build.
-
Pull the Docker image:
docker pull fluidattacks/forces:latest -
Run the container with the command below, where
<your-token>is the token you generated in step 1.docker run --rm -ti fluidattacks/forces:latest forces --strict –-breaking 7.0 --token <your-token>
Note: The above command is for the CI Agent to break the build if any high severity vulnerability is present. Read the Arguments page section to learn to customize the CI Agent execution.
Follow the instructions presented in Run the CI Agent on your CI/CD to use it with Azure DevOps, GitHub, GitLab and Jenkins.
Now that you have learned the basics to secure your software with Fluid Attacks, you can spare some time to learn more about the platform.