Run scans locally or in your CI/CD
Run the Fluid Attacks scanner locally
You can run the Docker container with
docker run -v /dir/to/scan:/my-dir fluidattacks/cli:latest skims scan /my-dir
where /dir/to/scan is the path to the directory you want to scan.
Run the Fluid Attacks scanner on your CI/CD provider
Below are some configuration examples to set up the Docker container on some of the most popular CI/CD providers.
Run scans on GitHub Actions
# .github/workflows/dev.yml
name: Standalone CLI
on: [push, pull_request]
jobs:
machineStandalone:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@f095bcc56b7c2baf48f3ac70d6d6782f4f553222
- uses: docker://docker.io/fluidattacks/cli:latest
name: machineStandalone
with:
args: skims scan /dir/to/scan
Run scans on GitLab CI
# .gitlab-ci.yml
machineStandalone:
image: docker.io/fluidattacks/cli:latest
script:
- skims scan /dir/to/scanRun scans on Travis CI
# .travis.yml
services:
- docker
before_install:
- docker pull fluidattacks/cli:latest
- docker run fluidattacks/cli:latest /bin/bash -c "cd /dir/to/scan"
script:
- skims scan .If you want to break the build on your CI/CD pipeline when vulnerabilities are found, you can use the strict option in the configuration file.
Note: If the scan is taking too long to complete, try using the recursion limit option in the configuration file. To learn to solve other errors during execution, read the FAQ.
If you encounter a false positive during development, try using the exclusions as code flag.
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.