A service for DevOps/DevSecOps operations.
Supported operations:
-
Code Analysis
Safety-related analysis, code quality analysis, syntax style review tools, or dead code detection tools.
-
Continuous Pipelines
Pipeline stages in an automated software development and deployment flow.
-
Git Hooks
Hooks are used by Git to trigger actions at certain points in git command.
-
Containers
Ready to use container templates.
-
Makefile
Collection of make targets used for this DevOps service repository.
Integrate the DevOps service as a git submodule dependency in a base repository.
NOTE Copy and modify the Makefile in a base repository:
- URL_DEVOPS :=
<url>- PATH_DEVOPS :=
<relative-path>
-
Add Git submodule
make setup-submodule
-
Update Git submodules
make update-submodule
-
Remove Git submodules
make teardown-submodule
Run the following command to setup the DevOps service in a base repository:
make setup-devopsThe commands of the initialized DevOps service are available as make <target> in the Makefile of a base repository. Run make help in the terminal to see the full list of supported commands.
NOTE Modify the Makefile to meet the requirements of a base repository.
Triggers custom scripts in /githooks when certain Git actions occur.
- In Azure the pipelines in
/.azureneed to be added in Azure Pipelines service. - In GitHub the
/.github/workflowsis a automated process that will run as configured on Pull Request (PR).
See the options description for more information.
-
Static Application Security Testing (SAST)
Perform analysis of local staged files:
make run-linter-staged
Perform analysis of local modified files:
make run-linter-diff
Perform analysis of modified files in continuous integration pipeline:
make run-linter-ci
-
Dynamic Application Security Testing (DAST)
Perform analysis of the application binary file:
make run-sanitizer-app
-
Software Composition Analysis (SCA)
Perform security analysis of local project:
make run-security-scan