Support
Continuous Integration Systems

Integrating Invicti Enterprise with Travis CI

This document is for:
Invicti Enterprise On-Demand, Invicti Enterprise On-Premises

Travis CI is a hosted continuous integration service. It is used to test and deploy software projects hosted on GitHub and Bitbucket. You can log in to Travis CI with GitHub or Bitbucket, instruct Travis CI to test the code of a project, and then push it to GitHub or Bitbucket. 

Image result for travis ci

For further information, see What Systems Does Invicti Integrate With?.

Generating and Using Invicti Enterprise’s Travis CI Integration Scripts

Invicti Enterprise uses cURL and PowerShell command-line tools to integrate with Travis.

How to Generate Invicti Enterprise's Travis CI Integration Scripts
  1. Log in to Invicti Enterprise.
  2. From the main menu, go to Integrations > New Integration > Travis CI.

  1. From the Integration Script Generator section, select the relevant Scan Settings:
    • From the Scan Type field, select an option
    • From the Website drop-down, select a website
    • From the Scan Profile drop-down, select a scan profile (this is not displayed if you select Full with Primary Profile as the Scan Type)
  1. In the script field, select Copy to clipboard ( ) to copy script. (You will then paste this into the file described in How to Use Invicti Enterprise’s Travis Integration Script.)
How to Use Invicti Enterprise's Travis Integration Script
  1. Navigate to your Git project and open .travis.yml file.
  2. Paste the copied script (from How to Generate Invicti Enterprise’s Travis CI Integration Scripts) into your .travis.yml file. Then commit and push it to the Git repository.
  3. Log in to your Travis account.
  4. Navigate to your Travis Project window.

You can copy and paste the cURL script below into your .yml file and use it as an example.

script: |
    curl -u "$USERID:$APITOKEN" -X POST https://www.netsparkercloud.com/api/1.0/scans/CreateFromPluginScanRequest -H 'Content-Type: application/json' -d "{'WebsiteId': '4193d4c3-ba11-4920-576b-abc80256ae2e', 'ScanType': 'FullWithPrimaryProfile', 'VcsCommitInfoModel': {'CiBuildConfigurationName' : '$TRAVIS_JOB_NAME', 'CiBuildHasChange': '$TRAVIS_COMMIT', 'CiBuildId': '$TRAVIS_BUILD_ID', 'CiBuildServerVersion': '$TRAVIS_APP_HOST', 'CiBuildUrl': '$TRAVIS_BUILD_WEB_URL', 'Committer': '$USER', 'IntegrationSystem': 'TravisCI', 'VcsName': 'Git', 'VcsVersion': '$TRAVIS_COMMIT'}}"

Or, you can copy and paste the Powershell script below into your .yml file and use it as an example.

Invoke-RestMethod -uri 'https://www.netsparkercloud.com/api/1.0/scans/CreateFromPluginScanRequest' -ContentType 'application/json; charset=UTF-8'  -Method POST -Headers @@{ Authorization = "Basic $([System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes($env:USERID +':'+$env:APITOKEN)))"} -Body $(@@{ WebsiteId='ac5c492c-94ad-4512-9f8a-ab9502091c0c'; ProfileId='f812aa2c-d2a6-4574-e145-ad3b01dae776'; ScanType='FullWithSelectedProfile'; VcsCommitInfoModel = @@{CiBuildConfigurationName = $env:TRAVIS_JOB_NAME; CiBuildHasChange = $env:TRAVIS_COMMIT; CiBuildId = $env:TRAVIS_BUILD_ID; CiBuildServerVersion = $env:TRAVIS_APP_HOST; CiBuildUrl= $env:TRAVIS_BUILD_WEB_URL; Committer= $env:USER; IntegrationSystem = 'TravisCI'; VcsName = 'Git'; VcsVersion = $env:TRAVIS_COMMIT};}| ConvertTo-Json)

  1. Select Settings.
  2. Navigate to Environmental Variables and add your Invicti Enterprise API credentials as USERID and APITOKEN variables.
  3. Select More Options from the top-right menu, then select Trigger build to start a build.