Integrating Invicti Enterprise with UrbanCode Deploy
You can use UrbanCode Deploy to automate application developments through your environments. It provides continuous delivery, the audit trails, versioning, and approvals needed in production.
You can integrate Invicti Enterprise with UrbanCode Deploy using cURL scripts, generated by our Integration Script Generator.
This topic explains how to generate and use cURL scripts to integrate Invicti Enterprise with UrbanCode Deploy in order to enable our advanced integration functionality.
For further information, see What Systems Does Invicti Integrate With?.
Generating and Using Invicti Enterprise’s UrbanCode Deploy Integration Scripts
Invicti Enterprise uses cURL command-line tools to integrate with UrbanCode Deploy.
How to Generate Invicti Enterprise’s UrbanCode Deploy Integration Scripts
- Log in to Invicti Enterprise.
- From the main menu, select Integrations > New Integration.
- From the Continuous Integration Systems section, select UrbanCode Deploy.
- From the Integration Script Generator section, select the relevant Scan Settings:
- From the Scan Type field, select an option.
- From the Website drop-down, select a website.
- From the Scan Profile drop-down, select a scan profile (this is not displayed if you select Full with Primary Profile as the Scan Type).
- Enable the Stop the scan if the Build fails, if required.
- Enable the Fail the Build if one of the selected scan severity is detected, if required.
- In the cURL field, select Copy to copy the cURL script. (You will then paste this into the file described in the next How to.)
Using Build Fail in Pipeline Project
It is possible to configure a failure in the UrbanCode Deploy build to stop the scan when a vulnerability severity is detected for pipeline projects.
This can be configured using the Severity parameter.
Scan Severity: With this option, you choose which severity will fail this UrbanCode Deploy build when found in a related scan. If you choose “DoNotFail”, the detected vulnerability does not affect your UrbanCode Deploy build.
- High or above
- Medium or above
- Low or above
- Best Practice or above
Using Invicti Enterprise’s UrbanCode Deploy Integration Script
You can use the Invicti Enterprise’s UrbanCode Deploy Integration Script to scan your application(s). This process has two steps to complete. First, you need to create a process, then you need to scan an application with the process you created.
A Invicti Enterprise’s UrbanCode Deploy Integration Script
An UrbanCode Deploy Account
Please make sure your UrbanCode Deploy environment has the Shell plug-in installed. For further information, see Shell.
How to Use Invicti Enterprise’s Script to Create a Process
- From the main menu, go to Components > [YOUR_COMPONENT] > Processes.
- Select Create Process, then enter mandatory information in the Create Process dialog. Then, select Save.
- In the Design window, select Scripting > Shell from the menu on the left.
- Drag Shell to the process, then select the pencil icon to edit.
- In the Edit Properties for Shell dialog, enter a friendly name to the Name field.
- Select Shell Script and paste the copied Invicti Enterprise integration script.
- In the Edit Script window, select Save.
- In the Edit Properties window, select OK.
- Select Save to save your process on the main menu.
When you successfully save your process, you can scan your application(s) by using this process.
Make sure you changed the User ID and API Token information in the script generated by Invicti Enterprise.
For further information about accessing your API information, see API Settings.
How to Scan an Application with a Process
- From the main menu, select Applications > [YOUR_APP].
- From the Application: [YOUR_APP] window, select Components.
- Select Run Process next to [YOUR_COMPONENT].
- In the dialog, select the relevant settings:
- From the Environment drop-down, select an option.
- From the Resource drop-down, select an option.
- From the Process drop-down, select an option.
- From the Version drop-down, select an option.
- Select Submit.
Following the successful completion of these steps, the scan starts in Invicti Enterprise. You can also review the output log in the UrbanCode Deploy for further details.
For more information about UrbanCode Deploy, see IBM UrbanCode Deploy Tutorial.