Use CircleCI version 2.1 at the top of your .circleci/config.yml file.
1
version: 2.1
Add the orbs
stanza below your version, invoking the orb:
1
2
orbs:
security-scan: probely/security-scan@1.1.3
Use security-scan
elements in your existing workflows and jobs.
Opt-in to use of uncertified orbs on your organization’s Security settings page.
Start the scan on a target (website) using Probely.
1
2
3
4
5
6
7
8
orbs:
probely: probely/security-scan@x.y.z
version: 2.1
workflows:
example-workflow:
jobs:
- probely/scan:
target_id: probely_target_id
Start a scan on a target (website) using Probely.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
api_key | The Probely API key to use, defined in the PROBELY_API_KEY environment variable.
| No | PROBELY_API_KEY | env_var_name |
target_id | The id of the target (website) to scan. | Yes | - | string |
Start the scan on a target (website) using Probely.
PARAMETER | DESCRIPTION | REQUIRED | DEFAULT | TYPE |
---|---|---|---|---|
api_key | The Probely API key to use, defined in the PROBELY_API_KEY environment variable.
| No | PROBELY_API_KEY | env_var_name |
api_url | The URL of Probely's API | No | https://api.probely.com | string |
target_id | The id of the target (website) to scan. | Yes | - | string |
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
# This code is licensed from CircleCI to the user under the MIT license.
# See here for details: https://circleci.com/developer/orbs/licensing
commands:
scan:
description: |
Start the scan on a target (website) using Probely.
parameters:
api_key:
default: PROBELY_API_KEY
description: |
The Probely API key to use, defined in the PROBELY_API_KEY environment variable.
type: env_var_name
api_url:
default: https://api.probely.com
description: The URL of Probely's API
type: string
target_id:
description: The id of the target (website) to scan.
type: string
steps:
- run:
command: |
# Check if API key is set
if [ -z "${<< parameters.api_key >>}" ]; then
echo "NO PROBELY API KEY SET"
echo "Please set your API key in the << parameters.api_key >> variable"
exit 1
fi
# Check if target id is set
if [ -z "<< parameters.target_id >>" ]; then
echo "NO PROBELY TARGET ID SET"
echo "Please set the target id as a parameter for this orb."
exit 1
fi
curl -X POST \
-H "Authorization: JWT ${<< parameters.api_key >>}" \
<< parameters.api_url >>/targets/<< parameters.target_id >>/scan_now/
exit $?
name: Probely - Starting Security Scan
description: |
Use Probely to scan your web application for security vulnerabilities.
Full orb source code: https://github.com/Probely/probely-orb
display:
home_url: https://probely.com/
source_url: https://github.com/Probely/probely-orb
examples:
scan:
description: Start the scan on a target (website) using Probely.
usage:
orbs:
probely: probely/security-scan@x.y.z
version: 2.1
workflows:
example-workflow:
jobs:
- probely/scan:
target_id: probely_target_id
executors:
alpine:
docker:
- environment:
TERM: dumb
image: cibuilds/base:latest
resource_class: small
jobs:
scan:
description: Start a scan on a target (website) using Probely.
executor: alpine
parameters:
api_key:
default: PROBELY_API_KEY
description: |
The Probely API key to use, defined in the PROBELY_API_KEY environment variable.
type: env_var_name
target_id:
description: The id of the target (website) to scan.
type: string
steps:
- scan:
target_id: << parameters.target_id >>
version: 2.1