CI-CD Integration

Integrate with popular CI/CD pipelines

You can use ThreatStryker to scan artifacts in a CI (Continuous Integration) pipeline. If a vulnerability is detected and the CI build is blocked, the ThreatStryker agent will submit the details to the ThreatStryker management console. The console will then forward the details to the configured notification services.

Configuring CI Scanning

The ThreatStryker CI action supports several CI pipelines, including CircleCI, GitLab and Jenkins. It blocks a build if the number of CVE violations exceeds a user-defined threshold, or if the total CVE score exceeds a threshold, and notifications are submitted to the configured management console.

If a build is not blocked, ThreatStryker silently allows it to proceed.

For configuration details, refer to the appropriate CI/CD Integrations in the repo or refer any of the below guides:

📄️ Circle CI

Deploy to AWS ECS from ECR via CircleCI 2.0

📄️ Gitlab

This is an example of how to build and test a Dockerized web application on Gitlab. The image can later be pushed to any remote registry of choice.

📄️ Jenkins

Customers build their image, then run the scan on their image. The scan results are sent to Deepfence management console for further analysis.