Articles in this section

See more

Integration of AppCheck into JetBrains TeamCity

Avatar
Moqueed Nazar
  • Updated
Follow

Context

TeamCity  (https://www.jetbrains.com/teamcity/)   is a build management and continuous integration (CI) server from JetBrains.

Continuous Integration (CI) is a development practice that requires developers to integrate code into a shared repository several times a day. Each check-in is then verified by an automated build, allowing teams to detect problems early. By integrating regularly, you can detect errors quickly, and locate them more easily.

Prerequisites 

  1. Contact AppCheck to obtain the API key and have the API enabled for your account
  2. Install the Ruby interpreter on those TeamCity agents that will run your build configuration. On Ubuntu-based agents this can be done by running “apt-get install ruby-full”.

Configure AppCheck to run as a build step 

  • Open your project page in the TeamCity user interface
  • Click “Show more »” on the left-hand menu
  • In the expanded list of options, choose “Meta-Runners”

 

  • Click “+ Upload Meta-Runner”
  • Choose the file called “AppcheckMetaRunner.xml” (provided by AppCheck)
  • Click “Save”

  • Go to the configuration page of the build that you want to update
  • Click “+ Add build step”

  • In the “Runner type” drop-down menu, select the option named “Run AppCheck”
  • The step configuration parameters will appear on the screen

  • “Step name” is what the step will be called on the Build Steps page and can be anything
  • “AppCheck API Key” will be provided by AppCheck
  • “AppCheck Scan ID” is the ID of the scan that will run when this build step executes. To find out what this ID is, go to “https://scanner.appcheck-ng.com/”, open the configuration page of the desired scan, and copy the last 16 characters of the page URL, as shown on the screenshot below.

 

  • “Fail the build step if” allows you to choose which condition should be considered a build step failure. Initially, “At least one HIGH vulnerability is found” is selected. It means that if AppCheck finds at least one HIGH vulnerability, the build step will be marked as failed.
  • Once the step is configured, click “Save”
  • Verify that the step order is correct for your project. You can reorder the build steps if necessary.

 

 

 

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.