Getting started
IntroductionInstalled packagesEnvironment variablesDebugging buildsCachingParallel testingDeployment pipelinesRunning commands as rootIgnoring commandsRun a command in case of an errorSetting timezoneAccess to other repositoriesUsing scriptsGit LFSUbuntu 20.04 Focal
IntroductionFTP/SSH/SFTP/RSYNCCustom scriptHerokuHeroku MigrationAWS Elastic BeanstalkAWS CodeDeployAWS LambdaAWS S3Google App EngineAWS CLIgcloud CLIAzure CLIDigital OceanEngine YardCapistranoGit PushCloudFoundryCloud66anynines
IntroductionBrowser testingBackground commandsGit submodulesCustom DNSArtifacts
IntroductionCassandraCouchDBDynamoDBMongoDBMySQLPostgreSQLSQLite
IntroductionDartElixirGoJava and JVMMeteorNode.jsPHPPythonRubyRust
IntroductionBeanstalkdRabbitMQRedis
IntroductionElasticsearchMemcachedSphinx
IntroductionCloudBees CodeShip Pro introduction guideCloudBees CodeShip Pro introduction guide 2CloudBees CodeShip Pro introduction guide 3CloudBees CodeShip Pro introduction guide 4CloudBees CodeShip Pro introduction guide 5
Migrating to CloudBees CodeShip Pro
Docker for CI/CD
Getting started with CloudBees CodeShip Pro overview and resources
IntroductionServices configSteps configEnvironment variablesImage registriesImage cachingBuild argumentsVolumesHandling secretsMultiple reposServices and databasesSetting an SSH private keyPreinstalled images
IntroductionInstallationUsing the Jet CLIjet cleanupjet decryptjet encryptjet generatejet loadjet runjet stepsjet updatejet validatejet version
IntroductionAWSAWS S3AWS EBAWS ECSAWS EKSAWS CodeDeployAzure Container ServiceHerokuGoogle CloudGoogle App EngineGoogle Cloud FunctionsGoogle Container EngineGoogle Compute EngineKubernetesTerraformDeploy Via SSHDocker SwarmIBM Cloud FoundryIBM Cloud Container Service
IntroductionBrowser testingParallel testing
IntroductionElixirGoJava and JVMNode.jsPHPPythonRuby
IntroductionCaching multi-stage DockerfileContainer is slow to exitDiffering results with Jet CLIDocker Hub rate limitingManaging multiple environments for a serviceReducing log output from dependent containersStep log not appearingUsing env vars in command steps

Integrating CodeShip With Snyk For Security Analysis

2 minute read

About Snyk

Snyk is an automated way to check for security vulnerabilities with your dependencies.

By using Snyk you can be sure that your dependencies are up to date and secure.

Starting with Snyk and CodeShip is fast and easy. The Snyk documentation does a great job of providing more information, in addition to the setup instructions below.

CloudBees CodeShip Pro

Adding Token

To start, you need to add your SNYK_TOKEN to the encrypted environment variables that you encrypt and include in your codeship-services.yml file.

CLI Configuration

To use Snyk in your CI/CD process, you’ll need to add the Snyk CLI to a service in your codeship-services.yml file.

To add the Snyk CLI, you will need to add the following command to the Dockerfile for the service you want to run Snyk on:

RUN npm install -g snyk

Note that this requires the Dockerfile to also have Node and NPM available, to use the Snyk CLI.

Running A Scan

Once your Snyk token is loaded via your environment variables and you have defined a service that installs the Snyk CLI, you can run a Snyk scan during your CI/CD pipeline by passing the Snyk CLI commands via the service you have it installed in.

We will combine the Snyk authentication and Snyk scan commands into a script file that we call from a step:

- name: Snyk
  service: app
  command: snyk.sh

Inside this snyk.sh script, you will have something similar to:

snyk auth $SNYK_TOKEN
snyk test

CloudBees CodeShip Basic

Adding Token

To start, you need to add your SNYK_TOKEN to your to your project’s environment variables.

You can do this by navigating to Project Settings and then clicking on the Environment tab.

CLI Configuration

To use Snyk in your CI/CD process, you’ll need to install the Snyk CLI via your project’s setup commands:

npm install -g snyk

Running A Scan

Once your Snyk token is loaded via your environment variables and you have installed the Snyk CLI, you can run a Snyk scan during your CI/CD pipeline.

You will need to add the following commands to your project’s setup and test commands

snyk auth $SNYK_TOKEN
snyk test
Using Runscope
Using Testable