Onboarding

To get onboarded you need a ShiftLeft environment. Request that here: Support - Make sure the area path = shared\CRHF Security - Make sure the supporting team = CRHF Security - Please include the requesters name as well as your repo that you want to get onboarded. - Please indicate whether you would like access to the Cloudguard UI or not. Results will display in the pipeline output and can be exported.

Once the API credentials and ShiftLeft environment are available. You need to setup the Azure Pipeline. An example is provided in the CRM Security Example or the GSO example. The required ruleset ID is 823703. Being compliant with that Ruleset will ensure image compliance with GSO. Use the support ticket link above for more troubleshooting support.

NOTE: The pipeline fails if it finds vulnerabilities. This can be adjusted but it is set to block by default.

links: CRM Security Example.txt CLI use instructions GSO Site GSO example