Configure your Codeship Repository

SourceClear Software Composition Analysis

About this task

To scan using SourceClear:

Procedure

  1. Go to the project you want to scan.
  2. Select Project Settings > Testing.
  3. In the test pipelines commands, enter the following code after your build commands:
    curl -sSL https://download.sourceclear.com/ci.sh |
                        bash
  4. Commit these changes to trigger a build for your repository.

Results

SourceClear performs a scan and displays results to your SourceClear environment

What to do next

If you want to add SourceClear scanning to other repositories, add the installation and scan code above to any test pipelines you want. After you add the SRCCLR_API_TOKEN environment variable, you can perform scans on each new build.