Generate an Advanced Encryption Standard (AES) key and place the key in a codeship.aes file in the root of your project directory. Read additional documentation on generating an AES key here.
Before you begin
- Edit the text file containing your environment variables, which you encrypt prior to committing your code.
- Add the SRCCLR_API_TOKEN to the file and set it to the authentication token you generated above.
- Save the environment variable file.
Encrypt the environment variables using Jet CLI.
A file is generated, called env.encrypted in this example, with the encrypted environment variables jet encrypt env env.encrypted
- Before you commit your code, add the env file to your .gitignore, or delete the file after you create it.
Edit the codeship-services.yml file, and use the
encrypted_env_file directive to add your encrypted
environment variables from the env.encrypted file to your build
app: build: image: myorg/appname dockerfile_path: Dockerfile encrypted_env_file: env.encrypted
To scan using SourceClear, edit the
codeship-steps.yml file within the project you want to
add SourceClear, and add the following step after your build step:
- name: sourceclear service: app command: sh -c "curl -sSL https://download.sourceclear.com/ci.sh | sh”
- Commit the changes to your repository.
The next time you run your build through Codeship Pro, SourceClear performs a scan on your repository. For details on configuring your Codeship Pro project, additional documentation is available.