In this article we will make the necessary modifications to a simple CircleCI project to scan a GitHub or Bitbucket repository with the SOOS CircleCI Orb.

Integration Steps

Open the SOOS App, browse to Integrate > CI/CD/Repo > CI/CD > CircleCI

Note the API Key (SOOS_API_KEY), Client ID (SOOS_CLIENT_ID) and Script (Script Integration) values, you will need these below to set up the Environment Variables.

Technical details for the script can be found here: https://github.com/soos-io/soos-ci-analysis-circleci-orb 

Repo Setup

  1. Create a directory called .circleci in the root directory of your local GitHub or Bitbucket code repository.
  2. Create a config.yml file inside the .circleci directory with the following lines (if you are using CircleCI server v2.x, use version: 2.0 configuration):
    version: "2.1"
      soos: soos-io/sca@1.0.0
          - soos/analysis_run_and_wait:
              client_id: $SOOS_CLIENT_ID # Environment Variable defined on Setup Environment Variables section
              api_key: $SOOS_API_KEY # Environment Variable defined on Setup Environment Variables section
              project_name: "Project Name"
  3. Commit and push the changes.

  4. Go to the Projects page in the CircleCI app, click the Add Projects button, then click the Set Up Project button next to your project. If you don’t see your project, make sure you have selected the associated Org. See the Org Switching section below for tips.

  5. Click the Start Building button to trigger your first build. (Previous this step, you must to setup the environment variables)

Find more more information in the CircleCI Docs here.

Build Setup

Setup Environment Variables

  1. In the CircleCI application, go to your project’s settings by clicking the gear icon on the Pipelines page, or the three dots on other pages in the application.
  2. Click on Environment Variables.
  3. Add the SOOS_CLIENT_ID and SOOS_API_KEY variables by clicking the Add Variable button and enter the name and the value provided by the SOOS App as noted in the Integration Steps at the start of this article

You can get more information related to the setup environment variables here.