Integration with CI/CD Pipelines
Integration with CI/CD Pipelines
Incorporate SQL injection testing into development workflows:
# GitLab CI/CD pipeline configuration
sql_injection_test:
stage: security_test
image: python:3.9
before_script:
- pip install requests sqlparse
- apt-get update && apt-get install -y sqlmap
script:
- python sql_injection_scanner.py
- |
if [ -f "vulnerable_endpoints.txt" ]; then
echo "SQL injection vulnerabilities found!"
cat vulnerable_endpoints.txt
exit 1
fi
artifacts:
paths:
- security_scan_results/
expire_in: 30 days
only:
- merge_requests
- master
# Jenkins pipeline script
pipeline {
agent any
stages {
stage('Security Scan') {
steps {
script {
sh '''
# Run OWASP ZAP for SQL injection testing
docker run -v $(pwd):/zap/wrk/:rw \
-t owasp/zap2docker-stable zap-baseline.py \
-t https://staging.example.com \
-c sql-injection.conf \
-J zap-report.json
'''
// Parse results
def zapReport = readJSON file: 'zap-report.json'
def sqlInjectionAlerts = zapReport.site.findAll {
it.alerts.any { alert ->
alert.name.contains('SQL Injection')
}
}
if (sqlInjectionAlerts) {
error "SQL injection vulnerabilities detected!"
}
}
}
}
}
}