This is for customers who want to use Lacework in their pipelines, using the Lacework Buildkite Plugin.
Platform(s)
Any! This template makes use of the Lacework Buildkite Plugin to run Laceworks CLI and perform Software Composition Analysis (and more)
Language(s)
What language(s) should this template use?
Should be language agnostic, but could include something in JS if having a specific example project included makes sense.
Tooling Requirements
Are there specific tools this template should integrate with?
Requires the Lacework CLI, though it is possible this will be installed as part of the plugin in a future release.
Additional Context
I had initially tried to add this by creating a PR, but looks like I don't have permission so I'll slap the files here for you folks.
Lacework Plugin Example
pipeline.yaml
steps:
- label: ":lacework: Analysis"
plugins:
- lacework#v0.1.0:
account-name: "mycompany" # update this to your company account name
README.MD
---
title: Scan using Lacework
description: Audit your project for security vulnerabilities using Lacework.
author: Buildkite
use_cases: ["Security", "CI", "Schedule"]
tools: ["Lacework"]
primary_emojis: [:lacework:]
---
# Scan using Lacework
This template gives you a continuous integration (CI) pipeline that scans a a sample project for security vulnerabilities using Lacework.
At a glance:
- Uses [Lacework](https://www.lacework.com/) and requires an account and API key for security scanning
- Requires [Docker](https://docs.docker.com/get-docker/)
## How it works
This template:
1. Sets up the environment with Lacework
2. Runs Lacework over yourproject for security vulnerabilities.
## Next steps
After you select **Use template**, you’ll:
1. Connect your git repository.
2. Modify the template commands, environment variables, secrets as needed for your project.
3. [Create](https://docs.lacework.net/console/api-access-keys) and store your Lacework API token securely on your agents.
4. Configure the compute—run locally, on-premises, or in the cloud.
5. Run the pipeline.
Pipeline template request
Use case(s)
This is for customers who want to use Lacework in their pipelines, using the Lacework Buildkite Plugin.
Platform(s)
Any! This template makes use of the Lacework Buildkite Plugin to run Laceworks CLI and perform Software Composition Analysis (and more)
Language(s)
Should be language agnostic, but could include something in JS if having a specific example project included makes sense.
Tooling Requirements
Requires the Lacework CLI, though it is possible this will be installed as part of the plugin in a future release.
Additional Context
I had initially tried to add this by creating a PR, but looks like I don't have permission so I'll slap the files here for you folks.
Lacework Plugin Example
pipeline.yamlREADME.MDThank you!