Mobb can be integrated into any CI/CD platform of your choice. In this guide, the process of integration with GitHub Actions will be demonstrated.
After logging into Mobb, select the last option in the menu: “Connect Mobb to Your Workflow”.
To run Mobb within GitHub Actions, select “GitHub Actions”.
You will be presented with a sample GitHub Actions yaml script that you can use within GitHub Actions. This particular example uses Checkmarx as the SAST scanner, however, you may want to modify the script to use the SAST tool of your choice. \
# This example utilizes Mobb with Checkmarx via GitHub Actionson: [pull_request]jobs:Checkmarx-Mobb-example:runs-on:ubuntu-latestname:Fix Checkmarx findings with Mobbsteps: - name:Checkout repo to get codeuses:actions/checkout@v3 - name:Setup Node on this machineuses:actions/setup-node@v3.6.0with:node-version:18 - name:Download and configure Checkmarx CLIrun:| wget https://github.com/Checkmarx/ast-cli/releases/download/2.0.54/ast-cli_2.0.54_linux_x64.tar.gz -O checkmarx.tar.gz
tar -xf checkmarx.tar.gz ./cx configure set --prop-name cx_apikey --prop-value ${{ secrets.CX_API_KEY }} ./cx configure set --prop-name cx_base_auth_uri --prop-value ${{ secrets.CX_BASE_AUTH_URI }} ./cx configure set --prop-name cx_base_uri --prop-value ${{ secrets.CX_BASE_URI }} ./cx configure set --prop-name cx_tenant --prop-value ${{ secrets.CX_TENANT }}shell:bash -l {0} - name:Run Checkmarx SAST scan run: ./cx scan create --project-name my-test-project -s ./ --report-format json --scan-types sast --branch nobranch --threshold "sast-high=1"
shell:bash -l {0} - name:Run Mobb on the findings and get fixesif:always()uses:mobb-dev/action@v1with:report-file:"cx_result.json"api-key:${{ secrets.MOBB_API_TOKEN }}github-token:${{ secrets.GITHUB_TOKEN }}// Some code
For a demonstration of how this integration works, you can visit the following YouTube video:
