CI/CD Integration

If you maintain a large rulebase in through version-control managed platform, you may be interested in integrating suricata-check with your Continuous Integration and Continuous Deployment workflows.

This is possible using the --github and --gitlab CLI options. The integration can be further adjusted to the specific deployment environment needs using the other available CLI options.

An example of such an integration for GitHub can be found here.

GitHub

Integration with GitHub is easy. All you need to do is checkout the repository containing the rules that require checking, setup a Python environment and install suricata-check, and run it with the --github option to automatically issue the required GitHub workflow commands for integration.

For example, when integrated with GitHub, issues can be highlighted in a pull requests (PRs) similar to this example PR.

For GitHub, you can copy this workflow and modify it to your needs.

GitLab

To integrate suricata-check with GitLab, you need to run it in a workflow with the --gitlab option to produce the suricata-check-gitlab.json file which follows the required CodeClimate report / GitLab Code Quality Report format.

To have GitLab process this output, you need to declare the code quality report using the syntax prescribed by GitLab.