DigitSec recommends that you prepare for this integration by opening three separate browser windows and following these steps to connecting DigitSec and Copado. Keep this page open for instructions, while you switch between DigitSec and Salesforce/Copado.
Source Format pipelines supercharge Copado's commit-based scanning. To work properly, each sandbox/org in your pipeline should have a corresponding connected workspace set up in DigitSec. When making a commit to a User Story, DigitSec will scan the source sandbox/org with the newly committed code. Scans will not be initiated if there is not a connected Workspace on DigitSec corresponding to the Source Sandbox/Org.
- DigitSec Docs Site (current page)
- Salesforce/Copado (login)
- DigitSec (login)
-
Install the DigitSec integration using one of the following links:
Source Format Pipelines
https://login.salesforce.com/packaging/installPackage.apexp?p0=04tfh000000T3FR (production, developer)
https://test.salesforce.com/packaging/installPackage.apexp?p0=04tfh000000T3FR
(sandbox) -
On the Salesforce Copado page, access the Setup menu by clicking on the gear icon in the upper right-hand corner of Salesforce, then use the Quick Find menu to navigate the left-hand navigation. Proceed to connect your integration to DigitSec by adding your DigitSec Credential as the Named Credential (shown below).
Setup > Quick Find > Named Credentials > Edit "DigitSecCredentials"
or
Setup Home > Settings: Security > Named Credentials: Edit "DigitSecCredentials"
Enter the username and password you use to access DigitSec in the appropriate fields. Remember to click the SAVE button at either the top or bottom of the screen dialog. -
Return to your Salesforce/Copado window to modify the custom settings for digitsec in Salesforce.
Navigate to the Custom Settings control using the left-hand navigation with the Quick Find menu.
Setup Home > Quick Find > Custom Settings
or
Setup Home > Platform Tools: Custom Code > Custom Settings: Manage DigitSec
On the Custom Setting > digitsec page, it is possible there aren't any values in place. Please click the New button to add one or click the Edit link if one already exists.
For the Location> Profile value, please make sure to use the Search tool to select a profile using Salesforce menus to ensure the proper object is specified.
Scan Commit: Make sure to only activate this checkbox if the Org credentials added in the User Story are the same as the Org connected. This option will only scan the last commit and will trigger an automatic scan when a user commits a user story.Please Note: At this time, the OrgId included in the DigitSec Custom Setting is a required field. However, the value that is entered does not have an impact on the integration between Copado and DigitSec. It is a legacy setting value from the Metadata Pipelines integration. You must simply add a string so this value is not blank.
Additional Note: For each User Profile that will be initiating scans, ensure that there is a Custom Setting for that Profile and verify it has the Run Flows permission enabled.
- Now you can run DigitSec Security Scans from Copado User Stories.
Referring to the options you selected in Step 4, you are able to scan the last commit if you enabled "Scan Commit", and/or run a scan against the entire User Story if you selected "Scan the entire User Story" and have the repo attached to DigitSec. If neither of these are selected, S4 will run a scan against the specified Org.
-
In order to scan all changes in the User Story, you must add the repository associated with a Copado pipeline to DigitSec S4. Please refer to the GitHub, Azure, BitBucket, or GitLab docs for integration.
Important: Please do not add the webhook as that will duplicate the scans.
Deployment Steps
Steps 6-12 below are not a required part of a Copado Configuration. You may choose to follow these steps based on your requirements.
- Go to the Copado Release Manager and select "Deployments" in the upper tabbed navigation. Then click on the new button. You should see a "New Deployment" dialog screen.
- Select the most appropriate type that works for you. For these instructions, we are using "Advanced". Click Next.
- On the next screen, you will give your deployment a name and select the Source Credential. Click Save.
- This action will bring you to an index of your existing deployments, including the one just created. Click on the Deployment name that you just created.
- Update the "To Credential" as needed in the Deployment Information Screen. In the example image below, we have chosen "Production-SFP" as the "To Credential".
On the same screen you should see a header for "Steps" click the "Add Step" button. - Name the step and then set the type to be "Salesforce Flow".
-
Please use the image below as an example for how to configure the Step.
Please note: you should be able to select "DigitSecFlow" for "Select Salesforce Flow" and match all the indicated parameters as follows:- deploymentId - {!Deployment.Id}
- deploymentResultId - {!Deployment.JobId}
- resultId - {!Result.Id}
Click "Save".
The configuration is now complete. Simply click "Deploy All" option to start the deployment. This will fire a DigitSec scan on the DigitSec platform.
- To manage the display of DigitSec results in Copado, please refer to this page.