Request A Demo
Back to All Blog Articles

Enhancing Release Security with FlexDeploy: Pipeline Scan Gate

Code analysis plays a vital role in the software development life cycle, ensuring that your code is free of bugs, devoid of vulnerabilities, and compliant with industry standards. Since version 6.0, FlexDeploy has provided integrations for static code analysis, vulnerability scanning, and dynamic application security testing. With the release of version 7.0, automatic aggregation and evaluation of code scans is available through pipelines. In this blog post, we will dive into the implementation of the new Pipeline Scan Gate, aimed at enhancing the security levels of your releases.

Scan Gate Example

In FlexDeploy, code scans can be executed within workflows. Typically, utility workflows are employed to focus solely on analyzing source code. However, any workflow can be configured to conduct a scan on a project. Upon execution, vulnerabilities and code issues detected by the scan can be accessed on the “Scan Results” page within the project’s execution. For detailed instructions on setting up code analysis within FlexDeploy, view SAST and DAST Scan Integration.

Pipeline Setup

When incorporating the new Scan Gate into a pipeline, several factors need to be considered. Maximum issue counts can be defined for each severity level of the scans. If the issue count exceeds the specified number, the gate will fail. Scan results can be evaluated either per project or cumulatively for all scans. The gate always evaluates scans performed from project build execution inputs to a snapshot. In addition to builds, you can choose to evaluate scans performed in any previous stages, encompassing all executions within the selected stage.

Scan Gate setup on a pipeline that evaluates by project for all scans performed on the Development stage.

Release Execution

The image below shows the snapshot execution page of our newly implemented Scan Gate. The gate assessed four different scans, all originating from either the builds for this snapshot or other project executions from the development stage. The gate failed due to the detection of 24 high severity issues in the first scan. During gate setup, the maximum high severity issue count was configured to be less than five.


Using the Scan Gate, you will be able to more efficiently evaluate vulnerabilities within your code during the release automation process. We are eager to see our customers leverage all the great release automation features in FlexDeploy!

Related Resources

FlexDeploy 8.0: A Milestone in Transformation

Ready to supercharge your DevOps journey? Dive into this recording of the FlexDeploy 8.0 release webinar and discover the exciting ...

What’s New in FlexDeploy 8.0 – Elevating Workflow Management to New Heights

FlexDeploy 8.0 marks the culmination of a three-year journey aimed at enhancing FlexDeploy’s overall user interface and experience. I am ...

What’s New in FlexDeploy 8.0: Exploring Custom Project Types and Enhanced UI

FlexDeploy 8.0 marks the conclusion of FlexDeploy’s next-gen UI journey, as the last two screens have been converted to the ...

Join DevOps leaders across the globe who receive analysis, tips, and trends in their inbox