If you are using Circle CI for your build pipelines, you can now scan your APIs by adding our official orb. This orb downloads the latest version of Mayhem and scans your API. Failures are recorded as junit results, which can be stored in CircleCI using the store_test_results step.
We recommend using this to ensure no security vulnerabilities or crashes are present before merging code into your default branch.
version: 2.1
orbs:
mapi: forallsecure/mapi@1.0.0Create a new job to scan your API and start your service. Then call the `mapi/scan` command to run Mayhem against your service.
jobs:
mayhem-for-api:
machine:
image: ubuntu-2204:2022.07.1
steps:
# Start your service
- run:
command: start-service.sh &
# Scan your API with Mayhem for API
- mapi/scan:
api-url: "http://localhost:8000"
api-spec: "https://demo-api.mayhem4api.forallsecure.com/api/v3/openapi.json"
- store_artifacts:
path: /tmp/mapi
- store_test_results:
path: /tmp/mapi/junit.xml
Then add the new job to your workflow.
workflows:
tests-and-security:
jobs:
- mayhem-for-api
Mayhem will now fuzz your API, report failures as test results, and ensure your code is and remains secure.
You can find more documentation on Mayhem continuous integration here.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
