A tutorial from MythX to help you set up your tooling for continuous monitoring and security checks.
This is the third and last post in the MythX series on integrating security analysis of smart contracts into your Continuous Integration (CI) system. In the first part we built a CircleCI configuration. In the second part we built a small and beautiful Travis CI configuration.
“But I am using a completely different CI system!” — You, maybe.
Fret not. The avid reader might have noticed a common pattern in the past two posts: In setups we used the MythX CLI and a basic Python runtime. If you have not read the previous articles yet, it is recommended to do so. Do not worry, I will wait here.
Generalizing our Approach
Sending things to MythX for analysis is rather simple if you are using one of our many tools and integrations. Roughly speaking we always do the following:
- Download and set up an official tool
- Run the tool on one or multiple target files
- Wait for the results be returned by the MythX API
- If the report contains anything critical, fail the job
Originally published at https://blog.mythx.io on March 16, 2020.
How to Configure a Smart Contract Security Continuous Integration System was originally published in ConsenSys Media on Medium, where people are continuing the conversation by highlighting and responding to this story.