This option works in addition to the regular thresholds. This displays the values from the predefined global include/exclude settings, for example global.Įnables the option to fail the build according to the defined severity or higher. scan originating from Jenkins).ĭefines your credentials Id as it is in the Jenkins credentials manager.Ĭomma separated list of folders to be excluded from the CxSAST scan, for example folder 1, folder 2, folder 3.Ĭomma separated list of folders to be excluded from the CxOSA scan, for example folder1 folder2 folder3.ĭefines to use global include/exclude settings. Includes optional remark for the scan action (e.g. From the Build Step dropdown list, select Execute Checkmarx Scan. Once the CxSAST Scan Configuration is displayed, define the relevant job/project scan parameters as explained under Configuring the Jenkins Plugin.Įnables the option that if there is a scan for this project in the queue in status working or queued do not send a new scan request. the related build step parameters appear.Ħ. From the Sample Step dropdown list, select step: General Build Step. Scroll down to Pipeline and click Pipeline Syntax. Assign a name to the new item in the Item name field.ģ. For further information and instructions, refer to ġ. From the Jenkins Dashboard, select New Item. Before starting the configuration, m ake sure that you already have the Pipeline plugin installed with your Jenkins environment.Checkmarx scans that include CxSCA require Jenkins Plugin 2019.4.2 and up.
If you do not want to run a CxSAST scan, under CxSAST Scan, clear Enable CxSAST scan.Ħ. The Execute Checkmarx Scan sub-section opens in the Build section.ĥ. In the Build section, click Add build step and select Execute Checkmarx Scan.
Open or create a new freestyle or pipeline that clones or can access the code project you want to scan with CxSCA.Ĥ. 1. Open the Jenkins Dashboard by entering its URL for example 8080 is the default port used by Jenkins. The Jenkins Dashboard appears.ģ.