| Type | Name and description |
|---|---|
static java.util.Map |
checkmarxConfigDefaultsA map defining the default Checkmarx config values used in `checkmarxScan`. |
| Type Params | Return Type | Name and description |
|---|---|---|
|
static void |
checkmarxScan(java.lang.Object context, java.util.Map cxConfig)Reusable block to add Checkmarx scanning to a project |
| Methods inherited from class | Name |
|---|---|
class java.lang.Object |
java.lang.Object#wait(long, int), java.lang.Object#wait(long), java.lang.Object#wait(), java.lang.Object#equals(java.lang.Object), java.lang.Object#toString(), java.lang.Object#hashCode(), java.lang.Object#getClass(), java.lang.Object#notify(), java.lang.Object#notifyAll() |
A map defining the default Checkmarx config values used in `checkmarxScan`.
Reusable block to add Checkmarx scanning to a project
context - A reference to the job object being modified
(typically via delegate)cxConfig - A Map used to configure the Checkmarx project.
Valid keys:
projectName: required, specifies the name of the
Checkmarx project
groupId: required, specifies group ID, which is
actually the team ID, and which can be gotten by
browser-inspecting the 'Team' select box for an existing
Checkmarx job in the Jenkins UI
preset: optional, defaults to "Checkmarx Default",
the ID of the Checkmarx preset configuration to use; this can be
gotten by browser-inspecting the 'Preset' select box for an existing
Checkmarx job in the Jenkins UI
useOwnServerCredentials: optional, defaults to
false, specifies whether to use the global or per-job
Checkmarx server URL/credentials
serverUrl: optional, specifies the Checkmarx server
URL to be used
username: optional, specifies the Checkmarx username
password: optional, specifies the Checkmarx password
excludeFolders: optional, see checkmarxConfigDefaults
for the default, specifies the directories to exclude from scanning
filterPattern: optional, see checkmarxConfigDefaults
for the default, specifies globs to filter out
incremental: optional, defaults to true,
specifies whether scan should be incremental
fullScanCycle: optional, defaults to 10,
specifies how frequently to run a full scan when normally doing
incremental scans
comment: optional, additional comments to be adding
to the scan results
vulnerabilityThresholdEnabled: optional, defaults to
true, fail the build if the number of vulnerabilities
exceeds the thresholds set
highThresholdDefault: optional, defaults to
1, sets the threshold for max number of 'high'
vulnerabilities
mediumThresholdDefault: optional, defaults to
2, sets the threshold for max number of 'medium'
vulnerabilities
lowThresholdDefault: optional, defaults to
3, set the threshold for max number of 'low'
vulnerabilities
osaEnabled: optional, defaults to
false, define whether or not to run
OSA dependency scans
osaIncludePattern: optional, defaults to
**/osa_dependencies/**, set the pattern that OSA
scanning will search to package and scan libraries
osaExcludePattern: optional, defaults to
"", set the pattern OSA will exempt from
packaging and scanning when running OSA
osaHighThreshold: optional, defaults to
1, threshold for 'medium vulnerability'
OSA results required for FAILURE
osaMediumThreshold: optional, defaults to
1, threshold for 'medium vulnerability'
OSA results required fo build FAILURE
osaLowThreshold: optional, defaults to
1, threshold for 'low vulnerability'
OSA results required for build FAILURE