The following plugin provides functionality available through
Pipeline-compatible steps. Read more about how to integrate steps into your
Pipeline in the
Steps
section of the
Pipeline Syntax
page.
For a list of other such plugins, see the
Pipeline Steps Reference
page.
Checkmarx AST Scanner Plugin
checkmarxASTScanner: Execute Checkmarx AST Scan
useOwnServerCredentials : boolean (optional)
serverUrl : String (optional)
The base URL of your CxAST environment.
useAuthenticationUrl : boolean (optional)
The base URL of your Checkmarx authentication server (IAM). Required for CxAST cloud platform.
baseAuthUrl : String (optional)
tenantName : String (optional)
projectName : String (optional)
The name of your Project in CxAST. If you enter the name of an existing Project, then this build step will trigger a scan of that Project. If you enter a new Project name, then, when a scan is triggered it will create a new Project in CxAST with the specified name.
credentialsId : String (optional)
Create "Checkmarx Client Id and Client Secret" type credentials in Jenkins and enter your oAuth2 clientId and secret. This will be used to authenticate access to the CxAST platform whenever a scan is triggered.
useOwnAdditionalOptions : boolean (optional)
additionalOptions : String (optional)
You can customize your scan by adding additional arguments. The Jenkins plugin supports all CxAST CLI arguments. See documentation
here
e.g- --sast-incremental true
branchName : String (optional)
checkmarxInstallation : String (optional)
Select the Checkmarx CLI installation in Jenkins that will be used for triggering scans. This should have been configured in the Jenkins Global Tool Configuration section.
Was this page helpful?
Please submit your feedback about this page through this
quick form.
Alternatively, if you don't wish to complete the quick form, you can simply
indicate if you found this page helpful?
See existing feedback here.