The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.
For a list of other such plugins, see the Pipeline Steps Reference page.
step([$class: 'CxScanBuilder'])
: Execute Checkmarx ScancredentialsId
String
sastCredentialsId
String
buildStep
String
teamPath
String
sastEnabled
boolean
exclusionsSetting
String
failBuildOnNewResults
boolean
failBuildOnNewSeverity
String
useOwnServerCredentials
(optional)
boolean
serverUrl
(optional)
String
username
(optional)
String
password
(optional)
String
isProxy
(optional)
boolean
configAsCode
(optional)
boolean
projectName
(optional)
String
projectId
(optional)
long
groupId
(optional)
String
preset
(optional)
String
jobStatusOnError
(optional)
GLOBAL
, FAILURE
, UNSTABLE
presetSpecified
(optional)
boolean
excludeFolders
(optional)
Conversion is done as follows:
fold1, fold2 fold3
is converted to:
!**/fold1/**/*, !**/fold2/**/*, !**/fold3/**/*,
String
filterPattern
(optional)
Example: **/*.java,
**/*.html, !**\test\**\XYZ*
Pattern Syntax
A given directory is recursively scanned for all files and directories. Each file/directory is matched against a set of selectors, including special support for matching against filenames with include and exclude patterns. Only files/directories which match at least one pattern of the include pattern list, and don't match any pattern of the exclude pattern list will be placed in the list of files/directories found.
When no list of include patterns is supplied, "**" will be used, which means that everything will be matched. When no list of exclude patterns is supplied, an empty list is used, such that nothing will be excluded. When no selectors are supplied, none are applied.
The filename pattern matching is done as follows: The name to be matched is split up in path segments. A path segment is the name of a directory or file, which is bounded by File.separator
('/' under UNIX, '\' under Windows). For example, "abc/def/ghi/xyz.java" is split up in the segments "abc", "def","ghi" and "xyz.java". The same is done for the pattern against which should be matched.
The segments of the name and the pattern are then matched against each other. When '**' is used for a path segment in the pattern, it matches zero or more path segments of the name.
There is a special case regarding the use of File.separator
s at the beginning of the pattern and the string to match:
When a pattern starts with a File.separator
, the string to match must also start with a File.separator
. When a pattern does not start with a File.separator
, the string to match may not start with a File.separator
. When one of these rules is not obeyed, the string will not match.
When a name path segment is matched against a pattern path segment, the following special characters can be used:
'*' matches zero or more characters
'?' matches one character.
May reference build parameters like ${PARAM}.
Examples:
"**\*.class" matches all .class files/dirs in a directory tree.
"test\a??.java" matches all files/dirs which start with an 'a', then two more characters and then ".java", in a directory called test.
"**" matches everything in a directory tree.
"**\test\**\XYZ*" matches all files/dirs which start with "XYZ" and where there is a parent directory called test (e.g. "abc\test\def\ghi\XYZ123").
String
incremental
(optional)
boolean
fullScansScheduled
(optional)
boolean
fullScanCycle
(optional)
int
postScanActionId
(optional)
int
sourceEncoding
(optional)
String
comment
(optional)
String
skipSCMTriggers
(optional)
boolean
waitForResultsEnabled
(optional)
boolean
vulnerabilityThresholdEnabled
(optional)
boolean
highThreshold
(optional)
int
mediumThreshold
(optional)
int
lowThreshold
(optional)
int
osaHighThreshold
(optional)
int
osaMediumThreshold
(optional)
int
osaLowThreshold
(optional)
int
generatePdfReport
(optional)
boolean
enableProjectPolicyEnforcement
(optional)
boolean
thresholdSettings
(optional)
String
vulnerabilityThresholdResult
(optional)
String
avoidDuplicateProjectScans
(optional)
boolean
addGlobalCommenToBuildCommet
(optional)
boolean
generateXmlReport
(optional)
boolean
hideDebugLogs
(optional)
boolean
forceScan
(optional)
boolean
customFields
(optional)
String
dependencyScanConfig
(optional)
SASTUserName
(optional)
String
dependencyScanExcludeFolders
(optional)
String
dependencyScanPatterns
(optional)
String
dependencyScannerType
(optional)
OSA
, SCA
enableScaResolver
(optional)
SCA_RESOLVER
, MANIFEST
fsaVariables
(optional)
String
isExploitablePath
(optional)
boolean
isIncludeSources
(optional)
boolean
osaArchiveIncludePatterns
(optional)
String
osaInstallBeforeScan
(optional)
boolean
overrideGlobalConfig
(optional)
boolean
pathToScaResolver
(optional)
String
sastCredentialsId
(optional)
String
scaAccessControlUrl
(optional)
String
scaConfigFile
(optional)
String
scaCredentialsId
(optional)
String
scaEnvVariables
(optional)
String
scaResolverAddParameters
(optional)
String
scaSASTProjectFullPath
(optional)
String
scaSASTProjectID
(optional)
String
scaSastServerUrl
(optional)
String
scaServerUrl
(optional)
String
scaTeamPath
(optional)
String
scaTenant
(optional)
String
scaTimeout
(optional)
int
scaWebAppUrl
(optional)
String
useJobLevelSastDetails
(optional)
boolean
excludeOpenSourceFolders
(optional)
String
includeOpenSourceFolders
(optional)
String
osaArchiveIncludePatterns
(optional)
String
osaEnabled
(optional)
boolean
osaInstallBeforeScan
(optional)
boolean
thisBuildIncremental
(optional)
boolean
Please submit your feedback about this page through this quick form.
Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?
See existing feedback here.