Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Excerpt

Integrates Jenkins with your Code Dx serverAllows Jenkins to push source and build artifacts to Code Dx and display the aggregated results of its full suite of analysis tools.

Wiki Markup
{jenkins-plugin-info:pluginId=codedx}

Note:

  • This plugin is maintained by Secure DecisionsCode Dx, Inc.
  • Plugin version 12.0 4 supports Code Dx 1.5.1 2.0+ (any edition)

Features

  • Upload your source, binaries, and/or scan file(s) from your Jenkins Slave/Master jobs to your Code Dx web server.
  • Code Dx REST API is used for all communications.

Jenkins Project Config

Image Removed 

The project configuration allows you to specify your Code Dx URL and API key.  Once this is done, the available projects drop-down will be populated dynamically with the projects reported by the Code Dx server.  Note that only the projects available to the specified API key will be returned.  You must create an API key and then specify the appropriate permissions on the admin page for that API key. It is highly recommended that you specify an https URL, since using http is insecure. 

The Source and Binary Files field is a comma separated list of ANT glob file location patterns.  These specify exactly what files (relative to the workspace) get included in the zip that is sent to Code Dx.

As an advanced option, you may specify source/binary locations to exclude.  These are also ANT glob file location patterns. 

The Tool Output files field is a comma separated list of paths to analysis tool output files to be sent to Code Dx.  Consult the documentation for your version of Code Dx for a list of supported formats.

Installation & Setup

...

  • installation easily
  • Scan your source and binaries for potential vulnerabilities and quality issues using Code Dx
  • Code Dx is an application vulnerability correlation and management system that supports C/C++, C#, Java/JSP, Javascript, PHP, Python, Ruby on Rails, Scala, and Visual Basic .NET
  • See Code Dx finding trends right in Jenkins
  • Prevent serious issues from slipping through the cracks by configuring Jenkins to fail your builds with customizable Code Dx findings criteria
  • For more information see the Code Dx overview

Image Added

Image Added

Requirements

Code Dx server deployment with an API Key created from the Code Dx admin page.

Contact

Wiki Markup
anthony.demartini\[at\] securedecisions \[dot\] com

Changelog

Initial release!

Documentation

Consult the latest Code Dx online documentation for instructions on how to configure your build.

Contact

support@codedx.com