Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Wiki Markup
{jenkins-plugin-info:ibm-security-appscanstandard-scanner}

Version History

version 2.8

  •  Fixed a NullPointerException while using "IncludeURLs" in advanced section

version 2.7

  •  Fixed Jenkins required core
  •  Removed unnecessary dependency

version 2.6

  •  Fixed pipeline support and added respective how-to at the bottom of this page

Project Description

The purpose of this plugin is to allow Jenkins to perform dynamic analysis with IBM AppScan Standard with minimal configuration.

...

First you must set that machine as a node (slave), you can follow this guide to do so.

Afterwards you can use the Node and Label Parameter Plugin, following the guide provided in its wiki achieving this goal should be straightforward.

...

If you change the CSS options, they won't be applied to the current report, you must re-run the build/scan.

Compatibility

This version of the plugin was tested with Jenkins 2.0, 2.7 and 2.17 and IBM Security AppScan Standard 9.0.3.

Roadmap

TO DO

...


...

Running AppScan Standard in a Pipeline

  1. Navigate to "Pipeline Syntax" (follow a, b or c below)
    1. (create a pipeline job, save and it will be on the left side menu)
    2. (navigate to an existing pipeline job, it will be on the left side menu)
    3. (navigate to http://JENKINS-URL-HERE/pipeline-syntax/)
  2. In "Steps" find "step: General Build Step"
  3. in "Build Step" find "Run AppScan Standard"
  4. Configure AppScan Standard plugin as usual
  5. Press "Generate Pipeline Script" and copy the resulting script
  6. Paste the script in your pipeline inside a node

The end result would look like the image below.

Image Added


A resulting script looks something like the one below, you can use this one as your starting point.

stage ('Run AppScan Standard') {
    node {
        step([$class: 'AppScanStandardBuilder', additionalCommands: '', authScanPw: '',
             authScanUser: '', includeURLS: '', installation: 'AppScan Standard Default',
             pathRecordedLoginSequence: '', policyFile: '', reportName: '', startingURL: 'demo.testfire.net'])
    }
}

Scheduled Tasks for version 2.9

  • Implement Quality Gate support for AppScan Standard (fails build on % of errors)

Compatibility

Version 2.8 of this plugin is compatible with:

  • Jenkins 2.0 and newer
  • IBM Security AppScan Standard 9.0.3.x