Skip to main content

Jenkins Integration

img

note

First time using Jenkins? Please refer to the following documentation.

Introduction

This integration uses the security scans workflow as a docker image for all the execution and communication with Conviso Platform.
By the end of this tutorial you will know how to:

  • Run an AST scan
  • Run an SAST scan
  • Run an SCA scan

Requirements

In order to integrate with Jenkins, your environment should fulfill the followings requirements:

  1. Jenkins version 2.222.3 or higher;
  2. Docker installed;
  3. Jenkins user must have access to the Docker daemon;
  4. External access (can be restricted to specific Conviso addresses);

If you need help about docker installation you can read all the process in the links below:

Install Docker Post-Install Linux Steps

Usage

The steps below will show what does your Jenkinsfile should have to perform our actions. These stages also can be inserted inside your current Jenkinsfile.

AST

The following code snippet will trigger an AST scan and send the results to Conviso Platform.

pipeline {

  agent {
    docker {
      image 'convisoappsec/convisoast:latest'
      args '-v /var/run/docker.sock:/var/run/docker.sock'
    }
  }

  environment {
    CONVISO_API_KEY      = credentials('CONVISO_API_KEY')
  }

  stages {
    stage('Conviso_AST') {
      steps {
        sh 'conviso ast run --vulnerability-auto-close'
      }
    }
  }
}

SAST

The following code snippet will trigger a SAST scan and send the results to Conviso Platform.

pipeline {

  agent {
    docker {
      image 'convisoappsec/convisoast:latest'
      args '-v /var/run/docker.sock:/var/run/docker.sock'
    }
  }

  environment {
    CONVISO_API_KEY      = credentials('CONVISO_API_KEY')
  }

  stages {
    stage('Conviso_SAST') {
      steps {
        sh 'conviso sast run'
      }
    }
  }
}

SCA

The following code snippet will trigger an SCA scan and send the results to Conviso Platform:

pipeline {

  agent {
    docker {
      image 'convisoappsec/convisoast:latest'
      args '-v /var/run/docker.sock:/var/run/docker.sock'
    }
  }

  environment {
    CONVISO_API_KEY      = credentials('CONVISO_API_KEY')
  }

  stages {
    stage('Conviso_SCA') {
      steps {
        sh 'conviso sca run'
      }
    }
  }
}

Discover Conviso Platform!

Contribute to the Docs

Found something outdated or missing? Help us improve the documentation with a quick suggestion or edit.

How to contribute

Resources

By exploring our content, you'll find resources that will enhance your understanding of the importance of a Security Application Program.

Conviso Blog: Explore our blog, which offers a collection of articles and posts covering a wide range of AppSec topics. The content on the blog is primarily in English.

Conviso's YouTube Channel: Access a wealth of informative videos covering various topics related to AppSec. Please note that the content is primarily in Portuguese.