FlexDeploy - Checkmarx Plugin Guide
The Checkmarx plugin is used to initiate and read Checkmarx SAST and OSA scans. Results can be used to control automatic approvals or rejections of the source code.
Key Features
- Can initiate and read SAST Scans.
- SAST reports can be generated in all formats supported by Checkmarx.
- Can initiate and read OSA Scans.
- Easily configured. Can create projects in Checkmarx and configure them to run scans from FlexDeploy
- Upload source code after or before the build of the project in the workflow.
Checkmarx Instance Properties
FlexDeploy supports the creation of Checkmarx instances and the following properties will be configured for each Instance. These properties are available to all operations.
| Property Name | Property Code | Required | Description |
|---|---|---|---|
| Checkmarx URL | FDCHECKMARXACCT_URL | Y | URL of the Checkmarx server. (e.g. https://example.checkmarx.net) |
| Checkmarx Username | FDCHECKMARXACCT_USERNAME | Y | Username of a Checkmarx user. |
| Checkmarx Password | FDCHECKMARXACCT_PASSWORD | Y | Password for that Checkmarx user. |
| Checkmarx Default Team | FDCHECKMARXACCT_DEFAULT_TEAM | Y | Default team to use for Checkmarx operations. Teams you are a part of can be found in your profile under 'teams'. |
Plugin Operations
The following macros are not currently supported in the footer:
- style