FlexDeploy - Checkmarx Plugin Guide

The Checkmarx plugin is used to initiate and read Checkmarx SAST and OSA scans. Results can be used to control automatic approvals or rejections of the source code.

Key Features

  • Can initiate and read SAST Scans.
  • SAST reports can be generated in all formats supported by Checkmarx.
  • Can initiate and read OSA Scans.
  • Easily configured. Can create projects in Checkmarx and configure them to run scans from FlexDeploy
  • Upload source code after or before the build of the project in the workflow.

Checkmarx Instance Properties

FlexDeploy supports the creation of Checkmarx instances and the following properties will be configured for each Instance. These properties are available to all operations.

Property NameProperty CodeRequiredDescription
Checkmarx URLFDCHECKMARXACCT_URLYURL of the Checkmarx server. (e.g. https://example.checkmarx.net)
Checkmarx UsernameFDCHECKMARXACCT_USERNAMEYUsername of a Checkmarx user.
Checkmarx PasswordFDCHECKMARXACCT_PASSWORDYPassword for that Checkmarx user.
Checkmarx Default TeamFDCHECKMARXACCT_DEFAULT_TEAMYDefault team to use for Checkmarx operations. Teams you are a part of can be found in your profile under 'teams'.

Plugin Operations

The following macros are not currently supported in the footer:
  • style