FlexDeploy - Checkmarx Plugin Guide

The Checkmarx plugin is used to initiate and read Checkmarx SAST and OSA scans. Results can be used to control automatic approvals or rejections of the source code.

Key Features

  • Can initiate and read SAST Scans.

  • SAST reports can be generated in all formats supported by Checkmarx.

  • Can initiate and read OSA Scans.

  • Easily configured. Can create projects in Checkmarx and configure them to run scans from FlexDeploy

  • Upload source code after or before the build of the project in the workflow.

Checkmarx Instance Properties

FlexDeploy supports the creation of Checkmarx instances, and the following properties will be configured for each target group. These properties are available to all operations.

Property Name

Property Code

Required

Description

Property Name

Property Code

Required

Description

Checkmarx URL

FDCHECKMARXACCT_URL

Y

URL of the Checkmarx server. (e.g. https://example.checkmarx.net)

Checkmarx Username

FDCHECKMARXACCT_USERNAME

Y

Username of a Checkmarx user.

Checkmarx Password

FDCHECKMARXACCT_PASSWORD

Y

Password for that Checkmarx user.

Checkmarx Default Team

FDCHECKMARXACCT_DEFAULT_TEAM

Y

Default team to use for Checkmarx operations. Teams you are a part of can be found in your profile under 'teams'.

Plugin Operations

The following macros are not currently supported in the footer:
  • style