Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-61396

Configure the plugin to not generate any report on Jenkins

XMLWordPrintable

    • Icon: New Feature New Feature
    • Resolution: Unresolved
    • Icon: Minor Minor
    • checkmarx-plugin
    • None

      The administrator must be able to choose if the vulnerabilities returned by checkmarx can be visibles or not on Jenkins.

      The option "Hide results" in the global configuration only hide vulnerabilities display on the project's page of Jenkins.

      But if the user configure his build to generate the json and/or the xml report, the report file will be accessible in the build workspace.

       

      We don't want to see any details of Checkmarx analysis on Jenkins, we only use the Jenkins plugin to run scans and we prefer to access directly on Checkmarx to consult the results.

       

      It is possible to add the options :

      • "Never create OSA report"
      • "Never create SAST report"
      • "Never create SCA report"

      in the Jenkins global configuration ?

       

      For the moment, we comment the call of the methods "createSastReports", "createScaReports" and "createOsaReports" in CxScanBuilder.java.

      But we have to rebuild at every release.

       

      • Jenkins 2.277.4
      • checkmarx-plugin 2021.2.94

       

       

            sternlir Liran Stern
            mat1e mat1e
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: