You have to log in to Jenkins with permissions to create tasks
Push in the new Tasks
We select Pipeline
To do this we generate the following parameters:
General (recommendation)
DocExploit Specifics
Variable where the Git URL is located
Note: Use the form https://user:pass@server to specify credentials for HTTPS connection mode.
SSH credentials
Note: Required when using SSH connection mode for Git URL.
Language to be analyzed
Viewing Logs
Maximum number of vulnerabilities. This step must be replicated for each type of vulnerability to be controlled, blocker, critical, major, minor and information.
execution script:
pipeline {
agent any
stages {
stage(‘Check parameters’) {
steps{
script {
if (params.GIT_PROJECT_URL.isEmpty() || params.BLOCKER_LIMIT.isEmpty() || params.CRITICAL_LIMIT.isEmpty() || params.MAJOR_LIMIT.isEmpty() || params.MINOR_LIMIT.isEmpty() || params.INFO_LIMIT.isEmpty()) {
error(“Alguna de las siguientes variables son inválidas: GIT_PROJECT_URL, BLOCKER_LIMIT, CRITICAL_LIMIT, MAJOR_LIMIT, MINOR_LIMIT, INFO_LIMIT”)
}
}
}
}
stage(‘Clone repository’) {
steps{
sh ”’#!/bin/bash
eval $(ssh-agent -s) && ssh-add <(echo “$GIT_SSH_KEY”)
mkdir -p ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
git clone $GIT_PROJECT_URL $WORKSPACE/$BUILD_TAG
”’
}
}
stage(‘Run analysis’) {
steps{
sh ”’#!/bin/bash
/var/lib/jenkins/docexploit-cli/docexploit docspot analyze ApiKey_project $LANGUAGE $WORKSPACE/$BUILD_TAG –blocker $BLOCKER_LIMIT –critical $CRITICAL_LIMIT –major $MAJOR_LIMIT –minor $MINOR_LIMIT –info $INFO_LIMIT –show_logs $SHOW_LOGS
”’
}
}
}
}
