Skip to main content

Integration options for continuous integration/continuous delivery

Contrast provides options for integrating Contrast with your continuous integration/continous delivery (CI/CD) pipelines. If you are not responsible for CI/CD automation. discuss these options with your DevOps team.

Option	Description
Azure Pipelines extension	Use the Azure Pipelines extension to configure tasks and release gates that can fail based on vulnerability information that Contrast reports.
Bamboo	The Contrast Bamboo plugin lets you configure profiles for connecting to Contrast and verify builds against vulnerability thresholds.
Circle CI	The Contrast Circle CI orb lets you query the Contrast API to check if vulnerabilities were found in your application. If vulnerabilities are found above a set threshold, you can fail the build.
GitLab	You can create a stage within a GitLab pipeline which acts as a security gate, based on results that Contrast reports. You can configure GitLab variables that specify which vulnerabilities trigger the stage to fail.
Gradle	The Contrast Gradle plugin lets you integrate the `Contrast.jar` file with your build. It's capable of authenticating to Contrast, downloading the latest Java agent, and verifying your builds.
Jenkins	The Contrast plugin for Jenkins lets you add application security gates to this pipeline. These gates contain criteria that can fail the Jenkins job for a vulnerable application with a build result like `Failure` or `Unstable`.
Maven	The Contrast Maven plugin can integrate Contrast Assess and Scan into your project's Maven build.

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.