Integration options for continuous integration/continuous delivery
Contrast provides options for integrating Contrast with your continuous integration/continuous delivery (CI/CD) pipelines. If you are not responsible for CI/CD automation. discuss these options with your DevOps team.
Option | Description |
---|---|
Use the Azure Pipelines extension to configure tasks and release gates that can fail based on vulnerability information that Contrast reports. | |
The Contrast Bamboo plugin lets you configure profiles for connecting to Contrast and verify builds against vulnerability thresholds. | |
The Contrast Circle CI orb lets you query the Contrast API to check if vulnerabilities were found in your application. If vulnerabilities are found above a set threshold, you can fail the build. | |
Add a step to a GitHub pipeline which acts as a security gate, based on results that Contrast reports. You can configure a Job Outcome Policy or a threshold to specify which vulnerabilities trigger the pipeline to fail. | |
You can create a stage within a GitLab pipeline which acts as a security gate, based on results that Contrast reports. You can configure GitLab variables that specify which vulnerabilities trigger the stage to fail. | |
The Contrast Gradle plugin lets you integrate the | |
The Contrast plugin for Jenkins lets you add application security gates to this pipeline. These gates contain criteria that can fail the Jenkins job for a vulnerable application with a build result like | |
The Contrast Maven plugin can integrate Contrast Assess and Scan into your project's Maven build. |