Skip to main content

Define security controls as a post-build action step

After you have set security controls at the system level in Jenkins, you can also add security controls at a job level for freestyle jobs that are not part of a Jenkins Pipeline. To do this:

  1. When defining a job in Jenkins, find the Post-Build Actions section.

  2. Select a Connection you have previously created, from the dropdown.

  3. Choose your application. This field is required.

    • If your application has been instrumented, select your application from the Choose your application dropdown.

    • If your application has not yet been instrumented, indicate your application using the Application Name and Application Language fields. You must provide the same application name in Jenkins that you will use when you do instrument your application. Contrast will use that same name and language during the post-build action step after the application has been instrumented.

  4. If the connection is configured to allow the system-level vulnerability security controls to be overridden, you can override that setting by checking the box next to Override Vulnerability Security Controls at the Jenkins system level.

    If you do this, you will also need to indicate the Number of Allowed Vulnerabilities, Vulnerability SeverityVulnerability Type, and Vulnerability Statuses for this job.

  5. Select how you want to query vulnerabilities by selecting an option under Query vulnerabilities by. That way, only those vulnerabilities found from that job will be considered. By default, the plugin uses the first option: appVersionTag, format: applicationId-buildNumber.