Skip to main content

Example: Scan integration with Jenkins

Review the Scan integration steps before you integrate Scan with Jenkins.

Contrast Security can share this script to integrate scans with a Jenkins pipeline (contact Contrast Support to access these scripts):

  • Jenkins Pipelines script: The Jenkins_Script_SCAN script uses the Contrast Scan local engine JAR file. The project JAR file is expected to be in a GitHub repository.

Integration setup

This example describes how to set up a Jenkins integration for Scan.

  1. Set up a Jenkins instance in your local environment (use the icon-external-link.svgJenkins documentation).

    If you already have a Jenkins instance, you can skip this step.

  2. Install this software (if not already installed):

    • Java 11

    • Plugins for your environment (if needed)

  3. Create a new pipeline and copy the Contrast script.

  4. Set the Contrast credentials as global or environment variables:

    For example: URL, USER_NAME, API_KEY,SERVER_KEY, ORGANIZATION.

    • To add credential to Jenkins, select Manage Jenkins > Manage Credentials > Add Credentials as Secret Text.

  5. Refer to all credentials and variables in your pipeline scripts.