The following plugin provides functionality available through Pipeline-compatible steps. Read more about how to integrate steps into your Pipeline in the Steps section of the Pipeline Syntax page.

For a list of other such plugins, see the Pipeline Steps Reference page.

DefectDojo Plugin

View this plugin on the Plugins site

defectDojoPublisher: DefectDojoPublisher

  • artifact : String
    Specifies the artifact to upload. DefectDojo supports uploading of report files of multiple tools.

    The value can contain environment variables in the form of ${VARIABLE_NAME} which are resolved.

  • scanType : String
  • autoCreateEngagements : boolean (optional)
    Enable auto creation of engagements in DefectDojo.
  • autoCreateProducts : boolean (optional)
    Enable auto creation of products in DefectDojo.
  • branchTag : String (optional)
  • commitHash : String (optional)
  • defectDojoConnectionTimeout : int (optional)
    Defines the maximum number of seconds to wait for connecting to DefectDojo. Use 0 to disable this timeout (means infinite wait).
  • defectDojoCredentialsId : String (optional)
  • defectDojoReadTimeout : int (optional)
    Defines the maximum number of seconds to wait for DefectDojo to respond. Use 0 to disable this timeout (means infinite wait).
  • defectDojoReuploadScan : boolean (optional)
    Enable reupload scan results.
  • defectDojoUrl : String (optional)
    The base URL to DefectDojo (i.e. http://hostname:port)
  • engagementId : String (optional)
  • engagementName : String (optional)
  • overrideGlobals : boolean (optional)
    Allows to override global settings for "Auto Create Products", "Auto Create Engagements", "Reupload Scan", "DefectDojo URL", and "API key".

    Can be ignored in pipelines, just set the properties defectDojoUrl, defectDojoCredentialsId, autoCreateProducts, autoCreateEngagements and reuploadScans as needed.

  • productId : String (optional)
    Specifies the unique Product ID of the project to upload scan results to.

    If the list of products are not displayed (such as an HTTP 403 response), ensure the API key specified in the global configuration has all necessary permissions.

  • productName : String (optional)
    Specifies the name of the product for automatic creation of product during the upload process.

    This is an alternative to specifying the unique ID.

    Ensure the API key specified in the global configuration has all necessary permissions and that you have enabled Auto Create Products.

    The value can contain environment variables in the form of ${VARIABLE_NAME} which are resolved.

  • sourceCodeUrl : String (optional)

Was this page helpful?

Please submit your feedback about this page through this quick form.

Alternatively, if you don't wish to complete the quick form, you can simply indicate if you found this page helpful?

    


See existing feedback here.