A CircleCI Orb to simplify Checkmarx Scanning of source code along with Result consumption leveraging Checkmarx CxFlow solution.
For full usage guidelines, see the orb registry listing
Example use-cases are provided on the orb registry page. Source for these examples can be found within the src/examples directory.
The below are the required environment variables for CircleCI projects to leverage this Orb.
- CHECKMARX_URL: High level dns entry for the Checkmarx SAST Instance including protocol/port (i.e. https://cxsast.example.com)
- CHECKMARX_USERNAME: Service Account within Checkmarx SAST that will be used for triggering scans and retrieving results
- CHECKMARX_PASSWORD: Password of the Checkmarx SAST Service Account
- CHECKMARX_CLIENT_SECRET: Client secret key associated with your Checkmarx SAST account
- AST_CLIENT_ID: Service account Client ID for Checkmarx AST
- AST_CLIENT_SECRET: Client secret key associated with your Checkmarx AST account
- SCA_USERNAME: Service Account within Checkmarx SCA that will be used for triggering scans and retrieving results
- SCA_PASSWORD: Password of the Checkmarx SCA Service Account
- SCA_TENANT: Tenant information of the Checkmarx SCA account
- CXGO_CLIENT_SECRET: Client secret key associated with your Checkmarx CxGo account
CircleCI Orb Registry Page - The official registry page of this orb for all versions, executors, commands, and jobs described.
CircleCI Orb Docs - Docs for using and creating CircleCI Orbs.
We welcome issues to and pull requests against this repository!
For further questions/comments about this or other orbs, visit the Orb Category of CircleCI Discuss.