The following plugin provides functionality available through
Pipeline-compatible steps. Read more about how to integrate steps into your
Pipeline in the
Steps
section of the
Pipeline Syntax
page.
step([$class: 'CodeScanBuildStep']): Perform Code Scan During Build
orgID : String
The Google Cloud organization ID which owns the resources under modification.
scanFileName : String
The absolute name of the Terraform plan file (json format) to be scanned. If file path relative to workspace directory is "/xyz/mainplan.json", please input "mainplan.json". This tool scans the workspace directory and it's subdirectories for the file if the Scan File Path field below is empty. ..
filePath : String
scanTimeOut : int
The time after which the scan is terminated. Based on Plugin Failure Config build status would be determined.
failSilentlyOnPluginFailure : boolean
Configuration for determining build status when plugin execution fails.
ignoreAssetViolation : boolean
assetViolationConfigs
Threshold configuration for various violation severity types reported during the scan. This threshold is used to evaluate Build Fail Condition for corresponding Severity type.
Array / List of Nested Choice of Objects
$class: 'CriticalSeverityConfig'
$class: 'CriticalSeverityConfig'
count : int (optional)
How many critical severity errors must exist before the build fails.
$class: 'HighSeverityConfig'
$class: 'HighSeverityConfig'
count : int (optional)
How many high severity errors must exist before the build fails.
$class: 'LowSeverityConfig'
$class: 'LowSeverityConfig'
count : int (optional)
How many low severity errors must exist before the build fails.
$class: 'MediumSeverityConfig'
$class: 'MediumSeverityConfig'
count : int (optional)
How many medium severity errors must exist before the build fails.
configAggregator
The aggregator for the build fail conditions. If set to AND, all conditions must be true for the build to fail. If set to OR, only one of the conditions must be true for the build to fail.