- Checkmarx Documentation
- Checkmarx One
- Checkmarx One Integrations
- CI/CD Integrations
- Checkmarx One TeamCity Plugin
Checkmarx One TeamCity Plugin
The Checkmarx One TeamCity plugin enables you to integrate the full functionality of the Checkmarx One platform into your TeamCity projects. You can use this plugin to trigger scans running Checkmarx SAST, Checkmarx SCA, IaC Security and API Security scanners as part of your CI/CD integration.
This plugin provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository and uploads it to Checkmarx One for scanning. This provides easy integration with TeamCity while enabling scan customization using the full functionality and flexibility of the CLI tool.
Notice
The plugin code can be found here.
Main Features
Configure TeamCity projects to automatically trigger scans running Checkmarx SAST, Checkmarx SCA, IaC Security and API Security scanners
Supports use of CLI arguments to customize scan configuration, enabling you to:
Customize filters to specify which folders and files are scanned
Apply preset query configurations
Customize SCA scans using Checkmarx SCA Resolver
Set thresholds to break build
Send requests via a proxy server
View scan results summary and trends in the TeamCity environment
Direct links from within TeamCity to detailed Checkmarx One scan results
Generate customized scan reports in various formats (JSON, HTML, PDF etc.)
Generate SBOM reports (CycloneDX and SPDX)
Automatically updates to the latest plugin version
Prerequisites
The source code for your project is hosted on a VCS that is supported by TeamCity (Subversion, Git, and Mercurial. TFS and Perforce are partially supported. See TeamCity documentation here.)
Supported Java version - JDK 11
You have a Checkmarx One account and you have an OAuth Client ID and Client Secret for that account. To create an OAuth client, see Creating an OAuth Client for Checkmarx One Integrations.