Skip to main content

Checkmarx One TeamCity Plugin

The Checkmarx One TeamCity plugin enables you to trigger SAST, SCA, IaC Security and API Security scans directly from a TeamCity project. It provides a wrapper around the Checkmarx One CLI Tool which creates a zip archive from your source code repository and uploads it to Checkmarx One for scanning. This plugin provides easy integration with TeamCity while enabling scan customization using the full functionality and flexibility of the CLI tool.

Note

The plugin code can be found here.

Main Features

  • Automatically trigger CxSAST, CxSCA, IaC Security and API Security scans from TeamCity projects

  • Supports use of CLI arguments to customize scan configuration

  • Automatically updates to the latest plugin version

  • Interface for viewing scan results summary and trends in the TeamCity environment

  • Direct links from within TeamCity to detailed Checkmarx One scan results and reports

Prerequisites

  • The source code for your project is hosted on a VCS that is supported by TeamCity (Subversion, Git, and Mercurial. TFS and Perforce are partially supported. See TeamCity documentation here.)

  • Supported Java version - JDK 11

  • You have a Checkmarx One account and you have an OAuth2 Client ID and Client Secret for that account. To create an OAuth2 client, see Creating an OAuth2 Client for Checkmarx One Integrations.