Skip to main content

Running a Scan from Maven

Running the Checkmarx-Maven Plugin

Once you added the code (above) inside the <plugin> section, run the following command:

mvn checkmarx:scan "–D<parameter>=<value>"

for example

mvn checkmarx:scan "–Dcx.password=[your password]"

Running your build process automatically initiates the CxSAST scan that includes the CxOSA scan.

Notice

The user running the Maven plugin scan must have both 'Scanner' and 'Reviewer' role permissions.

Passing External Variables to the Checkmarx–Maven Plugin

If, for example, you want to avoid storing your personal password inside the pom.xml file, you can pass it externally, therefore overwriting the password parameter in pom.xml.

To do so, run the following command:

mvn checkmarx:scan "–D<parameter>=<value>"

for example

mvn checkmarx:scan "–Dcx.password=[your password]"

Notice

  • When passing special characters, the entire –D parameter should be in quotes.

  • You can pass all other parameters as illustrated in the example above using the –Dcx. prefix, for example: cx.<parameter> (e.g., cx.fullTeamPath="")