Skip to content
Permalink
master
Switch branches/tags
Go to file
 
 
Cannot retrieve contributors at this time

App-Ray Mobile Security: Jenkins plugin

Learn more: https://app-ray.co

App-Ray’s Jenkins integration plugin allows users to add a security check step to their Jenkins workflow, to improve their CI/CD pipeline with automated Static and Dynamic Application Analysis. ARM Android and iOS apps are supported.

App-Ray Mobile Security Jenkins Plugin Screenshot

Table of contents

Capabilities

  • Supporting analysis in the cloud or locally (on-premises)
  • Authentication data stored securely in Jenkins credentials store
  • Detailed threat findings, References to OWASP, CVE and other vulnerability databases
  • Remediation suggestions provided (a.k.a. How to fix)
  • Threat finding reports available for detailed documentation
  • Output in JUnit and JSON formats
  • Sophisticated configuration of success/failure conditions
  • Detailed logging in the console output

Requirements

  • The latest stable version of Jenkins is suggested to be used, according to Jenkins recommendations.
  • The minimum tested compatible version of Jenkins is: 2.164.3
  • You will need access to a Cloud or On-premises App-Ray instance. Contact us to get started: https://app-ray.co

Installation

Configuration

  1. Configure your App-Ray credentials (email + password) in Jenkins Credentials page.
  2. Set up a Jenkins build job, or select your existing one.
  3. At section Bindings, bind the previously set App-Ray crendentials to the build job.
  4. Add a new build step, select 'App-Ray security check'.
  5. Provide your configuration parameters, such as Risk score threshold (0-100), location of binary app file (Jenkins environment variables can be used) and access point of the App-Ray instance you use (local or remote).
  6. Run your build, your security results will appear shortly. A security analysis may take a few minutes, depending on your configuration and the complexity of the app. App-Ray Mobile Security Jenkins Plugin Screenshot 2
  7. Click on any of these findings to reveal more information.

Building

mvn hpi:run

Findbugs

mvn findbugs:gui

Local Installing

mvn clean install
cp target/appray.hpi ~/.jenkins/plugins/

Then redeploy Jenkins.


Any questions? We are happy to help! Contact us via email: info (at) app-ray. co