A Jenkins plugin that integrates the Uleska DevSecOps Platform to automate and orchestrate software security testing within DevOps pipelines.
Jenkins plugin that allows for easy integration with the Uleska DevSecOps Platform, which automates and orchestrates software security testing within your DevOps pipeline.
This tool is used by DevOps and security teams to seamlessly trigger and manage security scans as part of Jenkins build pipelines, ensuring up-to-date vulnerability information. It is ideal for organizations leveraging the Uleska platform to embed automated security testing into their CI/CD workflows.
Requires a valid Uleska Platform account and API token; API token must be stored securely in Jenkins credentials. Currently, the plugin's functionality is limited to initiating scans, with plans for expanded capabilities in future releases. Users should ensure correct UUIDs for applications and versions when configuring scans.
Sign up for a Uleska Platform account at https://www.uleska.com/
Obtain an API key from the Uleska Platform via API/Swagger after authentication
Navigate to Jenkins Global Configuration (Home > Manage Jenkins > Configure System)
Scroll to Uleska Configuration and click New Instance
Enter required fields: Name, URL (with schema, no path), and API Token Secret (stored in Jenkins credentials)
Save the Jenkins configurationPost-build Action in Freestyle project: Select 'UleskaScanner' from the Add post-build action dropdown
Triggers a Uleska security scan after the build completes
Pipeline step example: step([ $class: 'UleskaScanner', uleskaInstanceName: 'Live', applicationId: '00000000-1111-2222-3333-444444444444', versionId: 'aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee', toolkitName: 'Uleska Code Scan', propagateFailure: true ])
Runs a Uleska security scan within a Jenkins Pipeline, specifying instance, application, version, and toolkit, with option to fail the build on scan failure