Integrate Black duck Protex with Jenkins

[Neelima Chowdary]

Hello Team,

I would like to integrate "Black Duck Protex(Open source code auditing tool)" with Jenkins using Plugins for finding dependency jars used in the build.

Request to provide the possible way for it.


Thanks and Regards
Neelima.

[Christopher Orr]

On 18/06/15 12:17, Neelima Chowdary wrote:
> I would like to integrate "*Black Duck Protex(Open source code auditing
> tool)"* with Jenkins using Plugins for finding dependency jars used in

> the build.
>
> Request to provide the possible way for it.

You should ask Black Duck; they seem to have a Jenkins plugin for this.

A developer from BD is (presumably) soon going to release this plugin
that helps install it:
https://wiki.jenkins-ci.org/display/JENKINS/Black+Duck+Vulnerability+Installer+Plugin

Regards,
Chris

[Kaj Kandler]

Neelima,

Chris below is right, there is a Jenkins plugin available for Protex, from my company (Black Duck Software). Best to contact your Black Duck sales engineer for details.

That said, it works differently then the vulnerability plugin mentioned below. It automates the code scan with Protex, which may or may not discover all your dependencies. Currently our plugin with Black Duck Code Center does the same dependency discovery as the Free BD  Vulnerability Plugin for Jenkins.

I'm sure your BD sales engineer will explain all the options.

If you are by any chance at the JUC WEST today or tomorrow, please visit my presentation or ask for me at the BD sponsor booth. - https://www.cloudbees.com/jenkins/juc-2015/abstracts/us-west/01-02-1400