Integrating Acunetix in your Jenkins Pipeline
An Acunetix scan can easily be included as part of a Jenkins Pipeline. This provides the benefit of automatically integrating the Acunetix security scan into your continuous delivery (CD) pipeline, and this can be declared as part of your project’s source code repository.
Prerequisites
Before you start, the Acunetix Jenkins plugin must be installed and configured correctly as described in this article.
Generating the pipeline code
You can easily generate the pipeline code as follows:
- Open the configuration for your project
- Browse down to the Pipeline section, and click on "Pipeline Syntax"
- Choose “Jenkins Snippet Generator”
- In the Sample Step, choose "step: General Build Step"
- In Build Step, choose "Acunetix"
- Configure the following as needed
- Scan Type
- Scan Target
- Fail the build if threat level is
- Stop the scan when build fails
- Generate Report
- Click "Generate Pipeline Script"
- This will generate the code that needs to be inserted as a step in the Jenkins file as shown in the following example:
pipeline { agent any stages { stage('Testing') { steps { echo 'Checking web security..' step([$class: 'BuildScanner', profile: '11111111-1111-1111-1111-111111111111', repTemp: 'no_report', stopScan: true, target: '093a9e8f-f1c3-445f-87b8-86116d998108', threat: 'Medium']) } } } } |
Running the project
Using the Jenkins file above, the console output will contain the following:
Commit message: "new target" [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Testing) [Pipeline] echo Checking web security.. [Pipeline] step Starting scan on target: http://testphp.vulnweb.com/ (Acunetix php test site) Scan started The scan threat level: "High" is greater or equal than the configured level: "Medium" Aborting the build The scan was stopped [Pipeline] } [Pipeline] // stage [Pipeline] } [Pipeline] // node [Pipeline] End of Pipeline ERROR: The scan threat level is greater or equal than the configured level Finished: FAILURE |