Skip to main content
Version: Early Access

Workflow to Trigger CheckmarxOne Scan on Git Repository

This topic illustrates how to use the CheckmarxOne scan Git repository workflow to initiate a CheckmarxOne scan on your git repository, review scan results, and verify compliance directly from within the Digital.ai Release.

The existing workflows are bundled with Release and the newly created workflows are available in the Workflow catalog page.

To run your workflows, you must navigate to the Workflow catalog page.

For more information, see Access Workflow Catalog.

Workflow Steps

  1. In the Server Configuration screen connect to the configured CheckmarxOne server. To set up a CheckmarxOne server connection, see Set up a CheckmarxOne server

    checkmarxone-server-configuration

  2. In the Repository Configuration screen, enter the details of git repository such as Git repository URL, Git branch, Git Username, Git password, and personal token.

    checkmarxone-git-repository-configuration

  3. In the Scan Configuration screen, set up the CheckmarxOne scan options, such as enabling SAST scan, SCA scan, skip Git submodule, specifying the status check interval (in seconds), and adding scan and project tags.

    checkmarxone-scan-configuration

  4. In the Trigger Scan screen, initiate an automated task to run the scan on the specified Git repository.

    checkmarxone-trigger-scan

For more information about CheckmarxOne tasks, see the Checkmarx Plugin.