Try Devtron Enterprise!
Start Free Trial
LogoLogo
WebsiteDevtron demoGithub RepoJoin Discord
v0.6
v0.6
  • Introduction
  • Getting Started
  • Install Devtron
    • Install Devtron with CI/CD
    • Install Devtron with CI/CD and GitOps (Argo CD)
    • Install Devtron without Integrations
    • Install Devtron on Minikube, Microk8s, K3s, Kind, Cloud VMs
    • Demo on Popular Cloud Providers
    • Backup for Disaster Recovery
    • Uninstall Devtron
    • FAQs
  • Devtron Kubernetes Client
  • Configurations
    • Installation Configurations
    • Override Configurations
    • Ingress Setup
  • Global Configurations
    • Host URL
    • GitOps
    • Projects
    • Clusters & Environments
    • Git Accounts
    • Container/OCI Registry
    • Chart Repositories
    • Custom Charts
    • Authorization
      • SSO Login Services
        • Google
        • GitHub
        • GitLab
        • Microsoft
        • LDAP
        • OIDC
        • OpenShift
        • Example - Okta SSO
      • User Permissions
      • Permission Groups
      • API Tokens
    • Notifications
    • External Links
    • Catalog Framework
    • Scoped Variables
    • Pull Image Digest
    • Tags Policy
    • Lock Deployment Configuration
    • Image Promotion Policy
    • Filter Condition
    • Build Infra
  • Devtron Upgrade
    • Update Devtron from Devtron UI
    • 0.5.x-0.6.x
    • 0.4.x-0.5.x
    • 0.4.x-0.4.x
    • 0.3.x-0.4.x
    • 0.3.x-0.3.x
    • 0.2.x-0.3.x
  • Usage
    • Applications
      • Create a New Application
      • Clone an Existing Application
      • Deploy a Sample Application
      • App Configuration
        • Git Repository
        • Build Configuration
        • Base Deployment Template
          • Deployment
          • Rollout Deployment
          • Job and Cronjob
          • StatefulSets
        • GitOps Configuration
        • Workflow Editor
          • CI Pipeline
            • Pre-Build/Post-Build Stages
            • Override Build Configuration
          • CI Pipeline (Legacy)
          • CD Pipeline
        • ConfigMaps
        • Secrets
          • External Secret Operator (ESO)
            • AWS Secrets Manager
            • Google Secrets Manager
            • HashiCorp Vault
        • Protect Configuration
        • Environment Overrides
        • Deleting Application
      • Build and Deploy
        • Triggering CI
        • Triggering CD
        • Rollback Deployment
      • App Details
        • Debugging Deployment And Monitoring
        • Using Ephemeral Containers
        • Application Metrics
      • Overview
    • Jobs
      • Create a new job
      • Configurations
      • Workflow Editor
      • Trigger Job
      • Overview
    • Application Groups
    • Resource Browser
    • Charts
      • Charts Overview
      • Deploy & Observe
      • Examples
        • Deploying Mysql Helm Chart
        • Deploying MongoDB Helm Chart
      • Chart Group
    • Security
      • Security Scans
      • Security Policies
    • Bulk Edit
    • Integrations
      • Build and Deploy (CI/CD)
      • GitOps (Argo CD)
      • Vulnerability Scanning (Clair)
      • Notifications
      • Monitoring (Grafana)
    • Pipeline Plugins
      • Codacy
      • Copy Container Image
      • Dependency track - Maven & Gradle
      • Dependency track - NodeJS
      • Dependency track - Python
      • K6 Load Testing
      • Semgrep
      • SonarQube
      • SonarQube v1.1.0
  • Resources
    • Glossary
    • Troubleshooting
    • Use Cases
      • Devtron Generic Helm Chart To Run CronJob Or One Time Job
      • Connect SpringBoot with Mysql Database
      • Connect Expressjs With Mongodb Database
      • Connect Django With Mysql Database
      • Pull Helm Charts from OCI Registry
    • Telemetry Overview
    • Devtron on Graviton
    • Release Notes
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Usage
  2. Pipeline Plugins

Semgrep

Semgrep is a fast, open source, static analysis engine for finding bugs, detecting dependency vulnerabilities, and enforcing code standards.

Prerequisite: Make sure you have set up an account in Semgrep or get the API keys from an admin.

  1. On the Edit build pipeline page, select the Pre-Build Stage (or Post-Build Stage).

  2. Click + Add task.

  3. Select Semgrep from PRESET PLUGINS.

  • Enter a relevant name in the Task name field. It is a mandatory field.

  • Enter a descriptive message for the task in the Description field. It is an optional field.

  • Provide a value for the input variable. Note: The value may be any of the values from the previous build stages, a global variable, or a custom value.

Variable
Format
Description

SemgrepAppToken

String

App token of Semgrep. If it is provided, this token will be used, otherwise it will be picked from Global Secret.

PrefixAppNameInSemgrepBranchName

Bool

Enter either true or false accordingly whether you want app name to be reflected with a branch name. If it is true, it will add app name with branch name. E.g., {SemgrepAppName}-{branchName}

UseCommitAsSemgrepBranchName

Bool

Enter either true or false accordingly whether you want app name to be reflected with commit hash. If it is true, it will add app name with commit hash. E.g., {SemgrepAppName}-{CommitHash}.

SemgrepAppName

String

App name for Semgrep. If it is provided, and PrefixAppNameInSemgrepBranchName is true, then this will be prefixed with branch name/commit hash.

ExtraCommandArguments

String

Extra command arguments for Semgrep CI command. E.g., Input: --json --dry-run.

  • Trigger/Skip Condition refers to a conditional statement to execute or skip the task. You can select either:

    • Set trigger conditions or

    • Set skip conditions

  • Click Update Pipeline.

PreviousK6 Load TestingNextSonarQube

Last updated 10 months ago

Was this helpful?