Adding cx-jenkins-lib and update README

README.md

@@ -15,3 +15,4 @@ Project | Description
 [cx-flow-ado](cx-flow-ado) | Sample CxFlow Docker image for Azure DevOps Pipelines
 [cx-sast-scans-analysis](cx-sast-scans-analysis) | Powershell utility to pull scan data / build metrics from a CxSAST instance
 [cx-sca-search](cx-sca-search) | Tool to search for a given open-source library name in the results of prior Checkmarx SCA scans. This search tool complements the search capability in the current SCA results User Interface, which limits searches to the current scan.
+[cx-jenkins-lib](cx-jenkins-lib) | Jenkins Pipeline shared library example

cx-jenkins-lib/.gitignore

@@ -0,0 +1,102 @@
+# Created by https://www.gitignore.io/api/eclipse,windows
+# Edit at https://www.gitignore.io/?templates=eclipse,windows
+
+### Eclipse ###
+
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.settings/
+.loadpath
+.recommenders
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# PyDev specific (Python IDE for Eclipse)
+*.pydevproject
+
+# CDT-specific (C/C++ Development Tooling)
+.cproject
+
+# CDT- autotools
+.autotools
+
+# Groovy
+.groovy/
+
+# Java annotation processor (APT)
+.factorypath
+
+# PDT-specific (PHP Development Tools)
+.buildpath
+
+# sbteclipse plugin
+.target
+
+# Tern plugin
+.tern-project
+
+# TeXlipse plugin
+.texlipse
+
+# STS (Spring Tool Suite)
+.springBeans
+
+# Code Recommenders
+.recommenders/
+
+# Annotation Processing
+.apt_generated/
+
+# Scala IDE specific (Scala & Java development for Eclipse)
+.cache-main
+.scala_dependencies
+.worksheet
+
+### Eclipse Patch ###
+# Eclipse Core
+.project
+
+# JDT-specific (Eclipse Java Development Tools)
+.classpath
+
+# Annotation Processing
+.apt_generated
+
+.sts4-cache/
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+ehthumbs.db
+ehthumbs_vista.db
+
+# Dump file
+*.stackdump
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msix
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.gitignore.io/api/eclipse,windows

cx-jenkins-lib/Jenkinsfile

@@ -0,0 +1,69 @@
+@Library('sast')
+
+import com.checkmarx.sast.jenkins.CxScan
+import com.checkmarx.sast.jenkins.LineOfBusiness
+import com.checkmarx.sast.jenkins.ProjectTypes
+
+pipeline {
+	agent any
+	stages {
+		stage ('\u2776 ENV') {
+			steps {
+				script {
+					log.info "\u2600 BUILD_URL=${env.BUILD_URL}"
+
+					def workspace = pwd()
+					log.info "\u2600 workspace=${workspace}"
+				}
+			}
+		}
+
+		stage ('\u2777 SCM') {
+			steps {
+				script {
+					log.info 'Pulling source...'
+					git 'https://github.com/randygeyer/dvna.git'
+				}
+			}
+		}
+
+		stage ('\u2778 SCAN') {
+			steps {
+				script {
+					log.info 'Starting CxSAST scan...'
+					def appTeam = 'GoRide'
+					def appId = '12345'
+					def appName = 'App1'
+					def component = 'Component1'
+					def branch = 'Dev'
+					def environment = 'accept'
+					def cx = new CxScan(this, LineOfBusiness.AppSec, ProjectTypes.WebApp, appTeam, appId, 
+							appName, component, branch, environment)
+					cx.addFolderExclusions('mytest,libs')
+					cx.addScanComment('testing 123...')
+					cx.doFullScan()
+				}
+			}
+		}
+
+		stage ('\u2778 OSA SCAN') {
+			steps {
+				script {
+					log.info 'Starting CxOSA scan...'
+					def appTeam = 'GoRide'
+					def appId = '12345'
+					def appName = 'App1'
+					def component = 'Component1'
+					def branch = 'Dev'
+					def environment = 'accept'
+					def cx = new CxScan(this, LineOfBusiness.AppSec, ProjectTypes.WebApp, appTeam, appId, 
+							appName, component, branch, environment)
+
+					def includeFolders = 'libs'
+					def excludeFolders = ''
+					cx.doOsaScan(includeFolders, excludeFolders)
+				}
+			}
+		}
+	}
+}

cx-jenkins-lib/README.md

@@ -0,0 +1,7 @@
+# cx-jenkins-lib
+Jenkins Pipeline shared library example
+
+https://jenkins.io/doc/book/pipeline/shared-libraries/
+
+Author: [email protected]
+