Examples

Table of Contents

Simple example report
- HTML variant
- JSON variant
"Real life" report example
- Download
Jenkins integration example
- Scan with SecHub Client

Simple example report

This is an example containing only one "yellow" finding - so easy to understand.

HTML variant

JSON variant

ℹ️	The JSON report will be extended in future, but always be downward compatible.

You can download beautified JSON or the origin JSON report for last picture.

"Real life" report example

Here a real output from an older SecHub scan (scanned itself) - you will find output files to download below picture.

ℹ️	The scan was done with SecHub server V0.14.0

Download

Jenkins integration example

A working example of a Jenkinsfile can be found within the SecHub project in the continous-integration-multibranch-pipeline.jenkins file.

For the documentation of the SecHub client please refer to SecHub Cient.

Scan with SecHub Client

You can run the SecHub Client in synchronous and asynchronous mode. In synchronous mode your build will break if it isn’t "green" (sechub scan). Whereat in asynchronous mode it will not break your CI/CD pipeline (sechub scanAsync).

Run the SecHub client within your source folder with parameters and default named sechub.json file:

stage('Security scan') {
  // set the environment variables within the scan-stage
  environment {
     SECHUB_USERID = credentials('sechub-userid')
     SECHUB_APITOKEN = credentials('sechub-api-token')
     SECHUB_SERVER= credentials('sechub-server')
  }
}
steps {
  script {
    sh "sechub -project ${projectName} scan"
  }
}

Or provide a configuration file (JSON) as parameter:

sh "sechub -configfile config.json scan"

For details to the SecHub configuration file please see SecHub configuration.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly