How to Use MergeBase in: Jenkins

Oscar van der Meer

Created Feb 22, 2022

How to Use MergeBase in: Jenkins

23
    b

Mergebase

11 Steps
1

Find your Jenkins job you'd like to integrate

Find your Jenkins job you'd like to integrate
2

Click on Configure

Click on Configure
3

Click on Add build step

Click on Add build step
4

Click on Execute shell

We're going to be adding a shell execution step to run the MergeBase CLT tool. 

Click on Execute shell
5

Add the script to download and run MergeBase

wget --header="X-Authorization: [token-here]" https://app.mergebase.com/{customerKey}/api/update/clt/mergebase.jar

# your URL may be in the form:  https://trial.mergebase.com/[your-comany-here]/api/update/clt/mergebase.jar

java -jar mergebase.jar --name=TestPipeline ./pom.xml
# optionally: add --ignoreExitCode if you want the build to succeed even when the project has vulnerabilities
Add the script to download and run MergeBase
6

Grab your MergeBase Customer Token

Grab your MergeBase Customer Token
7

Find your Customer Token here

Copy this token to your Jenkins script

Find your Customer Token here
8

Add the token to the MergeBase CLT step

Add the customer token to the script from above. You can modify the name of the project and target the file in your application that you'd like to scan. If this is a multi-module project, specify the module you'd like to scan in the command as shown below:

java -jar mergebase.jar --name=YourNameHere ./path/to/scan

Add the token to the MergeBase CLT step
9

Save and exit

Save and exit
10

Build your target

Build your target
11

Head back to the MergeBase dashboard

As you can see, your project has been scanned and you can view the full report for your application.

Head back to the MergeBase dashboard
Well done!
Create how-to guides like this in a snap. Get Tango now.