Enterprise DevSecOps

[ Jenkins DEVSECOPS Pipeline Generator ]

Integrate secure checks seamlessly. Compile automated, declarative CI/CD pipelines with SonarQube quality gates, Snyk scanning, Trivy checks, OWASP ZAP baseline audits, and Yelp secrets protection.

🤖 Select Agent

any Custom Label

🛠️ Build Tools

Use Java

Use Maven

Use Gradle

Use Node.js

Use Python

Use Ant

🛡️ Security Build Tools

SonarQube Scanner

Snyk CLI

Trivy Scanner

OWASP ZAP

➕ Additional Stages

Include Test Stage Include Deploy Stage

🚨 Security Stages

Include SonarQube Scan Include Snyk Scan Include Trivy Scan Include OWASP ZAP Scan Upload to Dependency-Track Upload to Artifactory Detect Secrets (Yelp detect-secrets) Detect Secrets (Gitleaks) Detect Secrets (TruffleHog)

🔑 Environment Variables

docker_image_name (IMAGE_NAME) docker_container_name (CONTAINER_NAME) Git Repository URL (GIT_REPO) Git Branch (GIT_BRANCH) JAVA_HOME MVN_HOME

Custom Env Variable Name	Value

🚀 Pipeline Enhancements

Deploy to Kubernetes Package Artifact (tar.gz) Enforce SonarQube Quality Gate

Artifact Upload Target:

Send Notification (Slack) Send Notification (Email)

🐳 Docker Section

Use Docker CLI

🧠

SRE Code Explanation

app.py

🎯 WHY & WHAT IT DOES

🕒 WHEN TO USE IT

🚀 WHERE & HOW TO DEPLOY

Commands to run:

# command