Installing the Plugin
In the Jenkins Plugin Manager, install the “Warnings Next Generation Plugin”.
Running Brakeman in Jenkins
The plugin itself does not run any tools, it just collects the results.
There are many ways to run Brakeman in Jenkins, depending on the setup on your application and the Jenkins workers.
One method is to invoke Brakeman as part of an “Execute shell” build step:
Here is a sample build command if RVM is available on the worker:
bash -l -c ' rvm install 3.0.0 && \ rvm use 3.0.0@brakeman --create && \ gem install brakeman && \ brakeman --no-progress --no-pager --no-exit-on-warn -o brakeman-output.json '
Explanation of Brakeman options:
Processing...output in Jenkins logs
lessto display report
--no-exit-on-warntells Brakeman to return a 0 exit code even if warnings are found
-o brakeman-output.jsonsets the report file and format
To configure the plugin, click “Add post-build action” and select “Record compiler warnings and static analysis results”.
Then select “Brakeman” as the tool.
The default options will check for files named
brakeman-output.json and collect the results.
There is no need to set any other configuration options right now. By default, the plugin will collect and display results but will not affect the status of the build.
Click the “Advanced…” button to check out the many options for configuring how Brakeman results affect build status.
After the next build, Brakeman results should appear in the build status.
On subsequent builds, the plugin will show if there are new and/or fixed warnings in that build.
The plugin can show warnings broken down by folder, file, category, type, or just a list of issues.
The overview will show a breakdown of warnings by severity or status (fixed/new/existing). Note that the plugin maps “medium” findings to “normal” and “weak” findings to “low”.
Warnings can also be viewed inline with code: