Hi,
We wish to add a new task in nexusiq plugin because the plugin task is only to evaluate a binary. This task is not enough for us, we need a new task in in the plugin to get by project the number of vulnerabilities(critical, high, warning)
Regards,
by: Charlemagne T. | over a year ago | Integrations
Comments
Specifically, you would like the new task to provide the number of vulnerabilities (categorized as critical, high, or warning) for a given project. This will be useful to configure gates in order to promote deployment from an environment to another one
Thank you for your request!
Unfortunately, the feature you mentioned is not currently on our integration roadmap for the Denali release in October 2023. We prioritize integrations that benefit a wide range of customers and will consider all customer feedback and suggestions when making decisions about future updates. We will wait for more upvotes to consider it for future releases.
Hello,
We need this plugin evolution because Fortify is a mandatory gate before allowing a release to go in production for our customer. When they deploy with Release they use a gate task per deployment and this is use to know the number of vulnerabilities. For example they want to be able to block the deployment when the number critical vulnerabilities is more than one. This gate is very important for the security of customers environnements.
Regards,
Regarding the NexusIQ plugin upgrade, we have scheduled it for release in spring 2024 (E-wave). To ensure that we effectively meet your requirements, we would like to plan a working session starting from October 2023. During this session, we would appreciate gaining a comprehensive understanding of your use case. Some of the questions we would like to discuss include, but are not limited to, the structure of projects, how vulnerabilities are assigned and configured, and how data is displayed in tasks (such as numbers, thresholds, etc.).
we will be available for this working session and also for sharing our experience about nexusiq
This update is accessible in the Early Access 24.1 beta5 version on the distribution side https://dist.xebialabs.com/customer/early-access/. We encourage you to test it and share your feedback with us.