Skip to content

checkmarx-ts/cxone-flow

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

116 Commits
.github
.github
 
 
.vscode
.vscode
 
 
agent
agent
 
 
agent_packages/resolver
agent_packages/resolver
 
 
api_utils
api_utils
 
 
artifacts
artifacts
 
 
config
config
 
 
cxone_service
cxone_service
 
 
cxoneflow_logging
cxoneflow_logging
 
 
docker
docker
 
 
manual
manual
 
 
orchestration
orchestration
 
 
release_notes
release_notes
 
 
scm_services
scm_services
 
 
services
services
 
 
task_management
task_management
 
 
test_data
test_data
 
 
tests
tests
 
 
workflows
workflows
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
CODE-OF-CONDUCT.md
CODE-OF-CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
_agent.py
_agent.py
 
 
_version.py
_version.py
 
 
rabbit_config.py
rabbit_config.py
 
 
requirements.txt
requirements.txt
 
 
resolver_agent.py
resolver_agent.py
 
 
workflow_agent.py
workflow_agent.py
 
 
wsgi.py
wsgi.py
 
 

Repository files navigation

CxOne Flow

If you are familiar with CxFlow for Checkmarx SAST, you will be familiar with the role of CxOneFlow.

For those that have not used CxFlow with Checkmarx SAST, CxOneFlow is a scan orchestrator that executes multiple source code analysis scans. It is driven by web hook events coming from a source control system.

CxOneFlow vs CxFlow

CxOneFlow is not intended to ever reach feature parity with CxFlow. Many CxFlow features will not apply to Checkmarx One scanning. CxOneFlow currently orchestrates scans via webhook events for push and pull-requests involving protected branches. CxOneFlow itself does not create results in feedback applications.

Quickstart and Documentation

Please refer to the Releases where you will find a PDF manual that will explain configuration steps for a quick evaluation.

Execution Features

  • Supported SCMs
    • BitBucket Data Center
    • Azure DevOps Enterprise, On-premise or Cloud
    • GitHub Enterprise and Cloud
  • Scans are invoked by Push events when code is pushed to protected branches.
  • Scans are invoked on Pull-Requests that target a protected branch.
  • Scan results for Pull-Request scans are summarized in a pull-request comment.
  • Pull-Request state is reflected in scan tags as the pull request is under review.
  • Dependency resolution with SCA Resolver can be orchestrated to run behind the corporate firewall.

About

CheckmarxOne Scan Orchestration

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

2 forks
Report repository

Releases 32

2.0.0 Latest
Jan 6, 2025
+ 31 releases

Packages

 
 
 

Languages