Jenkins integration

A quick start-up guide on how to integrate Snyk in your Jenkins CI

Jenkins Pipeline offers a straightforward way to integrate Snyk with your Jenkins test and deployment builds:


pipeline {
  agent any
  stages {
    stage('Test') {
      steps {
        sh 'node -v'
        sh 'npm prune'
        sh 'npm install'
        sh 'snyk test'
      }
    }
    stage('Build') {
      steps {
        sh 'snyk monitor'
      }
    }
  }
  environment {
    SNYK_TOKEN = credentials('SNYK_TOKEN')
  }
}


Copy your API key from Your account and add it as SNYK_TOKEN to Jenkins credentials. The CLI will use this value to authenticate by relying on the SNYK_TOKEN environment variable.

The Test stage will test your build for vulnerabilities, failing the build if new vulnerabilities are found.

The Build  stage will update your project's snapshot on Snyk, allowing us to update you with the most recent vulnerability disclosures that affect your project.

You can specify the --org=your-org-name  flag in both CLI commands to set the org against which tests and snapshots are performed.