Synopsys Detect for Jenkins

The Synopsys Detect for Jenkins plugin enables you to install and run Synopsys Detect in your Jenkins instance. 

Synopsys Detect is Black Duck's intelligent scan client that scans code bases in your projects and folders to perform compositional analysis. Synopsys Detect sends scan results to Black Duck, which generates risk analysis when identifying open source components, licenses, and security vulnerabilities.

Synopsys Detect is designed to run in the native build environment of the project that you want to scan. It uses the same global configuration as your Jenkins instance and provides a pass-through for Synopsys Detect. You can run as a post-build action in a Jenkins Freestyle job or run as a Pipeline step using a Pipeline script in a PipeLine job.
After running a Synopsys Detect scan following the Jenkins build, you can view the scan results in your Black Duck instance.

Basic workflow

1. Make sure you satisfy system and other requirements

2. You install the Synopsys Detect plugin in Jenkins.
3. Configure Black Duck connection and plugin.

4. Run a Jenkins build on your project

5. Synopsys Detect scans the project, for example, the scan might be a step in a Jenkins Pipeline job or post-build action in a Freestyle job.
   Refer to How Synopsys Detect works to learn about Synopsys Detect.

6. Synopsys Detect sends the scan results to Black Duck for analysis.

After running a Synopsys Detect scan following the Jenkins build, you can view the scan results in your Black Duck instance.