Jenkins Plugin
Levo's security/contract tests can be embedded in Jenkins quality gates via Levo's Jenkins plugin.
Prerequisites
- Account on Levo.ai
- A
Levo CLI Authorization Key. Refer to instructions here - For Application Name mode: An application created in Levo
- For Test Plan mode: A runnable Levo Test Plan
Installation
Below are the installation options:
-
Using the GUI: From your Jenkins dashboard navigate to
Manage Jenkins > Manage Pluginsand select theAvailabletab. Locate the plugin by searching forlevo, and install it. -
Using the CLI tool:
jenkins-plugin-cli --plugins levo:33.vc34b_8f81dc9a -
Using direct upload. Download one of the releases and upload it to your Jenkins instance.
Configuration
1. Add Build Step
In your project configuration (Freestyle project), add the Levo Test Plan build step to the Build Steps section.
2. Configure Credentials
Select your Levo Credential (CLI Authorization Key). If you haven't added it yet:
- Click Add next to the dropdown.
- Select Levo CLI Credentials kind.
- Enter your Organization ID and CLI Authorization Key.
3. Select Execution Mode
The plugin supports three execution modes:
A. Application Name (Recommended)
Dynamically creates and runs a test plan for a specific application in your Levo workspace.
- Application Name: The name of the application in Levo.
- Environment: The environment to test (e.g.,
staging). - Target: The target URL of the application to test.
- Data Source: Use "Test User Data" or "Traces".
- Categories: Select the vulnerability categories to test (e.g., BOLA, SQL Injection).
B. Test Plan LRN
Executes a specific, pre-existing Test Plan.
- Test Plan LRN: The unique identifier (LRN) of your Test Plan (copy from Levo Console).
- Target: The target URL to test.
C. Remote Test Run
Initiates a test run that executes remotely on the Levo Cloud or your On-Premises runner.
- Application Name: The name of the application in Levo.
- Environment: The environment to test.
- Run On: Choose "Cloud" or "On-Premises".
- Target URL: The target URL for the remote runner to access.
Pipeline Configuration
You can use the levo-test-plan step in your Jenkins Pipeline scripts.
Application Name Mode (Example)
pipeline {
agent any
stages {
stage('Security Test') {
steps {
step([$class: 'TestPlanBuilder',
levoCredentialsId: 'your-credential-id',
executionMode: 'appName',
appName: 'my-app',
environment: 'staging',
target: 'http://my-app.staging.svc',
categories: 'BOLA,SQL_INJECTION'
])
}
}
}
}
Test Plan LRN Mode (Example)
pipeline {
agent any
stages {
stage('Security Test') {
steps {
step([$class: 'TestPlanBuilder',
levoCredentialsId: 'your-credential-id',
executionMode: 'testPlan',
testPlan: 'lrn:levo:test-plan:...',
target: 'http://my-app.staging.svc',
generateJunitReport: true
])
}
}
}
}
Remote Test Run Mode (Example)
pipeline {
agent any
stages {
stage('Security Test') {
steps {
step([$class: 'TestPlanBuilder',
levoCredentialsId: 'your-credential-id',
executionMode: 'remoteTestRun',
appName: 'my-app',
environment: 'staging',
targetUrl: 'http://public-app-url.com',
runOn: 'cloud',
dataSource: 'Test User Data'
])
}
}
}
}
Reporting
You can enable Generate JUnit Reports (available in local execution modes) to publish test results to Jenkins.
- Check "Generate JUnit Reports" in the build step configuration.
- Add a
junitstep in your pipeline or "Publish JUnit test result report" post-build action:post {
always {
junit '**/levo.junit.xml'
}
}