Login Contact Us Book a Demo

Integrations

Jenkins Plugin

Supercharge your CI/CD pipeline with the Sonatype Jenkins plugin. Seamlessly integrate Sonatype’s powerful tools into your Jenkins continuous integration (CI) environment to automate open source risk management and software development life cycle (SDLC) processes.

Header-LR-Gray-(RIGHT)
Header-LR-Gray-(LEFT)

Use Jenkins with Your Favorite Sonatype Solutions

Pull Dependencies Across Formats

The Jenkins integration enables Sonatype Nexus Repository users to efficiently pull dependencies and publish artifacts across formats like Maven, npm, and more. Automate deployment tasks and centralize component management using a proven repository manager that scales with your development team.

Integrate Jenkins with Sonatype Nexus Repository to eliminate manual steps, reduce errors, and ensure build consistency across teams.

Explore Sonatype Nexus Repository

Enforce License Policies in Jenkins Builds

The Jenkins integration with Sonatype Lifecycle allows you to embed security and license policy enforcement directly into your build pipeline. The plugin scans software dependencies during Jenkins builds, flags violations, and generates detailed reports before bad components reach production.

Define highly customizable policies to automatically break builds that include known vulnerabilities or incompatible licenses, ensuring only secure, compliant components make it through your Jenkins pipeline.

Explore Sonatype Lifecycle

Jenkins Integration Features

Policy Enforcement at Build Time

Automatically block builds that violate your organization’s custom security, license, or quality policies — directly within Jenkins.

Detailed Vulnerability Reporting

Get actionable insights with rich reports covering security issues, licenses, and component health.

Real-time Component Analysis

Scan and evaluate dependencies used in your Jenkins builds to detect risks early.

Streamlined DevOps Workflows

Combine Jenkins CI with Sonatype’s tools to automate repetitive tasks and improve developer productivity.

Integration with Jenkins Workflows

Integrate seamlessly with both Freestyle and Pipeline jobs, enabling flexible automation across your Jenkins CI/CD processes.

Build Pipeline Integration

Integrate scans and repository access into local builds, CI/CD pipelines, or automation scripts to shift security left.

Resources

Get started quickly with step-by-step setup guides and usage instructions for the Jenkins integration with Sonatype products:

Sonatype Lifecycle Plugin for Jenkins

See Full Documentation

Sonatype Nexus Repository Plugin for Jenkins

See Full Documentation

Jenkins Plugin FAQs

What versions of Jenkins are supported?

The Sonatype Jenkins plugin supports Jenkins 2.176.1 and newer. Refer to the plugin documentation for compatibility notes.

Can I use the Jenkins plugin for pipeline jobs?

Yes, the plugin supports both Jenkins Freestyle and Pipeline jobs, including scripted and declarative Groovy pipelines.

Does this work with Jenkins CI and Jenkins CI/CD environments?

Yes. Whether you’re running Jenkins solely for CI or across a full CI/CD pipeline, the plugin provides flexible support.

How does the plugin help manage Jenkins workflows?

It centralizes security and artifact management tasks, automates policy enforcement, and integrates with both Sonatype Lifecycle and Sonatype Nexus Repository, all from within Jenkins.

Is software bill of materials (SBOM) support included?

Yes. With Sonatype Lifecycle, Jenkins builds can automatically generate and upload SBOMs for monitoring and compliance purposes.