Configure OWASP scan with dependency check plugin in Jenkins pipeline project

  1. Make sure you have installed the OWASP dependency check plugin in Jenkins
  2. install dependency-check script using this Ansible role (I have used it for jenkins master and slave). It will simply install dependency-check shell script in /opt directory
    dependency_check_version: 5.1.1
    - name: Delete previously unpacked /opt/dependency-check
        path: /opt/dependency-check
        state: absent
      become: yes
    - name: "Download dependency-check-{{ dependency_check_version }}"
        url: "{{ dependency_check_version }}"
        dest: /opt/
      become: yes
    - name: Extract into /opt/dependency-check
        src: /opt/
        dest: /opt
        remote_src: yes
      become: yes
    - name: Recursively change ownership of a directory /opt/dependency-check
        path: /opt/dependency-check
        state: directory
        recurse: yes
        owner: jenkins
        group: jenkins
      become: yes
  3. Modify the Jenkins pipeline. I used direct invocation, because calling the plugin gives me Null pointer exception in Jenkins. Add new step for scan:
        stage("Dependency Check") {
            steps {
       sh '''
        /opt/dependency-check/bin/ --out . -s $WORKSPACE --project test -f HTML -f XML
        dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
        archiveArtifacts allowEmptyArchive: true, artifacts: '**/dependency-check-report.html', onlyIfSuccessful: true