Skip to main content

Integrations Compatibility

Sonatype provides a wide range of integrations for Sonatype Lifecycle and Nexus Repository.

Integrations to Lifecycle require a license, while Lifecycle integrations with Nexus Repository require a Sonatype Lifecycle or Repository Firewall license and a Nexus Repository Pro license.

Sonatype Integrations Capability Matrix

The following summarizes our current integration offerings with leading DevOps toolchain applications and technology stacks.

CI/CD Systems

Jenkins

Azure DevOps

Bamboo

Circle CI

Server

Cloud

Server

Cloud

Server

DataCenter

CircleCI

Policy Evaluation

Perform a policy evaluation within build pipeline

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200183.png

Policy Summary

Get policy evaluation summary within build pipeline

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200183.png

Publish to Nexus Repository

Ability to push build artifacts to Nexus Repository

137200182.png

137200181.png

Dashboard Widgets

View summary policy evaluation information in graphical form within build pipeline

137200182.png

137200182.png

137200182.png

Build Failure Report

View detailed policy evaluation results within build pipeline

137200182.png

137200182.png

137200182.png

Legend: 137200182.png = Supported, 137200183.png= Not Tested, 137200181.png = Community

Source Control Management (SCM)

Azure DevOps

Bitbucket

GitHub

GitLab

Services

Server

Cloud

Server

DataCenter

Cloud

Enterprise

Cloud

Enterprise

SCM Onboarding

Quickly onboarding source repositories into Lifecycle.

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

Build Status

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

137200182.png

Automated Pull/Merge Requests

Automatically create pull requests for policy violations on components with suggested remediation.

137200182.pngmaven, gradle, npm, go

137200182.pngmaven, gradle, npm, go

137200182.png

maven, gradle, npm, go

137200182.png

maven, gradle, npm, go

137200182.png

maven, gradle, npm, go

137200182.png

maven, gradle, npm, go

137200182.png

maven, gradle, npm, go

137200182.png

maven, gradle, npm, go

137200182.png

maven, gradle, npm, go

Pull/Merge Request Commenting

Developer is notified of component issues upon commit to repository. Information is consolidated at Pull/Merge Request level.

137200182.png

137200182.png

137200182.png

Code Insights

137200182.png

Code Insights

137200182.png

137200182.png

137200182.png

137200182.png

Code Commenting

Detailed, line-level information is provided of component issues upon commit to repository.

137200182.png

Code Insights

Line-level comments in PR Review

maven, gradle, npm, go

137200182.png

Code Insights

Line-level comments in PR Review

maven, gradle, npm, go

137200182.png

Line-level comments in PR Review

maven, gradle, npm, go

137200182.png

Line-level comments in PR Review

maven, gradle, npm, go

137200182.png

Line-level comments in PR Review

maven, gradle, npm, go

137200182.png

Line-level comments in PR Review

maven, gradle, npm, go

CI/CD Integration

Integration with SCM system's build capability

137200182.png

Pipelines

137200182.png

Pipelines

n/a

n/a

137200182.png

Actions

137200183.png

137200182.png

Pipelines

137200182.png

Pipelines

Legend: 137200182.png = Supported, 137200183.png= Not Tested

IDE Integration

Eclipse

IDEA

Visual Studio

VS Code

Component Intelligence - Lifecycle Intelligence

View component status within IDE using premium data from Lifecycle Intelligence

137200182.png

137200182.png

137200182.png

137200181.png

Component Intelligence - OSSIndex

View component status with IDE using data from OSSIndex

137200181.png

Build file formats

Java Classpath

(Maven, Gradle, ...)

Java Classpath, npm

(Maven, Gradle, ...)

NuGet

npm, RubyGems, Go* , R, PyPi

*(Go supports dep and go mod buids, and only on linux)Int

Legend: 137200182.png = Supported, 137200183.png = Not Tested, 137200181.png = Community

Package / Build Tools

Maven

Gradle

Policy Evaluation

Perform a policy evaluation using standardized build tools

137200182.png

137200181.png

Legend: 137200182.png = Supported, 137200183.png = Not Tested, 137200181.png = Community

Ticketing Systems

Jira

Jira Cloud

Jira Server

Jira Data Center

Atlassian Jira Notifications

Jira ticket automatically created upon policy violation

137200182.png

Lifecycle for Jira

Jira ticket automatically created upon policy violation, advanced ability to group tickets via policy or component

137200182.png

137200182.png

Legend: 137200182.png = Supported, 137200183.png = Not Tested

-- Icons made by Alfredo Hernandez from Flaticon