Integrations Compatibility
Our developers are continuously improving and adding new capabilities to Lifecycle integrations. As they develop new capabilities, they are rolled out to the various platforms and deployment options. This document maps which features are currently available with which deployment. If you are not seeing the supported feature you are expecting please submit your request through the ideas.sonatype.com portal.
Integrations to Lifecycle require a license, while Lifecycle integrations with Nexus Repository require a Sonatype Lifecycle or Repository Firewall license and a Nexus Repository Pro license.
Integrations Capability Matrix
The following summarizes our current integration offerings with leading DevOps toolchain applications and technology stacks.
CI/CD Systems | |||||||
|---|---|---|---|---|---|---|---|
Jenkins | Azure DevOps | Bamboo | Circle CI | ||||
Server | Cloud | Server | Cloud | Server | DataCenter | CircleCI | |
Policy Evaluation Perform a policy evaluation within build pipeline |
|
|
|
|
|
| |
Policy Summary Get policy evaluation summary within build pipeline |
|
|
|
|
|
| |
Publish to Nexus Repository Ability to push build artifacts to Nexus Repository |
|
| |||||
Dashboard Widgets View summary policy evaluation information in graphical form within build pipeline |
|
|
| ||||
Build Failure Report View detailed policy evaluation results within build pipeline |
|
|
| ||||
Legend: 
= Supported, 
= Not Tested, 
= Community
Source Control Management (SCM) | |||||||||
|---|---|---|---|---|---|---|---|---|---|
Azure DevOps | Bitbucket | GitHub | GitLab | ||||||
Services | Server | Cloud | Server | DataCenter | Cloud | Enterprise | Cloud | Enterprise | |
SCM Onboarding Quickly onboarding source repositories into Lifecycle. |
|
|
|
|
|
|
|
|
|
Build Status |
|
|
|
|
|
|
|
|
|
Automated Pull/Merge Requests Automatically create pull requests for policy violations on components with suggested remediation. |
|
|
maven, gradle, npm, go |
maven, gradle, npm, go |
maven, gradle, npm, go |
maven, gradle, npm, go |
maven, gradle, npm, go |
maven, gradle, npm, go |
maven, gradle, npm, go |
Pull/Merge Request Commenting Developer is notified of component issues upon commit to repository. Information is consolidated at Pull/Merge Request level. |
|
|
Code Insights |
Code Insights |
|
|
|
| |
Code Commenting Detailed, line-level information is provided of component issues upon commit to repository. |
Code Insights Line-level comments in PR Review maven, gradle, npm, go |
Code Insights Line-level comments in PR Review maven, gradle, npm, go |
Line-level comments in PR Review maven, gradle, npm, go |
Line-level comments in PR Review maven, gradle, npm, go |
Line-level comments in PR Review maven, gradle, npm, go |
Line-level comments in PR Review maven, gradle, npm, go | |||
CI/CD Integration Integration with SCM system's build capability |
Pipelines |
Pipelines | n/a | n/a |
Actions |
|
Pipelines |
Pipelines | |
Legend: = Supported, = Not Tested
IDE Integration | ||||
|---|---|---|---|---|
Eclipse | IDEA | Visual Studio | VS Code | |
Component Intelligence - Lifecycle Intelligence View component status within IDE using premium data from Lifecycle Intelligence |
|
|
|
|
Build file formats | Java Classpath (Maven, Gradle, ...) | Java Classpath, npm (Maven, Gradle, ...) | NuGet | Java (Maven and Gradle), JavaScript (npm and Yarn), Go (Go modules), Python (Poetry, Pip), Rust (Cargo), PHP (Composer), C (Conan (1.x only)) |
Legend: = Supported
Package / Build Tools | ||
|---|---|---|
Maven | Gradle | |
Policy Evaluation Perform a policy evaluation using standardized build tools |
|
|
Legend: = Supported, = Community
Ticketing Systems | |||
|---|---|---|---|
Jira | |||
Jira Cloud | Jira Server | Jira Data Center | |
Atlassian Jira Notifications Jira ticket automatically created upon policy violation |
| ||
Lifecycle for Jira Jira ticket automatically created upon policy violation, advanced ability to group tickets via policy or component |
|
| |
Legend: = Supported
-- Icons made by Alfredo Hernandez from Flaticon