I have a plugin in Jenkins for Checkmarx which scans the source code for static code analysis. Is there to make that plugin be compulsory for every job in jenkins?
For that matter any plugin.
The answer, that you probably don't want to hear, is: No.
The only way you can enforce something to happen at all times, is by writing your own plugin for your own "Project type" (instead of Maven or Free-style), and then enforce that everyone uses your project type.
Found a implicit way to do it.
Run this on a schedule and it shall force everyone to use it.
As I said its an implicit way of doing it.
Checkmarx plugin provides a build step, so it will run every time the job runs. No need to force, if I understand the question correctly. Just make sure the "Skip scan if triggered by SCM Changes" flag is unchecked, which is the default. See more info about the plugin here: https://checkmarx.atlassian.net/wiki/display/KC/Configuring+a+Scan+Action
Downloading the config.xml for the job and posting it back is a bad idea for several reasons. First checkmarx does not require the code to be compiled so you are wasting precious cycles on a build slave. Second Jenkins jobs can do more than compile and they could deploy to production accidentally. Just don't do it. The best way to do what you want to do is to download the config.xml file and then extract the repository url. You can use the Checkmarx rest api to perform a scan. You can probably name the program in checkmarx in some way to relate it back to the jenkins job.