Home Contact Us Blog

Jenkins

Jenkins is an open-source automation server that facilitates the automation of building, testing, and deploying software applications. It provides a platform for building, deploying, and automating any project, making it a key tool for continuous integration and continuous delivery (CI/CD) pipelines.

Pre-requisites

Before proceeding with integrating Jenkins in SSD make sure the following components are available:

  • Jenkins version should be greater than 2.277.4

  • Java version (that Jenkins is running on) should be Java 8 or more.

  • Git and docker should be installed on the host.

  • Along with the RabbitMQ related details that have to be entered in the plugin configuration, you need to specify an archive file and a key for the image name that the plugin needs to look for.

Optional

  • It is good to have a git plugin to clone the repository.

  • It is good to have the build user var plugin installed. This ensures that you have the build user vars option enabled for all builds in the Configure System section.

Usage of Jenkins in SSD

The following are the uses of integrating Jenkins with SSD:

  • SSD supports Jenkins as a Continuous Integration (CI) tool as well as a Continuous Deployment (CD) tool.

  • In CI - SSD gets notified for every Jenkins pipeline execution. It collects the build-related data to run security analysis on the dependencies, build artifacts and the pipeline steps configuration.

  • In CD - SSD gets notified for every Jenkins pipeline execution. It performs security analysis on the image being deployed and the target cluster in which the image is deployed.

  • It collects metadata such as job name, trigger, Artifact SHA etc., to perform artifact integrity checks to ensure the supply chain security is intact. Also the collected metadata gets populated in the DBOM for audit purposes.

Before proceeding with Jenkins integration, you need to install the SSD plugin.

Integrate Jenkins as a CI Tool

SSD Plugin installation:

Follow the steps below to install SSD plugin:

  1. Run the below command in your system, to download the plugin file to your local.

curl -O https://raw.githubusercontent.com/opsmx/ssd-plugin/releases/download/v0.1.0-alpha.2/ssd.hpi

  1. Login to your Jenkins and go to Manage Jenkins > Manage Plugins > Advance Settings.

  2. Go to Deploy Plugin option and update the downloaded file.

  3. Click Deploy and restart Jenkins.

Connecting Jenkins with SSD

To connect Jenkins with SSD you need to do the following steps:

  • Integrate RabbitMQ plugin in Jenkins

  • Integrate Jenkins in SSD

Integrating SSD RabbitMQ plugin in Jenkins

The primary step in the entire process is integrating SSD RabbitMQ. It is integrated in Jenkins using its external IP of service or the DNS value mapped to that service. This integration is used in the global job configuration to push the build data to SSD.

Follow the steps mentioned below to integrate RabbitMQ service.

  1. Navigate to Manage Jenkins > Configure System, where you will find the SSD Plugin.

  2. Enter the RabbitMQ details of your SSD as given below:

  1. Enter the build related details that the plugin needs to look for in the system as shown below:

  • Build Archive File Name (Mandatory) - Name of the build archive file that is used to save the image name(mandatory), image sha(optional), git repository(optional) and branch(optional). If the key for image sha is not defined then it will be derived from the console text. The git repo and branch would be needed if repositories are not being cloned from the git plugin.

  • Image Name Key (Mandatory) - Name of the key that is used for the image name in the archive file. The key and the image name should be separated by a space.

  • Image Sha Key (Optional) - Name of the key that is used for the image sha in the archive file. If not defined then it will be derived from the console text. The key and the value should be separated by a space.

  • Git Repository Key (Optional) - The key that is used for the git repository in the archive file. This will only be needed and used when the git plugin is not used to clone the repository. The key and the value should be separated by a space.

  • Git Branch Key (Optional) - The key that is used for the git branch in the archive file. This will only be needed and used when the git plugin is not used to clone the repository. The key and the value should be separated by a space.

5. Check the connection to RabbitMQ by clicking on Test Connection to RabbitMQ. If your using SSL/TLS for the connection check the Is the connection to RabbitMQ secure? checkbox.

6. Click Save.

Integrate Jenkins in SSD:

  1. Navigate to Config > Integrations.

  2. In the Source panel, click on Jenkins.

  1. The Jenkins integration page is displayed.

  1. Click +New Account.

  2. Enter the Account Name, Approved Artifact Repo name, Host Url, Username and Password as shown below:

    • Account Name - The name of the user docker account.

    • Approved Artifact Repo name - The approved artifact repo name only from which the images are used.

    • Host Url - The host Url link.

    • Username - The username to access the docker account.

    • Password - The password to access the docker account.

  1. Click Save. The Jenkins account gets integrated in the build stage.

  2. You can edit the entered values by clicking the three dots provided at the end of each added account. Click Edit.

  1. Enter the new values and click Update.

The new values get updated.

TroubleShooting:

If you face any issues while integrating Spinnaker to Secure Software Delivery, feel free to contact OpsMx support team.

Once done, enable the deployment firewall. Refer Enable Deployment Firewall in Target Clusters.

PreviousGitHubNextArgoCD

Last updated