Jenkins Pipeline

Install Docker and Docker Pipeline plugins(if not already installed)

  • Navigate to Manage Jenkins

  • Manage Plugins

  • Select the "Installed" tab and enter "docker" in the filter box

  • From the results, you should find Docker Plugin and Docker Pipeline as shown below

Install Environment Variables

  • Grab your orgId and entityId credentials from your profile

  • Create and copy an API Key from your profile or Service Key from your admin dashboard (Admin -> Integration -> Service Keys)

  • Go to "Manage Jenkins" > "Manage Credentials"

  • Choose a Store

  • Choose a Domain

  • Go to "Add Credentials"

  • Select "SecretToken"

  • Configure the following Credentials

    • THREATRIX_OID (orgId from profile)

    • THREATRIX_EID (one entityID from your list of Entities)

    • THREATRIX_API_KEY(your personal API Key from profile or Service Key from Admin)

Install Threat Agent in Pipeline

  • Navigate to the pipeline into which you wish to install Threatrix scan agent

  • Click configure and navigate to the bottom of page to edit "Pipeline" script

  • After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

stage('Threatrix Scan') {
	environment {
		THREATRIX_OID = credentials('THREATRIX_OID')
		THREATRIX_EID = credentials('THREATRIX_EID')
		THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
	}
	steps {
		script {
				sh 'curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar > /tmp/threatagent.jar'
				sh 'java -jar threatagent.jar --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
			}
		}
	}        
}

Install Threatrix Docker in Pipeline

  • Navigate to the pipeline into which you wish to install Threatrix scan agent

  • Click configure and navigate to the bottom of page to edit "Pipeline" script

  • After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

        stage('Threatrix Scan') {
            environment {
                THREATRIX_OID = credentials('THREATRIX_OID')
                THREATRIX_EID = credentials('THREATRIX_EID')
                THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
            }
            steps {
                script {
                        sh 'sudo docker pull threatrix/threat-agent'
                        sh 'sudo docker run --rm --name threatrix-threat-agent -v $(pwd):/app threatrix/threat-agent --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
                    }
                }
            }        
        }

Last updated