# Jenkins Pipeline

### Install Docker and Docker Pipeline plugins(if not already installed)

* Navigate to Manage Jenkins
* Manage Plugins
* Select the "Installed" tab and enter "docker" in the filter box
* From the results, you should find Docker Plugin and Docker Pipeline as shown below

![](https://3093892275-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MbsieSiu0D66DBFP4uh%2Fuploads%2FN0ODFQAXXjmWOW8uHNKO%2Fimage.png?alt=media\&token=67a107a0-929e-43f1-aa7e-b7fc5364c03a)

### Install Environment Variables

* Grab your orgId and entityId credentials from your profile
* Create and copy an API Key from your profile or Service Key from your admin dashboard (Admin -> Integration -> Service Keys)
* Go to "Manage Jenkins" > "Manage Credentials"
* Choose a Store
* Choose a Domain
* Go to "Add Credentials"
* Select "SecretToken"
* Configure the following Credentials
  * THREATRIX\_OID (orgId from profile)
  * THREATRIX\_EID (one entityID from your list of Entities)
  * THREATRIX\_API\_KEY(your personal API Key from profile or Service Key from Admin)

![](https://3093892275-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MbsieSiu0D66DBFP4uh%2Fuploads%2F0ExD7rm0kSDbljIbEDGT%2Fimage.png?alt=media\&token=cd189550-727e-4d7c-88c4-d38b78bb5099)

### Install Threat Agent in Pipeline

* Navigate to the pipeline into which you wish to install Threatrix scan agent
* Click configure and navigate to the bottom of page to edit "Pipeline" script
* After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

```
stage('Threatrix Scan') {
	environment {
		THREATRIX_OID = credentials('THREATRIX_OID')
		THREATRIX_EID = credentials('THREATRIX_EID')
		THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
	}
	steps {
		script {
				sh 'curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar > /tmp/threatagent.jar'
				sh 'java -jar threatagent.jar --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
			}
		}
	}        
}
```

### Install Threatrix Docker in Pipeline

* Navigate to the pipeline into which you wish to install Threatrix scan agent
* Click configure and navigate to the bottom of page to edit "Pipeline" script
* After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

```
        stage('Threatrix Scan') {
            environment {
                THREATRIX_OID = credentials('THREATRIX_OID')
                THREATRIX_EID = credentials('THREATRIX_EID')
                THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
            }
            steps {
                script {
                        sh 'sudo docker pull threatrix/threat-agent'
                        sh 'sudo docker run --rm --name threatrix-threat-agent -v $(pwd):/app threatrix/threat-agent --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
                    }
                }
            }        
        }
```