Jenkins Pipeline

PreviousGitLab Pipeline NextSCM Integrations

Last updated 7 months ago

Was this helpful?

Jenkins Pipeline

Install Docker and Docker Pipeline plugins(if not already installed)

Navigate to Manage Jenkins
Manage Plugins
Select the "Installed" tab and enter "docker" in the filter box
From the results, you should find Docker Plugin and Docker Pipeline as shown below

Install Environment Variables

Grab your orgId and entityId credentials from your profile
Create and copy an API Key from your profile or Service Key from your admin dashboard (Admin -> Integration -> Service Keys)
Go to "Manage Jenkins" > "Manage Credentials"
Choose a Store
Choose a Domain
Go to "Add Credentials"
Select "SecretToken"
Configure the following Credentials
- THREATRIX_OID (orgId from profile)
- THREATRIX_EID (one entityID from your list of Entities)
- THREATRIX_API_KEY(your personal API Key from profile or Service Key from Admin)

Install Threat Agent in Pipeline

Navigate to the pipeline into which you wish to install Threatrix scan agent
Click configure and navigate to the bottom of page to edit "Pipeline" script
After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

stage('Threatrix Scan') {
	environment {
		THREATRIX_OID = credentials('THREATRIX_OID')
		THREATRIX_EID = credentials('THREATRIX_EID')
		THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
	}
	steps {
		script {
				sh 'curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar > /tmp/threatagent.jar'
				sh 'java -jar threatagent.jar --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
			}
		}
	}        
}

Install Threatrix Docker in Pipeline

Navigate to the pipeline into which you wish to install Threatrix scan agent
Click configure and navigate to the bottom of page to edit "Pipeline" script
After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

        stage('Threatrix Scan') {
            environment {
                THREATRIX_OID = credentials('THREATRIX_OID')
                THREATRIX_EID = credentials('THREATRIX_EID')
                THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
            }
            steps {
                script {
                        sh 'sudo docker pull threatrix/threat-agent'
                        sh 'sudo docker run --rm --name threatrix-threat-agent -v $(pwd):/app threatrix/threat-agent --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
                    }
                }
            }        
        }

PreviousGitLab Pipeline NextSCM Integrations

Last updated 7 months ago

Was this helpful?

Install Docker and Docker Pipeline plugins(if not already installed)

Navigate to Manage Jenkins
Manage Plugins
Select the "Installed" tab and enter "docker" in the filter box
From the results, you should find Docker Plugin and Docker Pipeline as shown below

Install Environment Variables

Grab your orgId and entityId credentials from your profile
Create and copy an API Key from your profile or Service Key from your admin dashboard (Admin -> Integration -> Service Keys)
Go to "Manage Jenkins" > "Manage Credentials"
Choose a Store
Choose a Domain
Go to "Add Credentials"
Select "SecretToken"
Configure the following Credentials
- THREATRIX_OID (orgId from profile)
- THREATRIX_EID (one entityID from your list of Entities)
- THREATRIX_API_KEY(your personal API Key from profile or Service Key from Admin)

Install Threat Agent in Pipeline

Navigate to the pipeline into which you wish to install Threatrix scan agent
Click configure and navigate to the bottom of page to edit "Pipeline" script
After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

stage('Threatrix Scan') {
	environment {
		THREATRIX_OID = credentials('THREATRIX_OID')
		THREATRIX_EID = credentials('THREATRIX_EID')
		THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
	}
	steps {
		script {
				sh 'curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar > /tmp/threatagent.jar'
				sh 'java -jar threatagent.jar --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
			}
		}
	}        
}

Install Threatrix Docker in Pipeline

Navigate to the pipeline into which you wish to install Threatrix scan agent
Click configure and navigate to the bottom of page to edit "Pipeline" script
After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

        stage('Threatrix Scan') {
            environment {
                THREATRIX_OID = credentials('THREATRIX_OID')
                THREATRIX_EID = credentials('THREATRIX_EID')
                THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
            }
            steps {
                script {
                        sh 'sudo docker pull threatrix/threat-agent'
                        sh 'sudo docker run --rm --name threatrix-threat-agent -v $(pwd):/app threatrix/threat-agent --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
                    }
                }
            }        
        }