Jenkins Pipeline

Install Docker and Docker Pipeline plugins(if not already installed)

• Navigate to Manage Jenkins

• Manage Plugins

• Select the "Installed" tab and enter "docker" in the filter box

• From the results, you should find Docker Plugin and Docker Pipeline as shown below

Install Environment Variables

• Grab your orgId and entityId credentials from your profile

• Create and copy an API Key from your profile or Service Key from your admin dashboard (Admin -> Integration -> Service Keys)

• Go to "Manage Jenkins" > "Manage Credentials"

• Choose a Store

• Choose a Domain

• Go to "Add Credentials"

• Select "SecretToken"

• Configure the following Credentials

  • THREATRIX_OID (orgId from profile)

  • THREATRIX_EID (one entityID from your list of Entities)

  • THREATRIX_API_KEY(your personal API Key from profile or Service Key from Admin)

Install Threat Agent in Pipeline

• Navigate to the pipeline into which you wish to install Threatrix scan agent

• Click configure and navigate to the bottom of page to edit "Pipeline" script

• After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

stage('Threatrix Scan') {
	environment {
		THREATRIX_OID = credentials('THREATRIX_OID')
		THREATRIX_EID = credentials('THREATRIX_EID')
		THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
	}
	steps {
		script {
				sh 'curl -LJO https://github.com/threatrix/threat-matrix/releases/download/agent-release-latest/threat-agent-latest.jar > /tmp/threatagent.jar'
				sh 'java -jar threatagent.jar --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
			}
		}
	}        
}

Install Threatrix Docker in Pipeline

• Navigate to the pipeline into which you wish to install Threatrix scan agent

• Click configure and navigate to the bottom of page to edit "Pipeline" script

• After the stage(s) where you pull your project(s) into the workspace on the build server, add the following stage snippet to your Pipeline script

        stage('Threatrix Scan') {
            environment {
                THREATRIX_OID = credentials('THREATRIX_OID')
                THREATRIX_EID = credentials('THREATRIX_EID')
                THREATRIX_API_KEY = credentials('THREATRIX_API_KEY')
            }
            steps {
                script {
                        sh 'sudo docker pull threatrix/threat-agent'
                        sh 'sudo docker run --rm --name threatrix-threat-agent -v $(pwd):/app threatrix/threat-agent --oid=${THREATRIX_OID} --eid=${THREATRIX_EID} --api-key=${THREATRIX_API_KEY} ./'
                    }
                }
            }        
        }