In this article we will make the necessary modifications to a simple Jenkins project using Jenkinsfile to scan a GitHub repository with SOOS.
Open the SOOS App, browse to Integrate > CI/CD/Repo > CI/CD > Jenkins
Click the Download link and get the latest release of the Jenkinsfile and copy the file into your project and push it to your GitHub repository
Alternatively copy and paste the code inside a new Jenkinsfile file in your project
- Note the API Key (SOOS_API_KEY), Client ID (SOOS_CLIENT_ID) and Script (Script Integration) values, you will need these to configure the Environment Variables.
Technical details for the script can be found here: https://github.com/soos-io/soos-sca-jenkins-plugin
Navigate to Jenkins -> Manage Jenkins -> Configure System
Setup Environment Variables
Under “Global Properties”, add environment variables for your SOOS_API_KEY and SOOS_CLIENT_ID, obtained from the SOOS app in the Environment variables text fields. These will be used by the SOOS CLI.
Save your configuration.
Install Docker and add the Plugins
- Visit https://www.docker.com/ and download Docker.
- Navigate to Jenkins -> Manage Jenkins -> Manage Plugins
- Select the Available tab, and search for Docker plugins.
- Install the Docker and Docker Pipeline plugins in order to get the Docker agent available to run the Jenkinsfile.
Add “New Item” in the Jenkins main menu.
Enter a name for the item and select Pipeline.
On the next screen:
- Type in a description for your item.
- Select the Pipeline Tab.
- Choose 'Pipeline script from SCM' in the Definition field.
- In the SCM field select 'Git'.
- Enter the link to your GitHub repo in the Repository URL field and enter the corresponding credentials when prompted.
- Write the Jenkinsfile path in the Script Path field and select Apply and Save.
To run the SOOS CLI against your repository’s code, just execute a build or commit a change. The build will use the environment variables that you created for the API Key and Client ID.