Jenkins

Learn how to integrate OpenText Core SCA with Jenkins.

Last updated 17 days ago

Was this helpful?

Jenkins

Learn how to integrate OpenText Core SCA with Jenkins.

You can integrate your Jenkins pipeline with OpenText Core SCA, so that a vulnerability scan is performed every time the pipeline is triggered.

Configure OpenText Core SCA token

Start by . Copy the token to use it in the next step.
Create the DEBRICKED_TOKEN, which the pipeline will use. Inside Jenkins, go to your pipeline, click Add Credentials, and select the correct folder.
Create a new credential with "Kind" set to secret text.
In the secret field, insert the access token you created in the previous step. As ID, enter DEBRICKED_TOKEN and click Create. See the image below:

Configure Jenkins CI workflow or pipeline

OpenText Core SCA assumes you already have a Jenkinsfile in your repository, describing a declarative pipeline. You now need to add a new stage to this pipeline.

Add the following template to the file:

Commit your changes to Jenkinsfile and watch the CI run.

Last updated 17 days ago

Was this helpful?

pipeline { agent any environment { DEBRICKED_TOKEN = credentials('DEBRICKED_TOKEN') } stages { stage('Debricked Scan') { steps { script { // Inspiration taken from https://github.com/trustin/os-maven-plugin/blob/master/src/main/java/kr/motd/maven/os/Detector.java def osName = System.getProperty("os.name").toLowerCase(Locale.US).replaceAll("[^a-z0-9]+", "") if (osName.startsWith("linux")) { osName = "linux" } else if (osName.startsWith("mac") || osName.startsWith("osx")) { osName = "macOS" } else if (osName.startsWith("windows")) { osName = "windows" } else { osName = "linux" } // Default to linux def osArch = System.getProperty("os.arch").toLowerCase(Locale.US).replaceAll("[^a-z0-9]+", "") if (osArch.matches("(x8664|amd64|ia32e|em64t|x64)")) { osArch = "x86_64" } else if (osArch.matches("(x8632|x86|i[3-6]86|ia32|x32)")) { osArch = "i386" } else if (osArch.matches("(aarch_64)")) { osArch = "arm64" } else { osArch = "x86_64" } // Default to x86 64-bit println("OS detected: " + osName + " and architecture " + osArch) sh 'curl -LsS https://github.com/debricked/cli/releases/download/release-v2/cli_' + osName + '_' + osArch + '.tar.gz | tar -xz debricked' sh './debricked scan' } } } } }