Jenkins

You can integrate your Jenkins pipeline with Debricked, so that a vulnerability scan is performed every time the pipeline is triggered. Just like our other CI integrations, it should only take a couple of minutes to configure!

We assume you already have a Jenkinsfile in your repository, describing a declarative pipeline. You now need to add a new stage to this pipeline. See below for an example of a full Jenkinsfile, with a single Vulnerability scan stage in the pipeline.

pipeline {
    agent none

    stages {
        stage('Vulnerability scan') {
            environment {
                DEBRICKED_CREDENTIALS = credentials('debricked-creds')
            }

            agent {
                docker {
                    image 'debricked/debricked-cli'
                    args '--entrypoint="" -v ${WORKSPACE}:/data -w /data'
                }
            }
            steps {
                sh 'bash /home/entrypoint.sh debricked:scan "$DEBRICKED_CREDENTIALS_USR" "$DEBRICKED_CREDENTIALS_PSW" example-jenkins "$GIT_COMMIT" null cli'
            }
        }
    }
}

You will need to modify the example-jenkins string to be the name of your current project. This name will be your repository name inside the debricked tool.

Next, you need to create the debricked-creds credentials, which will be used by the pipeline. Inside Jenkins, go to Credentials, and add a new credential in the correct folder. Create a new credential with Kind set to "Username with password". Set the username to be your email used to register with Debricked, and enter your password. As ID, enter debricked-creds. See the image below:

Now, commit your Jenkinsfile, and your pipeline should run a vulnerability scan whenever your pipeline triggers.