Automating the Jenkins build enables an automated application build when changes occur in your source code repository. When Jenkins detects source code changes, the application is automatically built and scanned using the Black Duck Docker scan client.
Add the environment variable BD_HUB_PASSWORD in Manage Jenkins > Configure System > Global properties.
Source Code Management
For this example, configure the GIT repository as follows:
In this build triggers example, the GIT repository is polled every five minutes to detect changes.
Changes detected in the source code triggers the build. Add the following steps in Build > Add Build Step > Execute Shell:
#!/bin/bash set -e # Set current project PROJECT_ID=eng-dev # Set the latest image tag IMAGE_TAG=us.gcr.io/${PROJECT_ID}/redmine:${GIT_BRANCH#*/}-${GIT_COMMIT:0:7} # Set the Hub Url HUB_URL=bizdevhub.blackducksoftware.com # Set the Hub Scheme HUB_SCHEME=https # Build image echo "Docker build started" docker build -t $IMAGE_TAG . echo "Docker build completed" # Download the BlackDuck Hub scan client based on the OS and unzip it case "$OSTYPE" in darwin*) curl -LOk $HUB_SCHEME://$HUB_URL/download/scan.cli-macosx.zip ;; linux*) curl -LOk $HUB_SCHEME://$HUB_URL/download/scan.cli.zip ;; msys*) curl -LOk $HUB_SCHEME://$HUB_URL/download/scan.cli-windows.zip ;; *) echo "BlackDuck Scan client is unavailable for : $OSTYPE" ;; esac echo "Scan client download completed" unzip scan.cli*.zip echo "Scan client unzip done" # Call the BlackDuck Hub scan docker script cd scan.cli-*/bin echo "change directory done" ./scan.docker.sh --image $IMAGE_TAG --host $HUB_URL --username sysadmin --scheme $HUB_SCHEME --use-local echo "Scan completed" # remove zip file and folder cd ../.. rm -rf scan.cli-* echo "Removed the client files" # Push image gcloud docker -- push $IMAGE_TAG echo "GCloud docker push completed" # Remove the local image docker rmi $IMAGE_TAG echo "Removed local docker image" |
After this step, the scans automatically upload to Black Duck.