Jenkins Integration for vcn

 

Jenkins Automation.2

 

The integration has 3 main steps in what otherwise can be labeled a 10 step process. The 3 main steps are:

 

Steps

  1. Configuration System level
    1. Configure vcn credentials system-wide in Jenkins
  2. Per build job
    1. Tie vcn credentials in from system configuration to local environment variables
    2. Sign asset
  3. Before deployment
    1. Run vcn verify with asset parameters

 

Step 1: System-level configuration

On the Home Screen, locate and click the Credentials link in the sidebar menu to expand the submenu beneath it.

 

001 Home Screen

 

Step 1.1

With the submenu opened up, go ahead and select the credentials type, in this case, select System.

 

001a Select Credentials - Jenkins Automation

 

Step 1.2

After selecting System, click Add Domain and notice the right-hand display shows ‘Global credentials (unrestricted)’. Click the link.

 

001b System Credentials - Jenkins Automation

 

Step 1.3

Create new credentials by selecting the Add Credentials option.

001c Create Credentials - Jenkins Automation

 

Step 2: Per build job

Now that you have the credential creation display opened, you will need to create your credential entries for your vcn keystore password, vcn user account, and vcn password.

 

002 Create Credential Entries - Jenkins Automation

 

Once you have all 3, your list of credentials should look something similar to the below.

 

003 List Credentials - Jenkins Automation

 

Step 2.1

Next, you will need login and to configure the build job environment for each build job you have. This is relatively simple. All you need to do is to tie the vcn credentials in from the system configuration to the local environment variables by setting the appropriate bindings.

 

004 Configure Build Job Environment - Jenkins Automation

 

After successfully setting your bindings, you will need to add a build job build step for signing your code with the vcn

application. Click on the ‘Add build step’ drop down and select ‘Execute shell.’

 

005 Add build job build step for signing - Jenkins Automation

 

Step 2.2

Next, after vcn login and entering your credentials in the CLI, you will need to configure your build step for vcn signing by typing in:

 

vcn s docker://gcr.io/vchain-ops/vcn:stable 

 

…in the Command field.

 

006 Configure build step for vcn signing_190703

 

Step 3: Before deployment

Lastly, you will need to execute this snippet in the deployment process:

 

~> vcn verify docker://gcr.io/vchain-ops/vcn:stable && your_deploy_script.sh

 

And that’s it. You’re now ready to have vChain CodeNotary provide a perpetually running integrity check into all of your Jenkins build deployment pipeline, as well as ensure you are participating in the latest DevSecOps best practices.

 

Sign up for a free trial and test the Jenkins integration out for yourself.

 

Yes, I Want to Test Drive CodeNotary