Integrating with Jenkins Builds

Last updated last month

To integrate Jenkins builds with ShiftLeft and automate code analysis, configure each Jenkins project to execute the sl analyze (or sl analyze --cpg) shell command.

Jenkins Integration Options

There are two ways to integrate with Jenkins: by configuring a final build step or post build task for each Jenkins project you want to submit for analysis to ShiftLeft.

Configuration Option

Description

Final Build Step

Edit the project build configuration and add the sl analyze (or sl analyze --cpg) shell command as a final build step.

Post Build Task

Install the Hudson Post Build Task Plugin plugin and add the sl analyze (or sl analyze --cpg) shell command as a post build task.

Jenkins Integration Prerequisites

The requirements for integrating Jenkins application builds are as follows:

  • Jenkins installation version 2.78 or later

  • Supported application and build tool (see code analysis requirements)

  • Familiarity with ShiftLeft Workflow

  • ShiftLeft account credentials: Organization ID and Upload Token

    Initially these credentials will be provided to you by ShiftLeft. Once you have established your account you can copy them from the My Profile page at the ShiftLeft Dashboard.

Get ShiftLeft Account Credentials

Jenkins Integration Instructions

  1. Install the ShiftLeft CLI on the host where Jenkins is installed.

  2. Log in to Jenkins as an administrator.

  3. Select Manage Jenkins > Configure System > Global properties.

  4. Select (check) Environment variables and create the following:

    • Name: SHIFTLEFT_ORG_ID| Value: Paste your Organization ID

    • Name: SHIFTLEFT_UPLOAD_TOKEN| Value: Paste your Upload Token

Adding Jenkins environment variables for ShiftLeft authentication
  1. Configure each Jenkins project you want to analyze using one of the following approaches:

For basic Jenkins administration you can set and inject build env vars as described above. For advanced Jenkins administration, you can use Jenkins secret store to inject the ShiftLeft credentials into builds. Refer to the Jenkins documentation for details.

Jenkins Integration Demo

Here is a quick video (~ 2 minutes) that demonstrates how to integrate ShiftLeft with an existing Jenkins freestyle project using the final build step approach: https://youtu.be/bI1GATsD5mc.