ise-hardened-docker-example ======
This is an example repo of docker image hardening Jenkins Pipeline.
How to setup a new CICD Pipeline for new Docker Image ------
Step1, Prepare git repo to host jenkins scripts:
- Duplicate this GitHub Repo, give it a name like
ise-hardened-${your-docker-image-descriptor} - Update
Dockerfile, put your source docker image atFROM, update other metadata.
Step2, Setup Jenkins pipeline in Consol
- Go to Jenkins Console ->
New Item-> ChoosePipelineorMultibranch Pipelineproject. - Configure Parameters:
- Click This Project is parameterized
- Add
artifactoryURL,artifactoryRegistry, ... parameters. Basically these parameters are the arguments defined in our jenkins shared library -hardenDockerImage.groovy. For full list of parameters, please check https://github.com/GSA/ise-jenkins-shared-library/blob/main/vars/hardenDockerImage.groovy
- Configure SCM:
- Pipeline -> Pipeline script from SCM -> Git, fill in Git URL, credentials, branch. You can define a parameter
gitBranchand use*/${gitBranch}inBranch Specifier input box-> setScript PathJenkinsfile -> UncheckLightweight Checkout(otherwise you cannot usegitBranchparameter to control what branch you want to build from.
- Pipeline -> Pipeline script from SCM -> Git, fill in Git URL, credentials, branch. You can define a parameter
Step3, Import Jenkins Shared Library into Jenkins System
Jenkins -> Manage Jenkins -> Configure System -> Search: Global Pipeline Libraries
Fill in https://github.com/GSA/ise-jenkins-shared-library url, it will load the latest jenkins shared library into the runtime, so you can start using those libraries in Jenkinsfile. Check "Load Implicitly" (if not check, you need to manually declare @Library("${LibraryName}") at begin of your Jenkinsfile).
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent