Integrating with Jenkins
Manifest CLI is a tool that can be used to generate SBOMs and publish them into the Manifest Platform. Here's how you can integrate it with Jenkins.
Prerequisites
- A Jenkins environment
- A user account with permissions to create and manage pipelines
- A Manifest account with the necessary permissions to publish SBOMs
- A Manifest API key
Adding Manifest CLI to Your Pipeline
If your Jenkins pipeline config is not already managed by source code, go into your Jenkins project, and click into the Configure section. You can add this example into your Pipeline section of the configure page.
This is an entire pipeline config that you can paste in as a single pipeline file. If you already have other pipeline steps, you can copy out every line within the node section, ensuring that you set the environment path and use the two steps that install the CLI and generate the SBOM.
node {
//Set the path so the Manifest CLI can function properly
env.PATH = "${env.WORKSPACE}/bin:${env.HOME}/.local/bin:${env.PATH}"
stage('Preparation') {
// Checkout a repository
git branch: 'main', url: 'https://github.com/facebook/react.git'
}
stage('Install Manifest CLI') {
// Install the Manifest CLI
sh 'curl -sSfL https://raw.githubusercontent.com/manifest-cyber/cli/main/install.sh | sh -s'
// Install the Dependencies for the CLI
sh 'manifest-cli install -g syft -d ./bin'
}
stage('Generate and Upload SBOM') {
//Generate Only
sh 'manifest-cli sbom -f bom.json -n "Sample React Repo" ./'
//Generate and Upload
//sh './bin/manifest-cli sbom -f bom.json -n "Sample React Repo" -k <MANIFEST_API_KEY> ./'
}
}
Updated 3 days ago