CONTROLLED DATA
Leidos Proprietary - US Citizens ONLY
The information contained herein is proprietary to Leidos, Inc. It may not be used, reproduced, disclosed, or exported without the written approval of Leidos.

SecDevOps provides a Docker per-build container (PBC) build agent with both Docker and the JFrog Command Line Interface (CLI). The JFrog CLI is useful if you are creating build plans in Bamboo and need to interface directly with Artifactory, but there are no available plug-ins that support your use case. Also, for security and simplicity use the JFrog CLI for Artifactory when downloading resources from Artifactory repositories that are required to perform a build, rather than curl or wget.

Step-by-step guide

Use Case 1: You are building a Docker PBC using the provided Docker build agent and need to copy resources into your image definition. For example, here is a Docker file snippet that requires a file called resources.zip that is located in Artifactory.

FROM base-image:1.0.0
COPY resources.zip .
RUN unzip resources.zip
...


Step

Description

 

1.

Add Command task to build plan.

2.

Provide a Task description.

 

3.

Select jfrog as the Executable

4.

Provide the command line Argument. For example:
rt download --flat=true sdo-generic-dev/atlassian/bamboo/atlassian-bamboo-agent-installer-6.6.3.jar atlassian-bamboo-agent-installer-6.6.3.jar
NOTE: When downloading individual files, it is useful to use the --flat=true option. Otherwise, the JFrog CLI will create a directory structure.

5.

Optionally provide Environment variables and a Working subdirectory.

6.

Save the task.

7.

Run the plan and verify that the resources are downloaded as expected and available for the build.

 


Use Case 2: You are building an artifact and require functionality not provided by any existing Bamboo plugin, for example: uploading Artifactory build-info and triggering a subsequent Xray scan of an uploaded Docker image. The table below extends the example use case from above.

Step

Description

 

1.

Add a task to push the Docker image.
NOTE: Unless the JFrog CLI is used to push the Docker image to the Artifactory repository, no build-info will be created.

 

 

 

 





 

2.

Provide a Task description.

3.

Select jfrog as the Executable

4.

Provide the command line Argument. For example:
rt docker-push sdo-docker.artifactory.sdodev.leidos.com/docker-pbc-build-agent:${bamboo.VERSION} sdo-docker --build-name=${bamboo.buildKey} --build-number=${bamboo.buildNumber}

5.

Optionally provide Environment variables and a Working subdirectory.

6.

Save the task.

7.

Add a task to publish the associated build-info created in steps 1 - 6.

 

 

 

 

 

8.

Provide a Task description.

9.

Select jfrog as the Executable

10.

Provide the command line Argument. For example:
rt build-publish ${bamboo.buildKey} ${bamboo.buildNumber}

11.

Optionally provide Environment variables and a Working subdirectory.

12.

Save the task.

13.

Add a task to scan the published build created in steps 7 - 12.

 

 

 

 

 

14.

Provide a Task description.

15.

Select jfrog as the Executable

16.

Provide the command line Argument. For example:
rt build-scan --fail=false ${bamboo.buildKey} ${bamboo.buildNumber}
NOTE: Set --fail-false if it is desirable not to fail the build if issues are found during the scan.

17.

Optionally provide Environment variables and a Working subdirectory.

18.

Save the task.

19.

Run the plan and verify that expected outcome.

 


 

Related articles




The information contained herein is proprietary to Leidos, Inc. It may not be used, reproduced, disclosed, or exported without the written approval of Leidos.
CONTROLLED DATA