Included new engine Jenkins details (#33)

e-minguez · web-flow · commit 72e5ffe75d91 · 2022-10-18T12:53:38.000+02:00
diff --git a/jenkins/new-scan-engine/Jenkinsfile-jenkins-plugin b/jenkins/new-scan-engine/Jenkinsfile-jenkins-plugin
@@ -0,0 +1,17 @@
+stages {
+    stage('Checkout') {
+        steps {
+            checkout scm
+        }
+    }
+    stage('Build Image') {
+        steps {
+            sh "docker build -f Dockerfile -t ${params.DOCKER_REPOSITORY} ."
+        }
+    }
+    stage('Scanning Image') {
+        steps {
+            sysdigImageScan engineCredentialsId: 'sysdig-secure-api-credentials', imageName: "${params.DOCKER_REPOSITORY}"
+        }
+    }
+}
diff --git a/jenkins/new-scan-engine/Jenkinsfile-sysdig-cli-scanner b/jenkins/new-scan-engine/Jenkinsfile-sysdig-cli-scanner
diff --git a/jenkins/new-scan-engine/README.md b/jenkins/new-scan-engine/README.md
@@ -1,3 +1,33 @@
-# Build and scan example
+# Jenkins image scanning
 
-This [example pipeline](Jenkinsfile) shows how to download and execute the new inline scanner to scan an image.
+There are two different approaches if using Jenkins to scan container images for vulnerabilities with Sysdig Secure:
+
+* Using the `sysdig-cli-scanner` binary
+* Using the Sysdig Secure Jenkins Plugin
+
+## Using sysdig-cli-scanner
+
+This [example pipeline](Jenkinsfile-sysdig-cli-scanner) shows how to download and execute the new inline scanner to scan an image.
+
+It requires to configure a Jenkins credential `sysdig-secure-api-credentials` to store the Sysdig Token (as password)
+
+![Screenshot of Jenkins UI](https://github.com/jenkinsci/sysdig-secure-plugin/raw/main/docs/images/SysdigTokenConfiguration.png)
+
+Then the scan is performed by downloading the `sysdig-cli-scanner` tool against the `mongo-express:0.54.0` example image.
+
+For a more elaborated example, see the [GitHub](../../github/new-scan-engine/README.md) example.
+
+## Sysdig Secure Jenkins plugin
+
+The [Sysdig Secure Jenkins plugin](https://plugins.jenkins.io/sysdig-secure/) can be used in a Pipeline job, or added as a build step to a Freestyle job to automate the process of running an image analysis, evaluating custom policies against images, and performing security scans.
+
+See more information at the plugin page: https://plugins.jenkins.io/sysdig-secure/
+
+The [example pipeline](Jenkinsfile-jenkins-plugin) shows how to use it to build and scan a container image.
+
+## Prerequisites
+
+Both approaches require a couple of things:
+
+* A valid Sysdig Secure API token
+* Have access to the image storage, either to the local storage where the image was created or to the registry where it is stored.
