Jenkins is an open-source automation tool that is widely used for continuous integration and continuous delivery (CI/CD) of software applications. Jenkins provides a web-based user interface that makes it easy to configure and manage jobs, which are automated tasks that can be scheduled to run at specific times or triggered by specific events. These jobs can be used to compile code, run tests, deploy applications, and perform many other tasks related to software development.
Some of the key features of Jenkins include:
Easy installation and setup
Jenkins is easy to install and configure and can be set up on a wide range
of operating systems and platforms.
Powerful job management
Jenkins allows you to create and manage jobs, which are automated tasks
that can be scheduled to run at specific times or triggered by specific
events. Jobs can be used to compile code, run tests, deploy applications,
and perform many other tasks related to software development.
Wide range of plugins and integrations
Jenkins has a large number of plugins and integrations available, which
allows it to work with many different tools and technologies. This makes
it highly customizable and flexible.
Support for pipelines
Jenkins provides strong support for pipelines, which are sets of stages
that define a software development workflow. Pipelines can be defined
using code, which makes them highly customizable and easy to version
Built-in testing support
Jenkins provides built-in support for many different types of tests,
including unit tests, integration tests, and functional tests. This makes
it easy to run tests as part of a continuous integration workflow,
ensuring that any code changes are thoroughly tested before being deployed
Jenkins can be easily scaled to support large development teams and
complex software development workflows.
Jenkins is open-source software, which means that it is free to use and
can be customized to meet the specific needs of your development team.
Codesigning Using Jenkins
Code signing is a procedure that verifies the legitimacy of the author and the originality and authenticity of digital information, particularly software code. It also ensures that the information is not malicious code. Additionally, it guarantees that this information has not been altered, falsified, or canceled after being digitally signed.
To perform codesigning using Jenkins go through the steps below.
Prerequisites for performing this task includes:
Jenkins Setup and Configured in your device
Signtool installed and configured
ECSigning KSP installed and configured.
To Setup and Configure Jenkins go through the link.
To Setup and Configure Signtool follow the steps below:
You can choose to install only the Windows SDK Signing Tools for Desktop Apps.
Open the winsdksetup.exe file. Remember the default path shown in the install path, as this will be helpful with running these commands from the command prompt.
On the Windows Kits Privacy page, either option for allowing Microsoft to collect insights is okay. Click next.
Accept the license agreement
Deselect every feature except for Windows SDK Signing Tools for Desktop Apps, then select install.
When prompted if you want to allow this app to make changes, select yes.
Click on windows search bar on task bar and type “Edit the system environment variables” and select the control panel option of the same name.
Click environment variables.
Before editing the variable list, navigate to where the Windows SDK is installed to using file explorer, you must copy the path of the folder which contains the signtool application, the default path is C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64, refer to the below screenshot. Make sure to right click and copy the path as shown. You can also see the signtool application at the bottom of the file list, this is the command you will run.
In the System Variables list, click new. Then type Path as the variable name, and copy and paste the aforementioned path. Then click OK on the environmentvariables window and systemproperties window.
To test the installation, open command prompt, and type signtool, and the output should be as shown below.
The default signtool installation location is, for example: C:\Program Files (x86)\Windows Kits\10\bin\10.0.22621.0\x64
To set up KSP follow the steps below:
Encryption Consulting provides you with this solution, CodeSignSecure. This solution can help you with tamper-proof storage for the keys and complete visibility and control of Code Signing activities. The private keys of the code-signing certificate can be stored in an HSM to eliminate the risks associated with stolen, corrupted, or misused keys.
If you’re using our solution you can download the KSP using the steps below:
Sign in to Code Sign Secure.
Navigate to: Signing tools repository.
Download “Encryption Consulting CNG-SigningKSP”
Install the client tools using the .MSI installer. The .MSI installer automates much of the configuration. Navigate to where the downloaded file is saved and launch the installer.
Click next when the installation wizard appears.
In the Username field, type admin.
In the Code field, copy the code from the Postman API Repository. Click on the GetLoginToken api and copy the code from the Body.
Download PostMan from this link. Once downloaded, click the skip button at the bottom of the window. Once on dashboard, add a new collection using the plus sign button next to collections.
GetLoginToken API (http://codesignsecureapi.encryptionconsulting.com/api/auth/GetLoginToken):
This is the most important API, as this gives you a Bearer Token to use with the rest of the APIs, What should be in the body is shown below. The code serves as a password in order to get a the Bearer Token, the user field is the username, and the identity type field specifices the user type. Click Send to generate an output which has the Bearer Token listed at the bottom. Copy this token for use.
Change the IdentityType to 1.
Leave API BaseURL the same.
You will then be notified that this program will make changes to your pc, click yes.
Installation is now complete.
Once Jenkins is setup, we will require administrative privilege to run the command for signtool. To see we have set the administrative privilege for Jenkins, and if we haven’t, to set those
Go to services on your system (You can just search for it)
Scroll down to Jenkins. There in the “Log on As” column, you can see the user account set up for Jenkins. If it’s set to anything (Local Service/System, Network Service/System) other than “.\Administrator”, then we have to set it for Administrator.
Double Click on Jenkins or Right Click > Properties to open Properties. Go to Log On.
Select “This Account”
Set it as “.\Administrator”. Give a password, preferably administrator password. Click on Apply once done.
Once we have set this we’ll now head to Jenkins. Whichever URL/hostname you specified earlier while setting up, navigating to that from your browser will lead you to Jenkins. In my system I have set it up as http://localhost:8080/ (It is also default).
In your Dashboard follow the steps below:
From Dashboard click on New Item.
Enter any item name and click on pipeline and click ok.
In configuration page, under General put up a description as your wish.
Scroll down to the bottom to find Pipeline.
Write the script in the script box and click on save. You’ll need to edit your environment variable as per your setup