In a bid to introduce more control and flexibility, Jenkins merged the legacy workflow aggregator plugin into its core automation scheduler for all versions 2.0+ earlier this year. This pipeline functionality helps make the overall deployment cycle more durable and extensible with added agility in each step.
At Jenkins World 2016, Jenkins released figures showcasing a three-fold rise in adoption of their 2.0+ pipeline, paving the need for Black Duck to add a security and compliance layer around this new orchestration scheme. The Black Duck Hub plugin for Jenkins now supports Jenkins 2.0 and the pipeline functionality.
The Black Duck Hub plugin allows our users to run a post-build Hub scan with the goal of enforcing secure & compliant releases. The plugin leverages the Hub’s policy management module. Specifically, it includes a robust rules engine that can be configured at the enterprise level and can be enforced at different stages in the SDLC including the build stage. This Hub plugin also features an intuitive risk report to showcase build results for build managers. This removes the need for installing and monitoring multiple systems in a release job and helps the company stay agile all through ‘Dev’ into ‘Ops’ and reach markets faster than anticipated.
If you haven’t already, try the Black Duck Hub and explore how our solution helps bridge the gap between ‘Dev’ and ‘Ops.’ And please join me on October 25 at 10 AM ET for this webinar on automating security and license compliance in agile DevOps environments. I'll be covering:
- Automating and managing open source security as part of the SDLC
- Defining and implementing custom policies that prevent potential open source risks
- Issue management and remediation workflow, with ideas on how going left translates into greater savings