Red Hat SummitChapter 4. Configuring RHADS - SSC to use built-in Jenkins libraries
By default Red Hat Advanced Developer Suite - software supply chain (RHADS - SSC) uses dynamically loaded Jenkins libraries. While dynamically loading provides flexibility, using built-in Jenkins libraries offer improved stability, security, and traceability during builds. Configuring RHADS - SSC to use built-in libraries instead of dynamically loaded ones allows for better Enterprise Contract attestations and enhanced build verification.
Prerequisites
Before making changes, ensure that:
- You have administrator access to the Jenkins instance in RHADS - SSC.
-
You have the Jenkins library git repo URL. For example,
https://github.com/redhat-appstudio/tssc-sample-jenkins. You can find the Git repository URL in the default RHADS - SSC Jenkins CI source repository. -
You have permissions to modify the
Jenkinsfile.
4.1. Define the built-in library in Jenkins
Procedure
- Log in to Jenkins and navigate to Manage Jenkins > System.
- Locate the Global Trusted Pipeline Libraries section.
Click Add and define the new library with the following parameters:
- Name: <your-library-name>
- Default version: Set to a specific branch or commit reference. For example, v1.6.
- Allow default version to be overridden: (Optional) Select this option to restrict users to a specific version of the Jenkins library. This ensures that the users cannot select a different version.
- Include @Library changes in your recent changes: Select this option to track modifications made to the shared library. This feature helps users understand changes that might affect their builds.
Retrieval method: Select Modern SCM.
- From the Source Code Management drop-down list, select Git.
-
In the Project Repository field, enter the Jenkins library URL. For example,
https://github.com/redhat-appstudio/tssc-sample-jenkins. - Select Fresh clone per build, to ensure each build fetches a clean copy of the library.
- Select Save.
4.2. Modify the Jenkins pipeline to use the built-in library
Procedure
- Navigate to your Jenkins CI source repository, For example, https://github.com/redhat-appstudio/tssc-sample-templates/blob/main/skeleton/ci/source-repo/jenkins.
-
Select
Jenkinsfilein edit mode. Replace the dynamic library loading with the
@Libraryannotation.Expand Replace this With this library identifier: 'RHADS - SSC_Jenkins@main', retriever: modernSCM( [$class: 'GitSCMSource', remote: 'https://github.com/redhat-appstudio/tssc-sample-jenkins.git'])
@Library('RHADS - SSC_Jenkins@v1.6') _
- Save and commit the updated Jenkinsfile.
4.3. Use the configured Jenkins library
Procedure
- In your Jenkins instance, navigate to your project.
- Select Build Now to trigger a new build.
Verification
- Check the Jenkins build logs to confirm that the built-in library is loaded instead of dynamically retrieving dependencies.
- Validate that Enterprise Contract attestations now reflect a built-in library.
- Verify the library name, retrieval method, and pipeline script if any error occur.
4.4. Applying changes to one or all RHADS - SSC templates
Depending on your use case, you can apply this configuration to one RHADS - SSC template or all RHADS - SSC templates in Red Hat Developer Hub (RHDH).
- To apply this change to a single template: Modify only the specific pipeline template used in your project. This ensures that only this pipeline uses the built-in Jenkins library, while others continue using dynamic loading.
- To apply this change to all RHADS - SSC templates in RHDH: Update the global RHADS - SSC template configuration to reference the built-in library instead of dynamically loaded ones. This ensures consistency across all RHADS - SSC pipelines.
Applying this change globally may impact all builds using RHADS - SSC. Ensure that the built-in library is correctly defined and tested before making this change across all templates.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}