This article explains the process of integrating CI/CD build platforms with Aqua. Once a build platform is integrated, Aqua scans all the configurations in the platform using the checks defined by Aqua and detects any security issues such as misconfigurations in the platform. For example, Aqua checks whether source code can be modified by bad actors and malicious processes during application build in the CI/CD flow or a Jenkins job can perform sensitive actions and is granted high level access.

These security issues are displayed in the Tool Chain page > Build category in the form of failed checks. 

Current Limitation

Aqua currently supports integrating with Jenkins build platform; integrating with more build platforms will be supported in future.

Integrate a build platform

  1. Navigate to the Integrations page.
  2. On the top right side of the page, click Connect and select Build Platforms. The build platform integration page appears.

       3. Select the build platform that you want to integrate. Integration Instructions section appears.

       4. Click Aqua Jenkins Plugin button to download the Jenkins plugin that you want to install in the Jenkins build platform.

       5. Install the downloaded Aqua plugin in the Jenkins build platform by following instructions in the Jenkins document, Managing Plugins > Advanced installation.

       6. Add the following Aqua variables to the Jenkins Global Credentials:

  • AQUA_KEY=<Aqua Key>
  • AQUA_SECRET=<Aqua Secret>

      7. Click Done. This section shows only the integration instructions that should be performed in Jenkins by referring to the Jenkins documentation added in steps #5 and #6 above.