Prisma Cloud Compute Edition 20.12 (Self-Hosted) | Continuous integration | Run Jenkins in a container

Welcome
- Welcome
- Releases
- Getting started
- Product architecture
- Support lifecycle
- Upcoming support lifecycle changes
- Licensing
- Prisma Cloud Enterprise Edition vs Compute Edition
- Utilities and plugins
Install
- Install
- Getting started
- System requirements
- Prisma Cloud container images
- Onebox
- Kubernetes
- OpenShift 4
- OpenShift 3.11
- VMware Tanzu Kubernetes Grid
- Docker Swarm
- Amazon ECS
- Windows
- Defender types
- Install Defender
Upgrade
- Upgrade
- Upgrade process
- Onebox
- Kubernetes
- OpenShift
- Helm charts
- Docker Swarm
- Amazon ECS
- Manually upgrade single Container Defenders
- Manually upgrade Defender DaemonSets
- Manually upgrade Defender DaemonSets (Helm)
- Manually upgrade Swarm Defender global service
Technology overviews
- Technology overviews
- Prisma Cloud Advanced Threat Protection
- App-specific network intelligence
- Container runtimes
- Radar
- Serverless Radar
- Prisma Cloud rules guide for Docker
- Defender architecture
- Telemetry
Configure
- Configure
- Rule ordering and pattern matching
- Disaster recovery
- Custom feeds
- Proxy configuration
- Custom certs for Console access
- Configure scan intervals
- User certificate validity period
- Enable HTTP access to Console
- Set different paths for Console and Defender (with daemon sets)
- Authenticate to Console with certificates
- Customize terminal output
- Collections
- Tags
- Logon Settings
- Reconfigure Prisma Cloud
- Subject Alternative Names
Authentication
- Authentication
- Log into Console
- Active Directory
- OpenLDAP
- OpenID Connect
- Okta (SAML 2.0)
- Google G Suite (SAML 2.0)
- Azure Active Directory (SAML 2.0)
- PingFederate (SAML 2.0)
- Active Directory Federation Services (SAML 2.0)
- GitHub (OAuth 2.0)
- OpenShift (OAuth 2.0)
- Active Directory Non-default UPN suffixes
- Compute user roles
- Assign roles
- Use custom certificates for authorization
- Credentials store
Vulnerability management
- Vulnerability management
- Vulnerability Explorer
- Vulnerability management rules
- Search CVEs
- Scan reports
- Customize image scanning
- Registry scanning
- Configuring registry scans
- Base images
- VM image scanning
- Code repository scanning
- Malware scanning
- Risk trees
- Detect vulnerabilities in unpackaged software
- CVSS scoring
- Google Cloud Container Builder
- Windows image scanning
- Serverless function scanning
- VMware Tanzu blobstore scanning
Compliance
- Compliance
- Compliance Explorer
- Manage compliance
- CIS Benchmarks
- Prisma Cloud compliance checks
- Serverless functions
- Windows compliance checks
- Custom compliance checks
- Trusted images
- Host scanning
- VM image scanning
- Detect secrets
- Cloud discovery
Runtime defense
- Runtime defense
- Runtime defense overview
- Runtime defense for processes
- Runtime defense for networking
- Runtime defense for file systems
- Runtime defense for hosts
- Custom runtime rules
- Blocked containers
- Import and export individual rules
- Discrete blocking
- Fargate
- Incident Explorer
- Incident types
Access control
- Access control
- Docker role-based access control
- Admission control
Continuous integration
- Continuous integration
- Jenkins plugin
- Jenkins Freestyle project
- Jenkins Maven project
- Jenkins Pipeline project
- Run Jenkins in a container
- Jenkins pipeline on K8S
- CloudBees Core pipeline on K8S
- Set policy in the CI plugins
Web-Application and API Security (WAAS)
- Web-Application and API Security (WAAS)
- Overview
- Deployment
- App Firewall
- API Protection
- DoS Protection
- Bot Protection
- Access Control
- Advanced Settings
- Analytics
Firewalls
- Firewalls
- Cloud Native Network Firewall (CNNF)
Secrets
- Secrets
- Secrets manager
- Integrate with a secrets store
- Secrets stores
- Inject secrets into containers
- Injecting secrets example
Alerts
- Alerts
- Alert mechanism
- AWS Security Hub
- Cortex XSOAR
- Email
- Google Cloud Pub/Sub
- Google Cloud SCC
- IBM Cloud Security Advisor
- JIRA
- PagerDuty
- ServiceNow Security Incident Response
- ServiceNow Vulnerability Response
- Slack
- Webhook
Audit
- Audit
- Event viewer
- Host activity
- Admin activity
- Annotate audits
- Delete audit logs
- Syslog and stdout integration
- Log rotation
- Throttling
- Prometheus
- Kubernetes auditing
Tools
- Tools
- twistcli
- Scan images with twistcli
- Install Console with twistcli
- Update offline environments
Deployment patterns
- Deployment patterns
- Projects
- Migration options for scale projects
- DNS and certificate management
- Caps
- Migrate to SaaS Console
- Performance planning
API
- API
- Stability guide
- Upcoming API changes in H1Y21 release
- Access the API
- Set up fresh Console
- Automate Defender install
- Manage compliance policies
- 20.12 porting guide
How-to guides
- Howto
- Configure an ECS load balancer
- Use Nginx Ingress Controller
- Configure the load balancer type for AWS EKS
- Deploy Defenders External to an OpenShift cluster
- Configure Console's listening ports
- Provision tenant projects OpenShift
- Setting up Istio
- Disable automatic learning
- Rolling Defender upgrades
- Review debug logs

1. Overview
2. Setting up and starting a Jenkins container

1. Overview

Running Jenkins inside a container is a common setup. This article shows you how to set up Jenkins to run in a container so that it can build and scan Docker images.

2. Setting up and starting a Jenkins container

To set up Jenkins to run in a container:

Prerequisite: You have already installed Docker on the host machine.

Create the following Dockerfile. It uses the base Jenkins image and sets up the required permissions for the jenkins user.

FROM jenkins/jenkins:lts

USER root
RUN apt-get update \
      && apt-get install -y sudo libltdl7 \
      && rm -rf /var/lib/apt/lists/*
RUN echo "jenkins ALL=NOPASSWD: ALL" >> /etc/sudoers

Build the image.
```
$ docker build -t jenkins_docker .
```

Run the Jenkins container, giving it access to the docker socket.

$ docker run -d -v /var/run/docker.sock:/var/run/docker.sock \
  -v $(which docker):/usr/bin/docker -p 8080:8080 jenkins_docker

Open a browser and navigate to <JENKINS_HOST>:8080.
Install the Prisma Cloud plugin.

For more information, see Jenkins plugin.