> For the complete documentation index, see [llms.txt](https://docs.ox.security/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.ox.security/scan-and-analyze-with-ox/scanning/scanning-ci-cd-pipelines/integrating-source-control-platforms/direct-source-control-pipeline-integration/jenkins.md).

# Jenkins

OX Security integrates with Jenkins to scan Docker-based builds for security issues.

To scan pull requests before they are merged, you must configure Jenkins to provide source and target branch information in the pipeline.

### Prerequisites

* **Docker support:** Jenkins must be able to run Docker containers.
* **Git information:** Jenkins must use the Git plugin or be manually configured to provide commit and branch details.

### Required environment variables

| Variable      | Description                                                                                                                                                                                                       |
| ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `OX_API_KEY`  | [The OX Security integration key.](/scan-and-analyze-with-ox/scanning/scanning-ci-cd-pipelines/integrating-source-control-platforms/direct-source-control-pipeline-integration/creating-ci-cd-integration-key.md) |
| `OX_HOST_URL` | The OX platform URL (only if using an on-premise installation).                                                                                                                                                   |
| `GIT_URL`     | The repository URL. Provided by the Git plugin or entered manually.                                                                                                                                               |
| `GIT_COMMIT`  | The commit SHA. Provided by the Git plugin or replaced with `OX_COMMIT_SHA`.                                                                                                                                      |
| `GIT_BRANCH`  | The branch name. Provided by the Git plugin or replaced with `OX_SOURCE_BRANCH`.                                                                                                                                  |

### Optional environment variables

| Variable               | Description                                                                          |
| ---------------------- | ------------------------------------------------------------------------------------ |
| `OX_TARGET_BRANCH`     | The target branch name. Recommended when running scans before merging pull requests. |
| `OX_OVERRIDE_BLOCKING` | Set to `true` to override stage failure caused by blocking issues.                   |
| `OX_TIMEOUT`           | Maximum duration of the scan, in minutes.                                            |
| `OX_FAIL_ON_TIMEOUT`   | Set to `true` to fail the stage if a scan times out.                                 |
| `OX_FAIL_ON_ERROR`     | Set to `true` to fail the stage if a system or network error occurs.                 |

### Advanced environment variables

| Variable                    | Description                                                                                                  |
| --------------------------- | ------------------------------------------------------------------------------------------------------------ |
| `OX_DISABLE_SSL_VALIDATION` | Set to `true` to disable SSL certificate validation for self-signed certificates in on-premise environments. |

### Integration example (`Jenkinsfile`)

```groovy
pipeline {
    agent any

    stages {
        stage('OX Security Scan') {
            agent {
                docker {
                    alwaysPull true
                    image 'oxsecurity/ox-block-mode:latest'
                }
            }

            environment {
                OX_API_KEY = credentials('ox-api-key')
                // OX_COMMIT_SHA = 6f3f6a038baa67b40f12d0692e75c40ad49a986e
                // OX_SOURCE_BRANCH = development
                // OX_TARGET_BRANCH = main
                // OX_OVERRIDE_BLOCKING = false
                // OX_TIMEOUT = 20
                // OX_FAIL_ON_TIMEOUT = false
                // OX_FAIL_ON_ERROR = false
            }

            steps {
                script {
                    sh 'ox-block-mode'
                }
            }
        }
    }
}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ox.security/scan-and-analyze-with-ox/scanning/scanning-ci-cd-pipelines/integrating-source-control-platforms/direct-source-control-pipeline-integration/jenkins.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.