This guide shows how to integrate Jenkins Code Signing with the KMES Series 3.

This section provides useful terms, definitions, and concepts for this integration.

A plugin implements one or more build steps for consumption by a pipeline or project. By convention, though, a plugin generally implements only one build step to support separation.

A pipeline is essentially a set of configurable build-steps. This terminology generally refers to the Pipeline plugin in general.

A build step is the fundamental building block of build automation in Jenkins. Everything that performs an action in your project is a build step. Everything from pulling from git to notifying users that a build is complete is a build step.

In relation, a stage is a logical grouping of those build steps. For example, you can skip the Test stage, but you must specify individual build steps to skip over. It also helps you visualize progress for consumers of the build results. Stages are not a required part of a pipeline and are strictly logical.

Pipeline scripting comes in the following forms:

Without the FXCL Jenkins plugin, the existing Jenkins code signing plugins have no approval process. The resulting signature must be given immediately, or failure occurs. When you submit a request to sign, it fails because there is no time for approval to occur. There's also no way to query for the same request by using something like Jarsigner, which relies on PKCS11. The FXCL Jenkins Plugin accomplishes the following tasks:

This guide shows you how to perform the following tasks:

The following sections show you how to perform these tasks.