Skip to main content

Demo: Run valint on a Sample project

Before you begin

Integrating Scribe Hub with Jenkins requires the following credentials that are found in the product setup dialog (In your Scribe Hub go to Home>Products>[$product]>Setup). If you choose not to create a new product at this time you can use the credentials for the Demo Product present in you Products page.

  • product key
  • client id
  • client secret

Note that the product key is unique per product, while the client id and secret are unique for your account.

Run Valint on a Sample Project

Try out Scribe with our sample open-source Node.js project by following these steps:

  1. Go to
  1. Set the following keys with the corresponding credential values obtained from Scribe as environment variables:

    export CLIENT_ID=<client-id>
    export PRODUCT_KEY=<product-key>
    export CLIENT_SECRET=<client-secret>
  2. Using a Shell-based CLI, download the valint CLI tool, created by Scribe:

    curl -sSfL  | sh -s -- -t valint
  3. Clone the sample project from GitHub

    git clone
  4. Run valint locally to collect hash value evidence of the source code files

    $HOME/.scribe/bin/valint bom dir:image-demo --product-key=$PRODUCT_KEY \
    --scribe.client-id=$CLIENT_ID \
    --scribe.client-secret=$CLIENT_SECRET -E -f -v
  5. Build a Docker image for the project

    cd image-demo
    docker build -t image-demo .
  6. Run valint locally to collect hash value evidence about your docker image

    $HOME/.scribe/bin/valint bom image-demo:latest --product-key=$PRODUCT_KEY \
    --scribe.client-id=$CLIENT_ID \
    --scribe.client-secret=$CLIENT_SECRET -E -f -v
  7. When valint is done, check out your your Scribe Hub Home>Products>[$product] page and you'll see a new build being updated. Clicking on that build will allow you to review the integrity information and SBOM for the new build you have just uploaded.