ci: more Jenkins fixes
This commit is contained in:
parent
d3a95d6e0d
commit
21361d6a12
@ -23,7 +23,7 @@ RUN mkdir -p /var/lib/shared/overlay-images /var/lib/shared/overlay-layers \
|
||||
/var/lib/shared/vfs-images/images.lock /var/lib/shared/vfs-layers/layers.lock
|
||||
|
||||
# Trivy html template
|
||||
ADD --chown=jenkins:jenkins html.tpl /home/jenkins/agent
|
||||
ADD --chown=jenkins:jenkins html.tpl /home/jenkins
|
||||
|
||||
# Make docker in Jenkinsfiles work
|
||||
RUN ln -s /usr/bin/podman /usr/bin/docker
|
||||
|
10
Jenkinsfile
vendored
10
Jenkinsfile
vendored
@ -2,19 +2,21 @@ pipeline {
|
||||
// agent { node { label 'podman && trivy && aws' } }
|
||||
agent { node { label 'podman' } }
|
||||
stages {
|
||||
// Build using rootless podman
|
||||
stage('Build'){
|
||||
steps {
|
||||
sh 'make build'
|
||||
}
|
||||
}
|
||||
|
||||
// Scan via trivy
|
||||
stage('Scan'){
|
||||
environment {
|
||||
TRIVY_TEMPLATE = "@${env.JENKINS_AGENT_WORKDIR}/html.tpl"
|
||||
TRIVY_TEMPLATE = "@${env.HOME}/html.tpl"
|
||||
TRIVY_FORMAT = "template"
|
||||
TRIVY_OUTPUT = "reports/trivy.html"
|
||||
}
|
||||
steps {
|
||||
// Scan via trivy
|
||||
sh 'mkdir -p reports'
|
||||
sh 'env'
|
||||
sh 'make scan'
|
||||
@ -33,9 +35,11 @@ pipeline {
|
||||
sh 'TRIVY_EXIT_CODE=1 TRIVY_SEVERITY=CRITICAL make scan'
|
||||
}
|
||||
}
|
||||
|
||||
// Push to ECR
|
||||
stage('Push'){
|
||||
steps {
|
||||
sh 'echo make push'
|
||||
sh 'make push'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user