ZeroDownTime
/
jenkins-podman
3
0
Fork 0
Code Issues 1 Pull Requests 1 Projects Releases Wiki Activity

Merge commit '967f6a6e36848203d35e98763b918acd734b1955'
ZeroDownTime/jenkins-podman/pipeline/head This commit looks good Details

This commit is contained in:
Stefan Reimer 2022-02-14 13:36:05 +01:00
parent 6961b9517a 967f6a6e36
commit ea33ed4c5d
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.ci/podman.mk
View File

@ -26,7 +26,7 @@ scan: build
@echo "Scanning $(IMAGE):$(TAG) using Trivy" @echo "Scanning $(IMAGE):$(TAG) using Trivy"
@trivy $(TRIVY_OPTS) $(IMAGE):$(TAG) @trivy $(TRIVY_OPTS) $(IMAGE):$(TAG)
push: scan push: build
@aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY) @aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY)
@docker tag $(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):latest @docker tag $(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):latest
docker push $(REGISTRY)/$(IMAGE):$(TAG) docker push $(REGISTRY)/$(IMAGE):$(TAG)

5
.ci/vars/buildPodman.groovy
View File

@ -1,6 +1,6 @@
// Common container builder by ZeroDownTime // Common container builder by ZeroDownTime
def call(Map config) { def call(Map config=[:]) {
pipeline { pipeline {
agent { agent {
node { node {
@ -49,7 +49,7 @@ def call(Map config) {
] ]
// Scan again and fail on CRITICAL vulns // Scan again and fail on CRITICAL vulns
sh 'TRIVY_EXIT_CODE=1 TRIVY_SEVERITY=CRITICAL make scan' sh "[ \"${config.trivyFail}\" == \"NONE\" ] || TRIVY_EXIT_CODE=1 TRIVY_SEVERITY=${config.trivyFail} make scan"
} }
} }
@ -59,6 +59,7 @@ def call(Map config) {
sh 'make push' sh 'make push'
} }
} }
} }
} }
} }