feat: Add yq

2022-02-03 19:29:47 +01:00 · 2022-02-03 19:29:47 +01:00 · ec564ae510
commit ec564ae510
parent 71d7acca49
3 changed files with 7 additions and 3 deletions
--- a/1
+++ b/1
@ -8,6 +8,7 @@ RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/reposit
    && apk --no-cache add \
    tini \
    make \
+    yq \
    fuse-overlayfs \
    podman \
    buildah \
--- a/7
+++ b/7
@ -1,9 +1,10 @@
 pipeline {
  agent { node { label 'podman-aws-trivy' } }
+
  stages {
    stage('Prepare'){
+        // get tags
        steps {
-	    // get tags
            sh 'git fetch --tags ${GIT_URL} +refs/heads/${BRANCH_NAME}:refs/remotes/origin/${BRANCH_NAME}'
        }
    }
@ -24,8 +25,8 @@ pipeline {
    // Scan via trivy
    stage('Scan'){
        environment { 
-	    TRIVY_FORMAT = "template"
-	    TRIVY_OUTPUT = "reports/trivy.html"
+            TRIVY_FORMAT = "template"
+            TRIVY_OUTPUT = "reports/trivy.html"
        }
        steps {
            sh 'mkdir -p reports'
--- a/2
+++ b/2
@ -24,6 +24,8 @@ push:
 	podman tag $(REPOSITORY):latest $(REGISTRY)/$(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):latest
 	podman push $(REGISTRY)/$(REPOSITORY):$(TAG)
 	podman push $(REGISTRY)/$(REPOSITORY):latest
+	# Delete all untagged images
+	# aws ecr-public batch-delete-image --repository-name $(REPOSITORY) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(REPOSITORY) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)

 scan:
 	trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG)