feat: Add yq

This commit is contained in:
Stefan Reimer 2022-02-03 19:29:47 +01:00
parent 71d7acca49
commit ec564ae510
3 changed files with 7 additions and 3 deletions

View File

@ -8,6 +8,7 @@ RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/reposit
&& apk --no-cache add \
tini \
make \
yq \
fuse-overlayfs \
podman \
buildah \

7
Jenkinsfile vendored
View File

@ -1,9 +1,10 @@
pipeline {
agent { node { label 'podman-aws-trivy' } }
stages {
stage('Prepare'){
// get tags
steps {
// get tags
sh 'git fetch --tags ${GIT_URL} +refs/heads/${BRANCH_NAME}:refs/remotes/origin/${BRANCH_NAME}'
}
}
@ -24,8 +25,8 @@ pipeline {
// Scan via trivy
stage('Scan'){
environment {
TRIVY_FORMAT = "template"
TRIVY_OUTPUT = "reports/trivy.html"
TRIVY_FORMAT = "template"
TRIVY_OUTPUT = "reports/trivy.html"
}
steps {
sh 'mkdir -p reports'

View File

@ -24,6 +24,8 @@ push:
podman tag $(REPOSITORY):latest $(REGISTRY)/$(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):latest
podman push $(REGISTRY)/$(REPOSITORY):$(TAG)
podman push $(REGISTRY)/$(REPOSITORY):latest
# Delete all untagged images
# aws ecr-public batch-delete-image --repository-name $(REPOSITORY) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(REPOSITORY) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)
scan:
trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG)