feat: Add yq
This commit is contained in:
parent
71d7acca49
commit
ec564ae510
@ -8,6 +8,7 @@ RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/reposit
|
||||
&& apk --no-cache add \
|
||||
tini \
|
||||
make \
|
||||
yq \
|
||||
fuse-overlayfs \
|
||||
podman \
|
||||
buildah \
|
||||
|
7
Jenkinsfile
vendored
7
Jenkinsfile
vendored
@ -1,9 +1,10 @@
|
||||
pipeline {
|
||||
agent { node { label 'podman-aws-trivy' } }
|
||||
|
||||
stages {
|
||||
stage('Prepare'){
|
||||
// get tags
|
||||
steps {
|
||||
// get tags
|
||||
sh 'git fetch --tags ${GIT_URL} +refs/heads/${BRANCH_NAME}:refs/remotes/origin/${BRANCH_NAME}'
|
||||
}
|
||||
}
|
||||
@ -24,8 +25,8 @@ pipeline {
|
||||
// Scan via trivy
|
||||
stage('Scan'){
|
||||
environment {
|
||||
TRIVY_FORMAT = "template"
|
||||
TRIVY_OUTPUT = "reports/trivy.html"
|
||||
TRIVY_FORMAT = "template"
|
||||
TRIVY_OUTPUT = "reports/trivy.html"
|
||||
}
|
||||
steps {
|
||||
sh 'mkdir -p reports'
|
||||
|
2
Makefile
2
Makefile
@ -24,6 +24,8 @@ push:
|
||||
podman tag $(REPOSITORY):latest $(REGISTRY)/$(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):latest
|
||||
podman push $(REGISTRY)/$(REPOSITORY):$(TAG)
|
||||
podman push $(REGISTRY)/$(REPOSITORY):latest
|
||||
# Delete all untagged images
|
||||
# aws ecr-public batch-delete-image --repository-name $(REPOSITORY) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(REPOSITORY) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)
|
||||
|
||||
scan:
|
||||
trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG)
|
||||
|
Loading…
Reference in New Issue
Block a user