-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJenkinsfile
More file actions
69 lines (64 loc) · 2.39 KB
/
Jenkinsfile
File metadata and controls
69 lines (64 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
pipeline {
agent any
stages {
stage('Checkout Scm') {
steps {
git branch: 'main', credentialsId: 'Kadkins-Sysdig-Jenkins-Test1', url: 'https://github.com/kadkins-sysdig/SpringHelloWorld.git'
}
}
stage('Add Mutator File') {
steps {
sh '''echo $RANDOM | md5sum > $WORKSPACE/src/main/resources/mutator'''
sh '''cat $WORKSPACE/src/main/resources/mutator'''
}
}
stage('Maven Build') {
steps {
sh 'mvn package'
}
}
stage('Docker Build') {
steps {
script {
docker.build("test-freestyle:1.${BUILD_NUMBER}")
}
}
}
stage('Generate Sysdig Secure Images File') {
steps {
sh 'echo "test-freestyle:1.${BUILD_NUMBER} Dockerfile" > $WORKSPACE/sysdig_secure_images'
}
}
stage('Sysdig Secure Image Scan') {
/*
environment {
http_proxy = "http://10.0.1.83:8887/"
https_proxy = "http://10.0.1.83:8887/"
no_proxy = "127.0.0.1,localhost,10.0.1.0/24,10.0.10.0/24"
DOCKER_HOST = "unix:///var/run/docker.sock"
}
*/
steps {
script{
/*
env.http_proxy
env.https_proxy
env.no_proxy
env.DOCKER_HOST
sh 'printenv | sort'
*/
echo "SysDig Scan"
/* OLD ENGINE
sysdig bailOnFail: true, bailOnPluginFail: true, engineCredentialsId: 'sysdig-secure-api-credentials', engineurl: 'https://secure.sysdig.com', forceScan: false, name: 'sysdig_secure_images', inlineScanning: true
*/
/* NEW ENGINE */
sysdigImageScan cliVersionToApply: 'global_default', inlineScanExtraParams: '--loglevel=debug', bailOnFail: true, bailOnPluginFail: true, engineCredentialsId: 'sysdig-secure-api-credentials', engineurl: 'https://secure.sysdig.com', imageName: "test-freestyle:1.${BUILD_NUMBER}"
/* */
/* OLD
sysdigImageScan inlineScanExtraParams: '--loglevel=debug', bailOnFail: false, bailOnPluginFail: false, engineCredentialsId: 'sysdig-secure-api-credentials', engineURL: 'https://secure.sysdig.com', forceScan: false, imageName: "test-freestyle:1.${BUILD_NUMBER}", inlineScanning: true
*/
}
}
}
}
}