lxbfYeaa/LivecartaPipelinesSharedLibraries
1
0
Fork 0
forked from LiveCarta/LivecartaPipelinesSharedLibraries
Code Pull Requests Activity

Added function to run security scans of newly built images

Browse Source
This commit is contained in:
Artsiom Siamashka
2025-10-14 19:40:15 +02:00
parent c28b79c436
commit a2d2628da8
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
vars/secops.groovy Normal file
View File

@@ -0,0 +1,14 @@
def secScan(image) {
sh """
mkdir -p /var/jenkins_home/secscan_reports/${env.JOB_NAME}/
docker run \
-v ./trivy_cache:/root/.cache \
-v /var/run/docker.sock:/var/run/docker.sock \
aquasec/trivy \
-f template \
--template "@contrib/html.tpl" \
-o /dev/stdout \
image --exit-code 1 --severity HIGH,CRITICAL \
${image} > /var/jenkins_home/secscan_reports/${env.JOB_NAME}/secscan_report_$$(date +"%Y%m%d_%H%M%S")_${image}.html
"""
}