forked from LiveCarta/LivecartaPipelinesSharedLibraries
18 lines
682 B
Groovy
18 lines
682 B
Groovy
def secScan(script, image) {
|
|
def reportDir = "/var/jenkins_home/secscan_reports/${script.env.JOB_NAME}/"
|
|
def imageName = image.split("/").last().replaceAll("[:/]", "_")
|
|
def timestamp = new Date().format("yyyyMMdd_HHmmss")
|
|
def reportName = "secscan_report_${imageName}_${timestamp}.html"
|
|
sh """
|
|
mkdir -p ${reportDir}
|
|
docker run \
|
|
-v ./trivy_cache:/root/.cache \
|
|
-v /var/run/docker.sock:/var/run/docker.sock \
|
|
aquasec/trivy \
|
|
-f template \
|
|
--template "@contrib/html.tpl" \
|
|
-o /dev/stdout \
|
|
image --exit-code 1 --severity HIGH,CRITICAL \
|
|
${image} > ${reportDir}/${reportName}
|
|
"""
|
|
} |