Skip to content

Commit

Permalink
tune jenkins settings
Browse files Browse the repository at this point in the history
  • Loading branch information
@pcaskey
pcaskey committed Aug 16, 2022
1 parent ad1d85c commit 2ed493d
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions Jenkinsfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ node('docker') {

// Scan container for all vulnerability levels
sh 'mkdir -p reports'
sh "trivy image --ignore-unfixed --vuln-type os,library --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan.html ${maintainer}/${imagename}:latest"
sh "trivy image --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan.html ${maintainer}/${imagename}:latest"
publishHTML target : [
allowMissing: true,
alwaysLinkToLastBuild: true,
Expand All @@ -95,7 +95,7 @@ node('docker') {
]

// Scan again and fail on CRITICAL vulns
sh 'trivy image --ignore-unfixed --vuln-type os,library --exit-code 1 --severity CRITICAL ${imagename}:${tag}'
sh 'trivy image --ignore-unfixed --vuln-type os,library --exit-code 1 --severity CRITICAL ${maintainer}/${imagename}:latest'
} catch(error) {
def error_details = readFile('./debug');
def message = "BUILD ERROR: There was a problem scanning ${imagename}:${tag}. \n\n ${error_details}"
Expand Down

0 comments on commit 2ed493d

Please sign in to comment.