update Jenkinsfile

Jenkinsfile

@@ -103,8 +103,7 @@ pipeline {
                          // Scan container for all vulnerability levels
                          echo "Scanning for all vulnerabilities..."
                          sh 'mkdir -p reports'
-                         //sh 'docker pull ${maintainer}/${imagename}:${tag}'
-                         sh 'trivy image --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template \'@html.tpl\' -o reports/container-scan.html ${maintainer}/${imagename}:${tag}'
+                         sh "trivy image --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH --no-progress --security-checks vuln --format template --template '@html.tpl' -o reports/container-scan.html ${maintainer}/${imagename}:${tag}"
                          publishHTML target : [
                              allowMissing: true,
                              alwaysLinkToLastBuild: true,
@@ -118,7 +117,7 @@ pipeline {
                          // Scan again and fail on CRITICAL vulns
                          //below can be temporarily commented to prevent build from failing
                          echo "Scanning for CRITICAL vulnerabilities only (fatal)..."
-                         sh 'trivy image --ignore-unfixed --vuln-type os,library --exit-code 1 --severity CRITICAL ${maintainer}/${imagename}:${tag}'
+                         sh "trivy image --ignore-unfixed --vuln-type os,library --exit-code 1 --severity CRITICAL ${maintainer}/${imagename}:${tag}"
                          //echo "Skipping scan for CRITICAL vulnerabilities (temporary)..."
                    } catch(error) {
                            def error_details = readFile('./debug');