-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile-pre-registry
67 lines (66 loc) · 1.75 KB
/
Jenkinsfile-pre-registry
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import groovy.json.JsonBuilder
node('jenkins-jenkins-slave') {
withEnv(['REPOSITORY=miau',
'GIT_ACCOUNT=https://github.com/JerzyRybak']) {
stage('Pull Image from Git') {
script {
git "${GIT_ACCOUNT}/${REPOSITORY}.git"
}
}
stage('Build Image') {
script {
dbuild = docker.build("mawinkler/${REPOSITORY}:$BUILD_NUMBER")
}
}
parallel (
"Test": {
//script {
// sh "python tests/test_flask_app.py"
//}
echo 'All functional tests passed'
},
"Check Image (pre-Registry)": {
smartcheckScan([
imageName: "mawinkler/${REPOSITORY}:$BUILD_NUMBER",
smartcheckHost: "${DSSC_SERVICE}",
smartcheckCredentialsId: "smartcheck-auth",
insecureSkipTLSVerify: true,
insecureSkipRegistryTLSVerify: true,
preregistryScan: true,
preregistryHost: "${DSSC_REGISTRY}",
preregistryCredentialsId: "preregistry-auth",
findingsThreshold: new groovy.json.JsonBuilder([
malware: 0,
vulnerabilities: [
defcon1: 0,
critical: 0,
high: 1,
],
contents: [
defcon1: 0,
critical: 0,
high: 1,
],
checklists: [
defcon1: 0,
critical: 0,
high: 0,
],
]).toString(),
])
}
)
stage('Push Image to Docker Hub') {
script {
docker.withRegistry('', 'docker-hub') {
dbuild.push('$BUILD_NUMBER')
}
}
}
stage('Deploy App to Kubernetes') {
script {
kubernetesDeploy(configs: "app.yml", kubeconfigId: "kubeconfig")
}
}
}
}