diff --git a/Jenkinsfile b/Jenkinsfile index dc5a9d65..6273ebbb 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -115,8 +115,10 @@ pipeline { // Go releaser requires a pristine checkout checkout scm - // Create release artifacts without releasing to Github + // Copy VERSION info into prisitine folder sh "cp ../VERSION ./VERSION" + + // Create release artifacts without releasing to Github sh "./bin/build_release --skip-validate --rm-dist" // Build container images @@ -130,17 +132,33 @@ pipeline { } } - stage('Run integration tests') { - steps { - dir('ci') { - script { - try{ - sh 'summon -f ./okta/secrets.yml ./test_integration' - } finally { - archiveArtifacts 'cleanup.log' + stage('Integration test while scanning') { + parallel { + stage('Run integration tests') { + steps { + dir('ci') { + script { + try{ + sh 'summon -f ./okta/secrets.yml ./test_integration' + } finally { + archiveArtifacts 'cleanup.log' + } + } } } } + + stage("Scan container images for fixable issues") { + steps { + scanAndReport("${containerImageWithTag()}", "HIGH", false) + } + } + + stage("Scan container images for total issues") { + steps { + scanAndReport("${containerImageWithTag()}", "NONE", true) + } + } } } @@ -169,4 +187,11 @@ pipeline { } } } -} \ No newline at end of file +} + +def containerImageWithTag() { + sh( + returnStdout: true, + script: 'source ./bin/build_utils && echo "conjur-cli:$(project_version_with_commit)"' + ) +} diff --git a/bin/build_utils b/bin/build_utils index 470890b6..c578b284 100644 --- a/bin/build_utils +++ b/bin/build_utils @@ -59,8 +59,10 @@ function project_version_with_commit() { # (note: the argument itself is not printed, append it explicitly if needed) function gen_versions() { local version="${1}" + + # echo "${version%%.*}-latest" while [[ "${version}" = *.* ]]; do - version=${version%.*} + version="${version%.*}" echo "${version}" done }