-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
43 lines (35 loc) · 1.52 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
node {
def app
stage('Clone repository') {
/* Let's make sure we have the repository cloned to our workspace */
git url: 'https://github.com/ianmiell/bad-dockerfile'
}
stage('Build image') {
/* This builds the actual image; synonymous to
* docker build on the command line */
app = docker.build("demo/bad-dockerfile")
}
stage('Scan image') {
twistlockScan ca: '', cert: '', compliancePolicy: 'warn', dockerAddress: 'unix:///var/run/docker.sock', ignoreImageBuildTime: true, image: 'demo/bad-dockerfile*', key: '', logLevel: 'true', policy: 'high', requirePackageUpdate: true, timeout: 10
}
stage('Publish scan results') {
twistlockPublish ca: '', cert: '', dockerAddress: 'unix:///var/run/docker.sock', ignoreImageBuildTime: true, image: 'demo/bad-dockerfile:latest', key: '', logLevel: 'true', timeout: 10
}
stage('Test image') {
/* Ideally, we would run a test framework against our image.
* For this example, we're using a Volkswagen-type approach ;-) */
app.inside {
sh 'echo "Tests passed"'
}
}
stage('Push image') {
/* Finally, we'll push the image with two tags:
* First, the incremental build number from Jenkins
* Second, the 'latest' tag.
* Pushing multiple tags is cheap, as all the layers are reused. */
docker.withRegistry('http://localhost:5000') {
app.push("${env.BUILD_NUMBER}")
app.push("latest")
}
}
}