diff --git a/Jenkinsfile b/Jenkinsfile index 1b45c3d05036912e8857a1e1b71c4e8088e7903c..7f49ca4c73820df41dfef3a5379a3c2a778a10dc 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -24,8 +24,17 @@ node{ sh 'dockle debian:buster > rapportDockle' } - stage('Scan Clair '){ - sh './clair-scanner --ip 127.0.0.1 -c http://172.17.0.1:6060 debian:buster > rapportClair' + stage('Scan Clair'){ + sh ''' + docker run -d --name db arminc/clair-db + sleep 15 # wait for db to come up + docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan + sleep 1 + DOCKER_GATEWAY=$(docker network inspect bridge --format "{{range .IPAM.Config}}{{.Gateway}}{{end}}") + wget -qO clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64 && chmod +x clair-scanner + ./clair-scanner --ip="$DOCKER_GATEWAY" myapp:latest || exit 0 + + ''' } stage('Push on repo nexus') docker.withRegistry(registryProject,'reg2'){