Skip to content

Commit ab65db6

Browse files
author
Vitaly Korolev
committed
Ensure we run container scan when we publish, otherwise just the source
1 parent 2989f65 commit ab65db6

File tree

1 file changed

+10
-8
lines changed

1 file changed

+10
-8
lines changed

Jenkinsfile

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ operatorRegistry = 'ml-marklogic-operator-dev.bed-artifactory.bedford.progress.c
1212
JIRA_ID = ''
1313
JIRA_ID_PATTERN = /(?i)(MLE)-\d{3,6}/
1414
operatorRepo = 'marklogic-kubernetes-operator'
15+
timeStamp = new Date().format('yyyyMMdd')
16+
branchNameTag = env.BRANCH_NAME.replaceAll('/', '-')
1517

1618
// Define local funtions
1719
void preBuildCheck() {
@@ -146,7 +148,12 @@ void runMinikubeCleanup() {
146148
}
147149

148150
void runBlackDuckScan() {
149-
build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}"), string(name: 'CONTAINER_IMAGES', value: "${operatorRepo}:${VERSION}-${branchNameTag}") ]
151+
// Trigger BlackDuck scan job with CONTAINER_IMAGES parameter when params.PUBLISH_IMAGE is true
152+
if (params.PUBLISH_IMAGE) {
153+
build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}"), string(name: 'CONTAINER_IMAGES', value: "${operatorRepo}:${VERSION}-${branchNameTag}") ]
154+
} else {
155+
build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}") ]
156+
}
150157
}
151158

152159
/**
@@ -156,8 +163,7 @@ void runBlackDuckScan() {
156163
*/
157164
void publishToInternalRegistry() {
158165
withCredentials([usernamePassword(credentialsId: 'builder-credentials-artifactory', passwordVariable: 'docker_password', usernameVariable: 'docker_user')]) {
159-
timeStamp = new Date().format('yyyyMMdd')
160-
branchNameTag = env.BRANCH_NAME.replaceAll('/', '-')
166+
161167
sh """
162168
# make sure to logout first to avoid issues with cached credentials
163169
docker logout ${operatorRegistry}
@@ -248,11 +254,7 @@ pipeline {
248254
}
249255

250256
stage('Run-BlackDuck-Scan') {
251-
when {
252-
anyOf {
253-
expression { return params.PUBLISH_IMAGE }
254-
}
255-
}
257+
256258
steps {
257259
runBlackDuckScan()
258260
}

0 commit comments

Comments
 (0)