ci: add trivy to CI

NetApp · Oct 21, 2024 · c48a091 · c48a091
1 parent 60fa831
commit c48a091
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/jenkins/artifacts/jenkinsfile b/jenkins/artifacts/jenkinsfile
@@ -185,6 +185,20 @@ pipeline {
             }
         }
 
+        stage('Trivy Image Scan') {
+            steps {
+                script {
+                    currentStage = 'Trivy Image Scan'
+                }
+                sh '''
+                curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin
+                export PATH=/usr/local/bin:$PATH
+                trivy image --exit-code 1 ${ghcrImage}:latest
+                trivy image --exit-code 1 ${ghcrImage}:latest-fips
+                '''
+            }
+        }
+
          stage('Publish builds locally'){
           steps {
               script {