mirror of
https://github.com/corda/corda.git
synced 2024-12-21 22:07:55 +00:00
Merge pull request #7219 from corda/add-snyk-scan-4.6
INFRA-1805 Add snyk scan to 4.6 release job
This commit is contained in:
commit
0b26ffa300
16
.ci/dev/regression/Jenkinsfile
vendored
16
.ci/dev/regression/Jenkinsfile
vendored
@ -81,6 +81,7 @@ pipeline {
|
||||
CORDA_ARTIFACTORY_USERNAME = "${env.ARTIFACTORY_CREDENTIALS_USR}"
|
||||
DOCKER_URL = "https://index.docker.io/v1/"
|
||||
EMAIL_RECIPIENTS = credentials('corda4-email-recipient')
|
||||
SNYK_API_KEY = "c4-os-snyk"
|
||||
}
|
||||
|
||||
stages {
|
||||
@ -189,6 +190,15 @@ pipeline {
|
||||
}
|
||||
}
|
||||
|
||||
stage('Snyk Security') {
|
||||
when {
|
||||
expression { isReleaseTag || isReleaseCandidate || isReleaseBranch }
|
||||
}
|
||||
steps {
|
||||
snykSecurityScan("${env.SNYK_API_KEY}", "--all-sub-projects --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'")
|
||||
}
|
||||
}
|
||||
|
||||
stage('All Tests') {
|
||||
when {
|
||||
expression { params.DO_TEST }
|
||||
@ -432,11 +442,17 @@ pipeline {
|
||||
success {
|
||||
script {
|
||||
sendSlackNotifications("good", "BUILD PASSED", false, "#corda-corda4-open-source-build-notifications")
|
||||
if (isReleaseTag || isReleaseCandidate || isReleaseBranch) {
|
||||
snykSecurityScan.generateHtmlElements()
|
||||
}
|
||||
}
|
||||
}
|
||||
unstable {
|
||||
script {
|
||||
sendSlackNotifications("warning", "BUILD UNSTABLE - Unstable Builds are likely a result of Nexus Sonar Scanner violations", false, "#corda-corda4-open-source-build-notifications")
|
||||
if (isReleaseTag || isReleaseCandidate || isReleaseBranch) {
|
||||
snykSecurityScan.generateHtmlElements()
|
||||
}
|
||||
}
|
||||
}
|
||||
failure {
|
||||
|
Loading…
Reference in New Issue
Block a user