tests/Jenkinsfile-security-scan-vuln-deps

   1 #!/usr/bin/env groovy
   2
   3 def actions
   4
   5 pipeline {
   6     agent {
   7         label 'docker'
   8     }
   9     triggers { cron('H 5 * * 1-5') }
  10
  11     stages {
  12         stage('Checkout') {
  13             steps {
  14                 checkout scm
  15             }
  16         }
  17
  18         stage('Scan') {
  19             steps {
  20                 dir ('sources') {
  21                     script {
  22                         actions = load 'tests/actions.groovy'
  23                         actions.runInsideNixShell('make scan-vuln-deps', 'dev')
  24                     }
  25                 }
  26             }
  27         }
  28     }
  29
  30     post {
  31         failure {
  32             withCredentials([string(credentialsId: 'email-notification-rd-team', variable: 'email')]) {
  33                 mail to: email,
  34                 subject: "${currentBuild.fullDisplayName} is broken",
  35                 body: "See ${env.BUILD_URL}"
  36             }
  37         }
  38         unstable {
  39             withCredentials([string(credentialsId: 'email-notification-rd-team', variable: 'email')]) {
  40                 mail to: email,
  41                 subject: "${currentBuild.fullDisplayName} is unstable",
  42                 body: "See ${env.BUILD_URL}"
  43             }
  44         }
  45     }
  46 }