forked from sharathwe45/flask-azure-devops
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Jenkinsfile
40 lines (38 loc) · 1.13 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
node{
stage('Git Pull'){
git url: 'https://github.com/we45/Vulnerable-Flask-App.git'
}
stage('Install tools'){
sh '''
pip install bandit safety
'''
}
stage('Bandit - SAST'){
sh '''
bandit -f html -o bandit-result.html app.py | true
'''
archiveArtifacts allowEmptyArchive: true, artifacts: '**/bandit-result.html', onlyIfSuccessful: true
publishHTML (target: [
allowMissing: false,
alwaysLinkToLastBuild: false,
keepAll: true,
reportDir: '.',
reportFiles: 'bandit-result.html',
reportName: "Bandit Report"
])
}
stage ('Safety - SCA') {
sh '''
safety check --json > sca-report.json | true
'''
archiveArtifacts allowEmptyArchive: true, artifacts: '**/sca-report.json', onlyIfSuccessful: true
publishHTML (target: [
allowMissing: false,
alwaysLinkToLastBuild: false,
keepAll: true,
reportDir: '.',
reportFiles: 'sca-report.json',
reportName: "SCA Report"
])
}
}