forked from mpirnat/lets-be-bad-guys
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathJenkinsfile
33 lines (30 loc) · 1.05 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
pipeline {
agent {
docker {
// Make sure you have the latest semgrep-agent
// This file is tested with semgrep 0.39.1 on Python 3.9.1
// For the latest agent, use 'docker pull returntocorp/semgrep-agent:v1'
image 'returntocorp/semgrep-agent:v1'
args '-u root'
}
}
environment {
// secrets for Semgrep org ID and auth token
SEMGREP_APP_TOKEN = credentials('SEMGREP_APP_TOKEN')
SEMGREP_DEPLOYMENT_ID = credentials('SEMGREP_DEPLOYMENT_ID')
// environment variables for semgrep_agent (for findings / analytics page)
// remove .git at the end
SEMGREP_REPO_URL = env.GIT_URL.replaceFirst(/^(.*).git$/,'$1')
SEMGREP_BRANCH = "${GIT_BRANCH}"
SEMGREP_JOB_URL = "${BUILD_URL}"
// remove SCM URL + .git at the end
SEMGREP_REPO_NAME = env.GIT_URL.replaceFirst(/^https:\/\/github.com\/(.*).git$/, '$1')
}
stages {
stage('Semgrep_agent') {
steps{
sh 'python -m semgrep_agent --publish-token $SEMGREP_APP_TOKEN --publish-deployment $SEMGREP_DEPLOYMENT_ID'
}
}
}
}