Skip to content

Commit 16974be

Browse files
fernandomatsuosantosfernandomatsuosantos
committed
2 parents 3a145e6 + acdd5d0 commit 16974be

File tree

1 file changed

+21
-19
lines changed

1 file changed

+21
-19
lines changed

jenkins/Jenkinsfile

Lines changed: 21 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,5 @@
11
pipeline {
2-
agent {
3-
docker {
4-
image 'python:3.11' // Python comes pre-installed
5-
args "-u root"
6-
}
7-
}
2+
agent any
83

94
environment {
105
GITHUB_TOKEN = credentials('codeql-wrapper-token')
@@ -19,26 +14,33 @@ pipeline {
1914

2015
stage('Setup Python') {
2116
steps {
22-
sh '''#!/bin/bash
17+
sh '''#!/bin/bash
18+
# Upgrade pip, setuptools, and wheel
19+
python3 -m venv venv
20+
. venv/bin/activate
21+
22+
pip uninstall codeql-wrapper -y
2323
24-
python3 -m pip install --upgrade pip
25-
pip3 install codeql-wrapper
24+
echo "Upgrading pip, setuptools, and wheel..."
25+
python3 -m pip install --upgrade --force-reinstall pip setuptools wheel packaging gitpython==3.1.45
26+
pip install --extra-index-url https://test.pypi.org/simple/ codeql-wrapper==0.2.15
2627
'''
2728
}
2829
}
2930

3031
stage('CodeQL Analysis') {
3132
steps {
32-
sh '''#!/bin/bash
33-
34-
codeql-wrapper analyze ${WORKSPACE} \
35-
--monorepo \
36-
--verbose \
37-
--upload-sarif \
38-
--repository owner/repository \
39-
--commit-sha ${GIT_COMMIT} \
40-
--ref ${GIT_BRANCH}
41-
'''
33+
withCredentials([string(credentialsId: 'PAT', variable: 'GITHUB_TOKEN')]) {
34+
sh '''#!/bin/bash
35+
. venv/bin/activate
36+
echo "Base Ref (Target Branch): $CHANGE_TARGET"
37+
echo "Ref (Source Branch): $CHANGE_BRANCH"
38+
39+
curl -s -H "Authorization: token $GITHUB_TOKEN" https://api.github.com/user
40+
41+
codeql-wrapper --verbose analyze ./monorepo --monorepo --upload-sarif --ref $CHANGE_BRANCH --base-ref $CHANGE_TARGET
42+
'''
43+
}
4244
}
4345
}
4446
}

0 commit comments

Comments
 (0)