update
Some checks failed
dongho-repo/security-web/pipeline/head There was a failure building this commit
Some checks failed
dongho-repo/security-web/pipeline/head There was a failure building this commit
This commit is contained in:
14
Jenkinsfile
vendored
14
Jenkinsfile
vendored
@@ -1,11 +1,19 @@
|
||||
pipeline {
|
||||
agent any
|
||||
|
||||
// Explicitly define the tool to ensure it is available on the path.
|
||||
// The symbol 'dependency-check' usually corresponds to the OWASP Dependency-Check plugin tool type.
|
||||
tools {
|
||||
'dependency-check' 'depcheck'
|
||||
}
|
||||
|
||||
stages {
|
||||
stage('Security Scan') {
|
||||
steps {
|
||||
// Run OWASP Dependency Check
|
||||
// 'depcheck' matches the tool name configured in Jenkins Global Tool Configuration
|
||||
// Debug: Verify the tool is available and print version
|
||||
sh 'dependency-check.sh --version || echo "WARNING: dependency-check.sh not found in PATH"'
|
||||
|
||||
// Run OWASP Dependency Check using the specific installation
|
||||
dependencyCheck additionalArguments: '--scan ./ --format ALL', odcInstallation: 'depcheck'
|
||||
}
|
||||
}
|
||||
@@ -16,7 +24,7 @@ pipeline {
|
||||
// Publish the results
|
||||
dependencyCheckPublisher pattern: 'dependency-check-report.xml'
|
||||
|
||||
// Archive the reports so they can be viewed in Jenkins UI
|
||||
// Archive the reports
|
||||
archiveArtifacts allowEmptyArchive: true, artifacts: 'dependency-check-report.html'
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user