update
Some checks failed
dongho-repo/security-web/pipeline/head There was a failure building this commit
Some checks failed
dongho-repo/security-web/pipeline/head There was a failure building this commit
This commit is contained in:
14
Jenkinsfile
vendored
14
Jenkinsfile
vendored
@@ -1,11 +1,19 @@
|
|||||||
pipeline {
|
pipeline {
|
||||||
agent any
|
agent any
|
||||||
|
|
||||||
|
// Explicitly define the tool to ensure it is available on the path.
|
||||||
|
// The symbol 'dependency-check' usually corresponds to the OWASP Dependency-Check plugin tool type.
|
||||||
|
tools {
|
||||||
|
'dependency-check' 'depcheck'
|
||||||
|
}
|
||||||
|
|
||||||
stages {
|
stages {
|
||||||
stage('Security Scan') {
|
stage('Security Scan') {
|
||||||
steps {
|
steps {
|
||||||
// Run OWASP Dependency Check
|
// Debug: Verify the tool is available and print version
|
||||||
// 'depcheck' matches the tool name configured in Jenkins Global Tool Configuration
|
sh 'dependency-check.sh --version || echo "WARNING: dependency-check.sh not found in PATH"'
|
||||||
|
|
||||||
|
// Run OWASP Dependency Check using the specific installation
|
||||||
dependencyCheck additionalArguments: '--scan ./ --format ALL', odcInstallation: 'depcheck'
|
dependencyCheck additionalArguments: '--scan ./ --format ALL', odcInstallation: 'depcheck'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -16,7 +24,7 @@ pipeline {
|
|||||||
// Publish the results
|
// Publish the results
|
||||||
dependencyCheckPublisher pattern: 'dependency-check-report.xml'
|
dependencyCheckPublisher pattern: 'dependency-check-report.xml'
|
||||||
|
|
||||||
// Archive the reports so they can be viewed in Jenkins UI
|
// Archive the reports
|
||||||
archiveArtifacts allowEmptyArchive: true, artifacts: 'dependency-check-report.html'
|
archiveArtifacts allowEmptyArchive: true, artifacts: 'dependency-check-report.html'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user