remove --push-retry 5 for tests

added trivy image scan and branch master check
2026-05-07 11:41:40 +02:00 · 2026-05-07 11:23:06 +02:00
1 changed files with 18 additions and 1 deletions
--- a/19
+++ b/19
@@ -86,6 +86,10 @@ pipeline {
 		}        

        stage('Docker Build & Push') {
+            when {
+                branch 'master'
+            }
+                        
            steps {
                container('kaniko') {
                    // Nutze die ID, die du in Jenkins für den Token vergeben hast
@@ -105,7 +109,6 @@ pipeline {
                        /kaniko/executor --context `pwd` \
                            --dockerfile `pwd`/Dockerfile \
                            --insecure \
-                            --push-retry 5 \
                            --skip-tls-verify \
                            --destination 130.61.26.230:30080/dev-master/secdevops-csharp-app:latest \
                            --destination 130.61.26.230:30080/dev-master/secdevops-csharp-app:${BUILD_NUMBER}
@@ -114,6 +117,20 @@ pipeline {
                }
            }
        }
+
+        stage('Security: Trivy Image Scan') {
+            when {
+                branch 'master'
+            }
+
+           steps {
+                container('trivy') {
+                    // Scannt das frisch gepushte Image direkt aus deiner Gitea Registry
+                    // Das Flag '--insecure' erlaubt Trivy den Zugriff über die unverschlüsselte IP
+                    sh 'trivy image --insecure --exit-code 1 --severity HIGH,CRITICAL 130.61.26.230:30080/dev-master/secdevops-csharp-app:latest'
+                }
+            }
+        }
 	}
 	
    post {
Author	SHA1	Message	Date
Achim H.	4106136782	remove --push-retry 5 for tests	2026-05-07 11:41:40 +02:00
Achim H.	46f26e947b	added trivy image scan and branch master check	2026-05-07 11:23:06 +02:00