feat: add gitleaks pipeline - jenkins-lib

commit 4bd08edc73a3a56fc65b3eb0fda39cc4ef660118
Author: Andreas Gruhler <andreas.gruhler@adfinis.com>
Date:   Tue,  4 Jun 2024 17:01:10 +0200

feat: add gitleaks pipeline

Diffstat:
A .gitignore  | 1 +
A README  | 6 ++++++
A vars/gitleaks.groovy  | 33 +++++++++++++++++++++++++++++++++

3 files changed, 40 insertions(+), 0 deletions(-)
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+*.swp
diff --git a/README b/README
@@ -0,0 +1,6 @@
+= Shared Library for Jenkins =
+
+This repo contains shared pipeline code Jenkins library, primarly shared
+declarartive pipelines:
+
+https://www.jenkins.io/doc/book/pipeline/shared-libraries/#defining-declarative-pipelines
diff --git a/vars/gitleaks.groovy b/vars/gitleaks.groovy
@@ -0,0 +1,33 @@
+def call() {
+    pipeline {
+        agent {
+            docker {
+              label 'podman'
+              image 'ghcr.io/gitleaks/gitleaks:v8.18.2'
+              args '-u root --entrypoint='
+            }
+        }
+    
+        stages {
+            stage('scan') {
+                steps {
+                    sh '''
+                    gitleaks detect \
+                      --verbose --no-color --no-banner \
+                      --report-path gitleaks-report.json \
+                    '''
+                    sh 'ls'
+                    def report = readJSON file: 'gitleaks-report.json'
+                    if (report.isEmpty) {
+                        unstable(message: "${STAGE_NAME} is unstable")
+                    }
+                }
+            }
+        }
+        post {
+            always {
+                archiveArtifacts artifacts: 'gitleaks-report.json', fingerprint: true
+            }
+        }
+    }
+}

	jenkins-lib Jenkins shared library
	git clone https://git.in0rdr.ch/jenkins-lib.git
	Log \| Files \| Refs \| README

A	.gitignore	\|	1	+
A	README	\|	6	++++++
A	vars/gitleaks.groovy	\|	33	+++++++++++++++++++++++++++++++++