jenkins-lib

Jenkins shared library
git clone https://git.in0rdr.ch/jenkins-lib.git
Log | Files | Refs | Pull requests |Archive | README
commit d68c5b23bb82dcdb46663a83477c420d7ccf6d40
parent 030b11c94820fd2a79baa74ae52837b2db0581cf
Author: Andreas Gruhler <agruhl@gmx.ch>
Date:   Sun,  4 May 2025 14:07:52 +0200

feat(trivy): export sbom artifact

Diffstat:

Msrc/Trivy.groovy | 5+++--


1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Trivy.groovy b/src/Trivy.groovy
@@ -17,7 +17,7 @@ class Trivy implements Serializable {
     script.stage(scanners) {
       script.docker.image(trivyImage)
                    .inside('-u root --entrypoint=""') {
-        script.sh "trivy fs --scanners ${scanners} ."
+        script.sh "trivy fs --no-progress --scanners ${scanners} ."
       }
     }
   }
@@ -29,8 +29,9 @@ class Trivy implements Serializable {
       script.docker.image(trivyImage)
                    .inside('-u root --entrypoint=""') {
         // the SBOM can include the vulnerability list
-        script.sh "trivy fs --scanners vuln --format cyclonedx --output ${file} ."
+        script.sh "trivy fs --no-progress --scanners vuln --format cyclonedx --output ${file} ."
       }
     }
+    script.archiveArtifacts(artifacts: 'sbom-cyclonedx.json', fingerprint: true)
   }
 }