我尝试使用Dockerfile和Jenkinsfile在Jnekins的管道中配置aquascanner。我已经在虚拟机中安装了jenkins docker-ce和docker-compose,这意味着我在本地执行了所有操作。这是拖车文件的内容 Dockerfile:
FROM debian:jessie-slim
RUN apt-get update && apt-get -y install ca-certificates
ADD https://get.aquasec.com/microscanner /
Jenkinsfile
pipeline {
agent { dockerfile true }
stages {
stage('Scan') {
steps{
aquaMicroscanner imageName: 'aboullaite', notCompliesCmd: 'exit 4', onDisallowed: 'fail', outputFormat: 'html'
}
}
}
}
执行管道时,出现此错误:
Démarré par l'utilisateur admin admin
Obtained Jenkinsfile from git https://github.com/mohamedoul/aquamicroscannerpipeline.git
Running in Durability level: MAX_SURVIVABILITY
[Pipeline] Start of Pipeline
[Pipeline] node
Running on Jenkins in /var/lib/jenkins/workspace/microscanneejenkinsfiledockerfile
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Declarative: Checkout SCM)
[Pipeline] checkout
No credentials specified
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://github.com/mohamedoul/aquamicroscannerpipeline.git # timeout=10
Fetching upstream changes from https://github.com/mohamedoul/aquamicroscannerpipeline.git
> git --version # timeout=10
> git fetch --tags --progress https://github.com/mohamedoul/aquamicroscannerpipeline.git +refs/heads/*:refs/remotes/origin/*
> git rev-parse refs/remotes/origin/master^{commit} # timeout=10
> git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision b3bd0c9855c96e34afefeded90a2b3c6aa1032fe (refs/remotes/origin/master)
> git config core.sparsecheckout # timeout=10
> git checkout -f b3bd0c9855c96e34afefeded90a2b3c6aa1032fe
Commit message: "Update Dockerfile"
> git rev-list --no-walk 39200d7950e525aa7b1d6e539ca4182c66c8fae1 # timeout=10
[Pipeline] }
[Pipeline] // stage
[Pipeline] withEnv
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Declarative: Agent Setup)
[Pipeline] isUnix
[Pipeline] readFile
[Pipeline] sh
+ docker build -t 00302783dd2c8725d52bd0fdec5aee3bae719abb -f Dockerfile .
Sending build context to Docker daemon 212.5kB
Step 1/3 : FROM debian:jessie-slim
---> dc5ba56066bd
Step 2/3 : RUN apt-get update && apt-get -y install ca-certificates
---> Using cache
---> 2bac27594205
Step 3/3 : ADD https://get.aquasec.com/microscanner /
---> Using cache
---> 9ddc79a6c3f1
Successfully built 9ddc79a6c3f1
Successfully tagged 00302783dd2c8725d52bd0fdec5aee3bae719abb:latest
[Pipeline] dockerFingerprintFrom
[Pipeline] }
[Pipeline] // stage
[Pipeline] sh
+ docker inspect -f . 00302783dd2c8725d52bd0fdec5aee3bae719abb
.
[Pipeline] withDockerContainer
Jenkins does not seem to be running inside a container
$ docker run -t -d -u 123:128 -w /var/lib/jenkins/workspace/microscanneejenkinsfiledockerfile -v /var/lib/jenkins/workspace/microscanneejenkinsfiledockerfile:/var/lib/jenkins/workspace/microscanneejenkinsfiledockerfile:rw,z -v /var/lib/jenkins/workspace/microscanneejenkinsfiledockerfile@tmp:/var/lib/jenkins/workspace/microscanneejenkinsfiledockerfile@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** 00302783dd2c8725d52bd0fdec5aee3bae719abb cat
$ docker top a975971fc5a26ef6c02f3e4e6bc6bcad15dc75bdb773ab2bb1fd63f8036785bb -eo pid,comm
[Pipeline] {
[Pipeline] stage
[Pipeline] { (Scan)
[Pipeline] aquaMicroscanner
Aqua MicroScanner in progress...
Archiving artifacts
Archiving artifacts
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
$ docker stop --time=1 a975971fc5a26ef6c02f3e4e6bc6bcad15dc75bdb773ab2bb1fd63f8036785bb
$ docker rm -f a975971fc5a26ef6c02f3e4e6bc6bcad15dc75bdb773ab2bb1fd63f8036785bb
[Pipeline] // withDockerContainer
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
ERROR: Scanning failed.
Finished: FAILURE