docker scan ramansharma95/mysql > scanfile.log
Create a file called scancheck.sh
chmod 777 scancheck.sh
In CICD pipeline add sudo sh scancheck.sh
variable="`grep "Critical severity" scanfile.log | wc -l `"
echo $variable
if [ $variable -ge 1 ]
then
grep "Critical severity" scanfile.log
echo "There are $variable Critical severity so it is Failed"
exit 1
fi
variable="`grep "High severity" scanfile.log | wc -l `"
echo $variable
if [ $variable -ge 1 ]
then
exit 1
else
exit 0
fi
Put this file code in the CICD pipeline
0 comments:
Post a Comment