-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuildspec.yml
26 lines (25 loc) · 1.03 KB
/
buildspec.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
version: 0.2
phases:
pre_build:
commands:
- echo Logging in to Amazon ECR...
- aws --version
- $(aws ecr get-login --region $AWS_DEFAULT_REGION --no-include-email)
- REPOSITORY_URI=981514334627.dkr.ecr.us-east-1.amazonaws.com/myrepository_tsuji-k
- TAG='01'
build:
commands:
- echo Build started on `date`
- echo Building the Docker image...
- docker build -t $REPOSITORY_URI:$TAG .
- echo Scanning docker image...
- curl -k -u $TL_USER:$TL_PW --output ./twistcli $TL_CONSOLE/api/v1/util/twistcli
- chmod a+x ./twistcli
- ./twistcli images scan --details -address $TL_CONSOLE -u $TL_USER -p $TL_PW --vulnerability-threshold critical --compliance-threshold critical $REPOSITORY_URI:$TAG
post_build:
commands:
- bash -c "if [ /"$CODEBUILD_BUILD_SUCCEEDING/" == /"0/" ]; then exit 1; fi"
- echo Build completed on `date`
- echo Pushing the Docker images...
- docker push $REPOSITORY_URI:$TAG
- echo Writing image definitions file...