[DO-338] export_svacer_snapshots_to_sarif2 (#14)

Reviewed-on: https://git.avroid.tech/DevOps/jenkins-shared-lib/pulls/14 Co-authored-by: aleksandr.vodyanov <aleksandr.vodyanov@avroid.tech> Co-committed-by: aleksandr.vodyanov <aleksandr.vodyanov@avroid.tech>
2024-03-29 15:00:55 +03:00
parent 20ce1523dd
commit bce332dd98
2 changed files with 92 additions and 0 deletions
--- a/vars/getPodTemplate.groovy
+++ b/vars/getPodTemplate.groovy
@@ -0,0 +1,88 @@
+def call(String podTemplateName) {
+
+Object alpineTemplate = """
+  apiVersion: v1
+  kind: Pod
+  spec:                
+    containers:
+    - name: linux
+      image:  ${env.JENKINS_DOCKER_REGISTRY}/docker-hub-proxy/library/alpine:3.18.5
+      command:
+      - sleep
+      args:
+      - 99d
+      resources:
+        limits:
+          cpu: 100m
+          memory: 64Mi
+        requests:
+          cpu: 100m
+          memory: 64Mi
+"""
+
+Object auroraV4Template = """
+  apiVersion: v1
+  kind: Pod
+  metadata:
+    annotations:
+      container.apparmor.security.beta.kubernetes.io/aurora: unconfined
+  spec:                
+    containers:
+    - name: aurora
+      image: ${env.JENKINS_DOCKER_REGISTRY}/devops/build-aurora-image:4.0.2.249-2
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+        capabilities:
+          add:
+          - SYS_ADMIN
+      tty: true
+      resources:
+        limits:
+          cpu: 15
+          memory: 128Gi
+        requests:
+          cpu: 15
+          memory: 32Gi
+      volumeMounts:
+      - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot
+        name: "workspace-volume"
+      ttyEnabled: true
+    imagePullSecrets:
+    - name: ${env.JENKINS_K8S_HARBOR_SECRET}
+"""
+
+Object sonarCubeScannerTemplate = """
+  apiVersion: v1
+  kind: Pod
+  spec:                
+    containers:
+    - name: sonar-scanner
+      image: ${env.JENKINS_DOCKER_REGISTRY}/docker-hub-proxy/sonarsource/sonar-scanner-cli:5.0.1
+      command: ["bash"]
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+      tty: true
+      resources:
+        limits:
+          cpu: 7
+          memory: 16Gi
+        requests:
+          cpu: 7
+          memory: 16Gi
+      ttyEnabled: true
+      volumeMounts:
+      - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot
+        name: "workspace-volume"
+"""
+
+    switch (podTemplateName) {
+        case 'alpine':
+            return alpineTemplate
+        case 'auroraV4':
+            return auroraV4Template
+        case "sonarCubeScanner":
+            return sonarCubeScannerTemplate
+    }
+}
--- a/vars/global.groovy
+++ b/vars/global.groovy
@@ -0,0 +1,4 @@
+class global {
+
+    final String AURORA_CUSTOM_WORKSPACE = '/buildDir'
+}