Closed Johannes-Schneider closed 3 months ago
Thank you for your contribution! This issue is stale because it has been open 60 days with no activity. In order to keep it open, please remove stale label or add a comment within the next 10 days. If you need a Piper team member to remove the stale label make sure to add @SAP/jenkins-library-team
to your comment.
Issue got stale and no further activity happened. It has automatically been closed. Please re-open in case you still consider it relevant.
Dear team,
we are currently building a new Release pipeline using Hyperspace, GitHub Actions, and the general purpose Piper pipeline. Our pipeline produces multiple Docker images using the
kanikoExecute
withmultipleImages
approach.Once the build step succeeds, we want to scan all of the built images with Black Duck Binary Analysis (aka Protecode) using the regular
protecodeExecuteScan
step. However, the scan step fails with following error:When inspecting the environment of the step, I found following (interesting) values to be present:
As per the documentation, the
protecodeExecuteScan
will consider one scan image only (which might be read from thecontainer/imageNameTag
common pipeline environment variable).To make our use case work, however, we would need the scan to also consider the
container/imageNameTags
common environment variable.Would it be possible to build such a feature in the somewhat near future?
Best regards, Johannes