first_admin
ec2603cd19
Some checks failed
jenkins_organization/checksum_verification_and_signature_verification/pipeline/head There was a failure building this commit
59 lines
1.9 KiB
Groovy
59 lines
1.9 KiB
Groovy
pipeline {
|
|
agent {
|
|
label 'agent1' // Określenie agenta o nazwie 'agent1'
|
|
}
|
|
|
|
stages {
|
|
stage('Install Dependencies') {
|
|
steps {
|
|
script {
|
|
// Pobierz dependencies z package.json
|
|
def dependencies = sh(script: "jq -r '.dependencies | keys[]' package.json", returnStdout: true).split('\n')
|
|
echo "Zależności: ${dependencies}"
|
|
|
|
// Weryfikacja sumy kontrolnej dla każdego pakietu
|
|
for (dep in dependencies) {
|
|
sh "npm pack ${dep}@\$(jq -r '.dependencies[\"${dep}\"]' package.json)"
|
|
|
|
sh """
|
|
FILENAME=\$(ls ${dep}-*.tgz)
|
|
SHA256_SUM=\$(sha256sum \$FILENAME | awk '{ print \$1 }')
|
|
echo \"\${SHA256_SUM} \$FILENAME\" > ${dep}.sha256
|
|
sha256sum -c ${dep}.sha256
|
|
"""
|
|
}
|
|
|
|
// Instalacja dependencies
|
|
sh 'npm install'
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Verify GPG Signatures') {
|
|
steps {
|
|
script {
|
|
// Weryfikacja podpisów cyfrowych
|
|
def dependencies = sh(script: "jq -r '.dependencies | keys[]' package.json", returnStdout: true).split('\n')
|
|
|
|
for (dep in dependencies) {
|
|
sh "wget https://registry.npmjs.org/${dep}/-/\$(jq -r '.dependencies[\"${dep}\"]' package.json)/${dep}.tgz.asc"
|
|
sh "gpg --verify ${dep}.tgz.asc ${dep}-*.tgz"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Test') {
|
|
steps {
|
|
sh 'npm test'
|
|
}
|
|
}
|
|
|
|
stage('Build') {
|
|
steps {
|
|
sh 'npm run build'
|
|
}
|
|
}
|
|
}
|
|
}
|