Static Application Security Testing (SAST)

- name: slscan
  image: shiftleft/sast-scan
  #imagePullPolicy: Always
  command: ["cat"]
  tty: true
  volumeMounts:
  - name: m2
    mountPath: /root/.m2/
  - name: workspace
    mountPath: /home/jenkins/agent

stage('SAST') {
  steps {
    container('slscan') {
      sh 'scan --type java,depscan --build'
    }
  }

  post {
    success {
      archiveArtifacts(
        allowEmptyArchive: true,
        artifacts: 'reports/*',
        fingerprint: true,
        onlyIfSuccessful: true
      )
    }
  }
}