diff --git a/Jenkinsfile b/Jenkinsfile index 3eeddd0..8a362db 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -8,7 +8,7 @@ pipeline { CODEART_DOMAIN = credentials('CODEART_DOMAIN') CODEART_REPO = credentials('CODEART_REPO') - // Build configuration + // Build configuration - Corporate-friendly non-root approach PYTHON_VERSION = '3.11-slim' BUILD_IMAGE = "python:${PYTHON_VERSION}" } @@ -54,10 +54,10 @@ pipeline { steps { script { // Use Docker for consistent, isolated build environment - docker.image(env.BUILD_IMAGE).inside() { + docker.image(env.BUILD_IMAGE).inside('-e HOME=/tmp -e PIP_CACHE_DIR=/tmp/.pip') { sh ''' - # Configure pip to use CodeArtifact - pip config set global.index-url "${CODEART_URL}" + # Configure pip to use CodeArtifact without trying to save global config + export PIP_INDEX_URL="${CODEART_URL}" # Install build dependencies pip install --upgrade setuptools wheel twine @@ -96,8 +96,9 @@ pipeline { } steps { script { - docker.image(env.BUILD_IMAGE).inside() { + docker.image(env.BUILD_IMAGE).inside('-e HOME=/tmp -e PIP_CACHE_DIR=/tmp/.pip') { sh ''' + export PIP_INDEX_URL="${CODEART_URL}" pip install safety safety check --json --output safety-report.json || true ''' @@ -112,8 +113,10 @@ pipeline { stage('Test') { steps { script { - docker.image(env.BUILD_IMAGE).inside() { + docker.image(env.BUILD_IMAGE).inside('-e HOME=/tmp -e PIP_CACHE_DIR=/tmp/.pip') { sh ''' + export PIP_INDEX_URL="${CODEART_URL}" + # Install test dependencies if they exist if [ -f requirements-test.txt ]; then pip install -r requirements-test.txt @@ -148,10 +151,10 @@ pipeline { } steps { script { - docker.image(env.BUILD_IMAGE).inside() { + docker.image(env.BUILD_IMAGE).inside('-e HOME=/tmp') { sh ''' - # Configure twine for CodeArtifact - cat > ~/.pypirc < /tmp/.pypirc <