Continuous Delivery Tools Resources

We have a CJOC where all the build agents are ephemeral & dockerized. We run all the builds on these docker containers whose base image is Amazon Linux. We use Kaniko pipeline to build new dockerless docker images on these containerized build agents. I want to scan these images built by kaniko pipeline for vulnerabilities before I push it to Amazon ECR. We use SNYK for local builds, have also tried SNYK plugin for jenkins but it requires docker daemon installed on a static VM (static VM we don't use) Have tried the docker in docker solution provided on Cloudbees Docs but that's not feasible in a production environment since we have give root privileges to the running container. Any other solutions you can think of ? if you do have an idea to fix this email me -mayank.sinha@salesforce.com P.S. I have used github Actions and it scans the images in a jiffy. I hope we can do the same in Cloudbees Jenkins.

The shared libraries we create is mostly a single call() function in each groovy file but there are some projects which use multiple helper functions in the same groovy file.

Do you for see a time in the future when price per server model will change, hopefully in a downward direction.