// Real-world fixture — derived from:
//   fjudith/docker-wordpress — Jenkinsfile
//   https://github.com/fjudith/docker-wordpress
//
// Purpose: exercises SEC2-JK-003 — hardcoded credentials in a
// Jenkinsfile shell step.  The real line is:
//   sh "docker run -d --name 'mariadb-${BUILD_NUMBER}' \
//        -e MYSQL_ROOT_PASSWORD=wordpress -e MYSQL_USER=wordpress \
//        -e MYSQL_PASSWORD=wordpress ..."
// where MYSQL_PASSWORD=wordpress is a literal (non-$VAR) value.
pipeline {
    agent any
    environment {
        BUILD_NUMBER = "${env.BUILD_NUMBER}"
    }
    stages {
        stage('Integration test') {
            steps {
                sh "docker run -d --name 'mariadb-${BUILD_NUMBER}' -e MYSQL_ROOT_PASSWORD=wordpress -e MYSQL_USER=wordpress -e MYSQL_PASSWORD=wordpress -e MYSQL_DATABASE=wordpress --network wordpress-micro-${BUILD_NUMBER} amd64/mariadb:10.0"
            }
        }
    }
}
