Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
pipeline {
agent { label 'docker-paas-agent' }
options {
timestamps()
}
environment {
ORCHENT_AGENT_ACCOUNT='infn-cloud'
ORCHENT_URL='https://my.cloud.infn.it/orchestrator'
}
stages {
stage ('Create test deployment'){
steps {
sh '''#!/bin/bash
wget -O site.yaml "${PLAYBOOK_URL}"
ansible-playbook site.yaml --extra-vars "paas_ci_test_step='create_deployment'"
'''
}
}
stage ('Scan endpoints'){
steps {
withCredentials([
sshUserPrivateKey(credentialsId: "ssh_scans", keyFileVariable: 'keyfile'),
usernamePassword(credentialsId: "jenkins_scans_creds", usernameVariable: 'GMP_USER', passwordVariable: 'GMP_PASSWORD')
]) {
sh '''#!/bin/bash
cp ${keyfile} /home/jenkins/.ssh/id_rsa
ansible-playbook site.yaml --extra-vars "paas_ci_test_step='scan'"
'''
}
}
post {
failure {
archiveArtifacts artifacts: '*report.txt', allowEmptyArchive: true
emailext attachmentsPattern: '*report.txt', body: '$DEFAULT_CONTENT', subject: '$PROJECT_NAME - Build # $BUILD_NUMBER: Vulnerabilities detected!', to: '$DEFAULT_RECIPIENTS'
}
}
}
}
post {
always {
sh '''#!/bin/bash
ansible-playbook site.yaml --extra-vars "paas_ci_test_step='clean'"
'''
}
}
}