From 93ebb1a36b66171228001b18905c1e0bb7be6769 Mon Sep 17 00:00:00 2001
From: "gioacchino.vino" <gioacchino.vino@infn.it>
Date: Wed, 27 Sep 2023 17:26:44 +0200
Subject: [PATCH] Improved scans result printing
---
files/script.py | 2 +-
jenkinsfile/Jenkinsfile | 4 ++--
tasks/1-create-deployment.yml | 13 +++----------
tasks/2-scan.yml | 18 ++++++++++++++++--
4 files changed, 22 insertions(+), 15 deletions(-)
diff --git a/files/script.py b/files/script.py
index d9c50fa..47d2fb5 100644
--- a/files/script.py
+++ b/files/script.py
@@ -440,7 +440,7 @@ get_version()
severities = dict()
for host,ports in endpoints.items():
print(host,ports)
-
+
target_name = f"{auth_name}_target_{host}"
task_name = f"{auth_name}_task_{host}"
port_list_name = f"{auth_name}_pl_{host}"
diff --git a/jenkinsfile/Jenkinsfile b/jenkinsfile/Jenkinsfile
index 378b6f7..61cc01b 100644
--- a/jenkinsfile/Jenkinsfile
+++ b/jenkinsfile/Jenkinsfile
@@ -2,7 +2,7 @@ pipeline {
agent { label 'docker-paas-agent' }
environment {
- ORCHENT_AGENT_ACCOUNT='infn-cloud'
+ ORCHENT_AGENT_ACCOUNT='infn-cloud-ops'
ORCHENT_URL='https://my.cloud.infn.it/orchestrator'
}
@@ -18,7 +18,7 @@ pipeline {
oidc-add infn-cloud-ops
env
-
+
# Orchent connection test
orchent depls > depls.output
if grep -q ERROR depls.output
diff --git a/tasks/1-create-deployment.yml b/tasks/1-create-deployment.yml
index 9a0116f..9a27840 100644
--- a/tasks/1-create-deployment.yml
+++ b/tasks/1-create-deployment.yml
@@ -11,13 +11,6 @@
- debug:
var: depcreate_cmd
-- name: Test command
- set_fact:
- test_cmd: "test command"
-
-- debug:
- var: test_cmd
-
- name: Create the deployment
command: "{{ depcreate_cmd }}"
args:
@@ -38,12 +31,12 @@
delay: 300
timeout: 0
-- name: Check the deployment status (every 10 mins)
+- name: Check the deployment status (every 5 mins)
command: orchent depshow --ojson "{{ deployment.uuid }}"
register: depshow_output
until: "'PROGRESS' not in depshow_output.stdout"
- retries: 12
- delay: 600
+ retries: 18
+ delay: 300
failed_when: "'error' in depshow_output.stdout"
- set_fact:
diff --git a/tasks/2-scan.yml b/tasks/2-scan.yml
index 568ac83..0842bcd 100644
--- a/tasks/2-scan.yml
+++ b/tasks/2-scan.yml
@@ -1,7 +1,7 @@
---
- name: Set SSH tunnel
- command: ssh -o StrictHostKeyChecking=no -f -N -L localhost:9390:192.168.187.162:9390 jenkins@scans.cloud.infn.it
+ command: ssh -o StrictHostKeyChecking=no -f -N -L localhost:9390:192.168.235.234:9390 jenkins@scans.cloud.infn.it
- debug:
var: paas_ci_test.endpoints_to_scan
@@ -10,7 +10,12 @@
copy:
src: files/script.py
dest: "{{ paas_ci_scan_script_path }}"
-
+
+- name: Remove existing reports
+ command: "rm -f *report.txt"
+ args:
+ chdir: "{{ paas_ci_workdir }}"
+
- name: Run scan
command: "python3 {{ paas_ci_scan_script_path }} {{ paas_ci_test.endpoints_to_scan }} {{ paas_ci_workdir + '/dep.json'}} {{ paas_ci_workdir }}"
register: scan_output
@@ -26,6 +31,15 @@
# msg: "{{lookup('file', item.path)}}"
# with_items: "{{report_files.files}}"
+- name: Chech reports
+ command: "cat *report.txt | grep Port | sort | uniq "
+ args:
+ chdir: "{{ paas_ci_workdir }}"
+ register: report_ports_output
+
+- debug:
+ var: report_ports_output
+
- name: get Severity file content
shell: cat "{{ paas_ci_workdir + '/severity.json'}}"
register: severity
--
GitLab