copy from tests/jenkins/openshift-service-mesh-lab.groovy
copy to tests/jenkins/implementing-proactive-security-ocp.groovy
File was copied from tests/jenkins/openshift-service-mesh-lab.groovy |
| | |
| | | // CloudForms |
| | | def opentlc_creds = 'b93d2da4-c2b7-45b5-bf3b-ee2c08c6368e' |
| | | def opentlc_admin_creds = '73b84287-8feb-478a-b1f2-345fd0a1af47' |
| | | def cf_uri = 'https://labs.opentlc.com' |
| | | def cf_group = 'opentlc-access-cicd' |
| | | def cf_uri = 'https://rhpds.redhat.com' |
| | | def cf_group = 'rhpds-access-cicd' |
| | | // IMAP |
| | | def imap_creds = 'd8762f05-ca66-4364-adf2-bc3ce1dca16c' |
| | | def imap_server = 'imap.gmail.com' |
| | | // Notifications |
| | | def notification_email = 'gucore@redhat.com' |
| | | def notification_email = 'gpteinfrasev3@redhat.com' |
| | | def rocketchat_hook = '5d28935e-f7ca-4b11-8b8e-d7a7161a013a' |
| | | |
| | | // SSH key |
| | |
| | | // state variables |
| | | def guid='' |
| | | def openshift_location = '' |
| | | //def ssh_location = '' |
| | | //def ssh_p = '' |
| | | |
| | | |
| | | // Catalog items |
| | | def choices = [ |
| | | 'OPENTLC OpenShift Labs / OpenShift Service Mesh Lab', |
| | | 'DevOps Team Development / DEV - OpenShift Service Mesh Lab', |
| | | 'Red Hat Summit 2019 / Implementing Proactive Security OCP', |
| | | ].join("\n") |
| | | |
| | | def region_choice = [ |
| | | 'na_sandboxes_gpte', |
| | | 'apac_sandboxes_gpte', |
| | | 'emea_sandboxes_gpte', |
| | | 'na_gpte', |
| | | 'apac_gpte', |
| | | 'emea_gpte', |
| | | ].join("\n") |
| | | |
| | | pipeline { |
| | |
| | | ) |
| | | choice( |
| | | choices: region_choice, |
| | | description: 'Region', |
| | | description: 'Catalog item', |
| | | name: 'region', |
| | | ) |
| | | } |
| | |
| | | def catalog = params.catalog_item.split(' / ')[0].trim() |
| | | def item = params.catalog_item.split(' / ')[1].trim() |
| | | def region = params.region.trim() |
| | | def cfparams = [ |
| | | 'expiration=2', |
| | | 'runtime=8', |
| | | "region=${region}", |
| | | 'users=2', |
| | | 'check=t', |
| | | ].join(',').trim() |
| | | echo "'${catalog}' '${item}'" |
| | | guid = sh( |
| | | returnStdout: true, |
| | |
| | | -c '${catalog}' \ |
| | | -i '${item}' \ |
| | | -G '${cf_group}' \ |
| | | -d 'expiration=6,runtime=8,region=${region}' |
| | | -d '${cfparams}' \ |
| | | """ |
| | | ).trim() |
| | | |
| | |
| | | } |
| | | } |
| | | } |
| | | /* Skip this step because sometimes the completed email arrives |
| | | before the 'has started' email */ |
| | | // Skip this step because sometimes the completed email arrives |
| | | // before the 'has started' email |
| | | stage('Wait for first email') { |
| | | environment { |
| | | credentials=credentials("${imap_creds}") |
| | | } |
| | | steps { |
| | | git url: 'https://github.com/redhat-cop/agnosticd', |
| | | git url: 'https://github.com/sborenst/ansible_agnostic_deployer', |
| | | branch: 'development' |
| | | |
| | | |
| | | sh """./tests/jenkins/downstream/poll_email.py \ |
| | | --server '${imap_server}' \ |
| | | --guid ${guid} \ |
| | | --timeout 20 \ |
| | | --timeout 30 \ |
| | | --filter 'has started'""" |
| | | } |
| | | } |
| | | |
| | | stage('Wait for last email and parse SSH location') { |
| | | |
| | | stage('Wait for last email and parse OpenShift and App location') { |
| | | environment { |
| | | credentials=credentials("${imap_creds}") |
| | | } |
| | | steps { |
| | | git url: 'https://github.com/redhat-cop/agnosticd', |
| | | git url: 'https://github.com/sborenst/ansible_agnostic_deployer', |
| | | branch: 'development' |
| | | |
| | | script { |
| | |
| | | ./tests/jenkins/downstream/poll_email.py \ |
| | | --server '${imap_server}' \ |
| | | --guid ${guid} \ |
| | | --timeout 100 \ |
| | | --timeout 150 \ |
| | | --filter 'has completed' |
| | | """ |
| | | ).trim() |
| | | |
| | | try { |
| | | def m = email =~ /Openshift Master Console: (.*)/ |
| | | openshift_location = m[0][1] |
| | | echo "Openshift Master Console: ${openshift_location}" |
| | | |
| | | // m = email =~ /This cluster has authentication enabled. (.*)/ |
| | | // echo "Cluster authentication: ${m[0][1]}" |
| | | |
| | | // m = email =~ /SSH Access: (.*)/ |
| | | // ssh_location = m[0][1] |
| | | // echo "SSH Access: ${ssh_location}" |
| | | |
| | | // m = email =~ /SSH password: (.*)/ |
| | | // ssh_p = m[0][1] |
| | | // echo "SSH password: ${ssh_p}" |
| | | def m = email =~ /Openshift Master Console: (https:\/\/master\.[^ ]+)/ |
| | | openshift_location = m[0][1] |
| | | echo "openshift_location = '${openshift_location}'" |
| | | } catch(Exception ex) { |
| | | echo "Could not parse email:" |
| | | echo email |
| | |
| | | } |
| | | } |
| | | } |
| | | |
| | | // stage('SSH') { |
| | | // steps { |
| | | // withCredentials([ |
| | | // sshUserPrivateKey( |
| | | // credentialsId: ssh_creds, |
| | | // keyFileVariable: 'ssh_key', |
| | | // usernameVariable: 'ssh_username') |
| | | // ]) { |
| | | // sh "ssh -o StrictHostKeyChecking=no -i ${ssh_key} ${ssh_location} w" |
| | | // sh "ssh -o StrictHostKeyChecking=no -i ${ssh_key} ${ssh_location} oc version" |
| | | // } |
| | | // } |
| | | // } |
| | | |
| | | stage('Confirm before retiring') { |
| | | when { |
| | |
| | | } |
| | | stage('Wait for deletion email') { |
| | | steps { |
| | | git url: 'https://github.com/redhat-cop/agnosticd', |
| | | git url: 'https://github.com/sborenst/ansible_agnostic_deployer', |
| | | branch: 'development' |
| | | |
| | | withCredentials([usernameColonPassword(credentialsId: imap_creds, variable: 'credentials')]) { |
| | |
| | | export DEBUG=true |
| | | ./opentlc/delete_svc_guid.sh '${guid}' |
| | | """ |
| | | } |
| | | |
| | | /* Print ansible logs */ |
| | | withCredentials([ |
| | | string(credentialsId: ssh_admin_host, variable: 'ssh_admin'), |
| | | sshUserPrivateKey( |
| | | credentialsId: ssh_creds, |
| | | keyFileVariable: 'ssh_key', |
| | | usernameVariable: 'ssh_username') |
| | | ]) { |
| | | sh(""" |
| | | ssh -o StrictHostKeyChecking=no -i ${ssh_key} ${ssh_admin} \ |
| | | "bin/logs.sh ${guid}" || true |
| | | """.trim() |
| | | ) |
| | | } |
| | | |
| | | withCredentials([usernameColonPassword(credentialsId: imap_creds, variable: 'credentials')]) { |
| | |
| | | } |
| | | } |
| | | } |
| | | } |
| | | } |