Merge "Add force option for vcp promote"
diff --git a/docker-mirror-images.groovy b/docker-mirror-images.groovy
index d88c9d1..92fea8e 100644
--- a/docker-mirror-images.groovy
+++ b/docker-mirror-images.groovy
@@ -64,7 +64,9 @@
// https://github.com/jenkinsci/docker-workflow-plugin/blob/docker-workflow-1.17/src/main/resources/org/jenkinsci/plugins/docker/workflow/Docker.groovy#L168-L170
sh("docker tag ${srcImage.id} ${targetImageFull}")
common.infoMsg("Attempt to push docker image into remote registry: ${env.REGISTRY_URL}")
- sh("docker push ${targetImageFull}")
+ docker.withRegistry(env.REGISTRY_URL, env.TARGET_REGISTRY_CREDENTIALS_ID) {
+ sh("docker push ${targetImageFull}")
+ }
if (targetImageFull.contains(externalMarker)) {
external = true
}
diff --git a/release-mcp-version.groovy b/release-mcp-version.groovy
index f51696d..470f338 100644
--- a/release-mcp-version.groovy
+++ b/release-mcp-version.groovy
@@ -46,7 +46,7 @@
[$class: 'StringParameterValue', name: 'TARGET_REGISTRY_CREDENTIALS_ID', value: dockerCredentials],
[$class: 'StringParameterValue', name: 'REGISTRY_URL', value: dockerRegistryUrl],
[$class: 'StringParameterValue', name: 'IMAGE_TAG', value: targetTag],
- [$class: 'StringParameterValue', name: 'IMAGE_LIST', value: imageList],
+ [$class: 'TextParameterValue', name: 'IMAGE_LIST', value: imageList],
[$class: 'StringParameterValue', name: 'SOURCE_IMAGE_TAG', value: sourceImageTag],
]
}
@@ -67,7 +67,7 @@
def triggerGitTagJob(gitRepoList, gitCredentials, tag, sourceTag) {
build job: "tag-git-repos-all", parameters: [
- [$class: 'StringParameterValue', name: 'GIT_REPO_LIST', value: gitRepoList],
+ [$class: 'TextParameterValue', name: 'GIT_REPO_LIST', value: gitRepoList],
[$class: 'StringParameterValue', name: 'GIT_CREDENTIALS', value: gitCredentials],
[$class: 'StringParameterValue', name: 'TAG', value: tag],
[$class: 'StringParameterValue', name: 'SOURCE_TAG', value: sourceTag],
@@ -76,7 +76,7 @@
def triggerPromoteVCPJob(VcpImageList, tag, sourceTag) {
build job: "promote-vcp-images-all", parameters: [
- [$class: 'StringParameterValue', name: 'VCP_IMAGE_LIST', value: VcpImageList],
+ [$class: 'TextParameterValue', name: 'VCP_IMAGE_LIST', value: VcpImageList],
[$class: 'StringParameterValue', name: 'TAG', value: tag],
[$class: 'StringParameterValue', name: 'SOURCE_TAG', value: sourceTag],
[$class: 'BooleanParameterValue', name: 'FORCE_OVERWRITE', value: true],
diff --git a/test-openscap-pipeline.groovy b/test-openscap-pipeline.groovy
index 9984b20..244126b 100644
--- a/test-openscap-pipeline.groovy
+++ b/test-openscap-pipeline.groovy
@@ -34,6 +34,9 @@
* @param results The scanning results
*/
def uploadResultToDashboard(apiUrl, cloudName, nodeName, results) {
+ def common = new com.mirantis.mk.Common()
+ def http = new com.mirantis.mk.Http()
+
// Yes, we do not care of performance and will create at least 4 requests per each result
def requestData = [:]
@@ -110,11 +113,12 @@
def scanUUID = UUID.randomUUID().toString()
def artifactsArchiveName = "openscap-${scanUUID}.zip"
- def resultsBaseDir = "/tmp/openscap/${scanUUID}"
- def artifactsDir = "${env.WORKSPACE}/openscap/${scanUUID}/artifacts"
+ def resultsBaseDir = "/var/log/openscap/${scanUUID}"
+ def artifactsDir = "openscap"
def liveMinions
+
stage ('Setup virtualenv for Pepper') {
python.setupPepperVirtualenv(pepperEnv, SALT_MASTER_URL, SALT_MASTER_CREDENTIALS)
}
@@ -128,6 +132,11 @@
common.infoMsg("Scan UUID: ${scanUUID}")
+ // Clean all results before proceeding with results from every minion
+ dir(artifactsDir) {
+ deleteDir()
+ }
+
for (minion in liveMinions) {
// Iterate oscap evaluation over the benchmarks
@@ -136,11 +145,19 @@
// Remove extension from the benchmark name
def benchmarkPathWithoutExtension = benchmarkFilePath.replaceFirst('[.][^.]+$', '')
+
+ // Get benchmark name
+ def benchmarkName = benchmarkPathWithoutExtension.tokenize('/')[-1]
+
// And build resultsDir based on this path
def resultsDir = "${resultsBaseDir}/${benchmarkPathWithoutExtension}"
def benchmarkFile = "${benchmarksDir}${benchmarkFilePath}"
+ def nodeShortName = minion.tokenize('.')[0]
+
+ def archiveName = "${scanUUID}_${nodeShortName}_${benchmarkName}.tar"
+
// Evaluate the benchmark
salt.runSaltProcessStep(pepperEnv, minion, 'oscap.eval', [
'xccdf', benchmarkFile, "results_dir=${resultsDir}",
@@ -148,6 +165,16 @@
"tailoring_id=${xccdfTailoringId}"
])
+ salt.cmdRun(pepperEnv, minion, "tar -cf /tmp/${archiveName} -C ${resultsBaseDir} .")
+ fileContents = salt.cmdRun(pepperEnv, minion, "cat /tmp/${archiveName}", true, null, false)['return'][0].values()[0].replaceAll('Salt command execution success', '')
+
+ sh "mkdir -p ${artifactsDir}/${scanUUID}/${nodeShortName}"
+ writeFile file: "${archiveName}", text: fileContents
+ sh "tar --strip-components 1 -xf ${archiveName} --directory ${artifactsDir}/${scanUUID}/${nodeShortName}; rm -f ${archiveName}"
+
+ // Remove archive which is not needed anymore
+ salt.runSaltProcessStep(pepperEnv, minion, 'file.remove', "/tmp/${archiveName}")
+
// Attempt to upload the scanning results to the dashboard
if (UPLOAD_TO_DASHBOARD.toBoolean()) {
if (common.validInputParam('DASHBOARD_API_URL')) {
@@ -159,6 +186,12 @@
}
}
}
+
+ // Prepare archive
+ sh "tar -cJf ${artifactsDir}.tar.xz ${artifactsDir}"
+
+ // Archive the build output artifacts
+ archiveArtifacts artifacts: "*.xz"
}
/* // Will be implemented later