Update test-openscap-pipeline script
Change-Id: I973d9d6e93d0ef4bdfb5917c9dcc7ec335e7ff89
Related-PROD: https://mirantis.jira.com/browse/PROD-23550
diff --git a/test-openscap-pipeline.groovy b/test-openscap-pipeline.groovy
index 9984b20..244126b 100644
--- a/test-openscap-pipeline.groovy
+++ b/test-openscap-pipeline.groovy
@@ -34,6 +34,9 @@
* @param results The scanning results
*/
def uploadResultToDashboard(apiUrl, cloudName, nodeName, results) {
+ def common = new com.mirantis.mk.Common()
+ def http = new com.mirantis.mk.Http()
+
// Yes, we do not care of performance and will create at least 4 requests per each result
def requestData = [:]
@@ -110,11 +113,12 @@
def scanUUID = UUID.randomUUID().toString()
def artifactsArchiveName = "openscap-${scanUUID}.zip"
- def resultsBaseDir = "/tmp/openscap/${scanUUID}"
- def artifactsDir = "${env.WORKSPACE}/openscap/${scanUUID}/artifacts"
+ def resultsBaseDir = "/var/log/openscap/${scanUUID}"
+ def artifactsDir = "openscap"
def liveMinions
+
stage ('Setup virtualenv for Pepper') {
python.setupPepperVirtualenv(pepperEnv, SALT_MASTER_URL, SALT_MASTER_CREDENTIALS)
}
@@ -128,6 +132,11 @@
common.infoMsg("Scan UUID: ${scanUUID}")
+ // Clean all results before proceeding with results from every minion
+ dir(artifactsDir) {
+ deleteDir()
+ }
+
for (minion in liveMinions) {
// Iterate oscap evaluation over the benchmarks
@@ -136,11 +145,19 @@
// Remove extension from the benchmark name
def benchmarkPathWithoutExtension = benchmarkFilePath.replaceFirst('[.][^.]+$', '')
+
+ // Get benchmark name
+ def benchmarkName = benchmarkPathWithoutExtension.tokenize('/')[-1]
+
// And build resultsDir based on this path
def resultsDir = "${resultsBaseDir}/${benchmarkPathWithoutExtension}"
def benchmarkFile = "${benchmarksDir}${benchmarkFilePath}"
+ def nodeShortName = minion.tokenize('.')[0]
+
+ def archiveName = "${scanUUID}_${nodeShortName}_${benchmarkName}.tar"
+
// Evaluate the benchmark
salt.runSaltProcessStep(pepperEnv, minion, 'oscap.eval', [
'xccdf', benchmarkFile, "results_dir=${resultsDir}",
@@ -148,6 +165,16 @@
"tailoring_id=${xccdfTailoringId}"
])
+ salt.cmdRun(pepperEnv, minion, "tar -cf /tmp/${archiveName} -C ${resultsBaseDir} .")
+ fileContents = salt.cmdRun(pepperEnv, minion, "cat /tmp/${archiveName}", true, null, false)['return'][0].values()[0].replaceAll('Salt command execution success', '')
+
+ sh "mkdir -p ${artifactsDir}/${scanUUID}/${nodeShortName}"
+ writeFile file: "${archiveName}", text: fileContents
+ sh "tar --strip-components 1 -xf ${archiveName} --directory ${artifactsDir}/${scanUUID}/${nodeShortName}; rm -f ${archiveName}"
+
+ // Remove archive which is not needed anymore
+ salt.runSaltProcessStep(pepperEnv, minion, 'file.remove', "/tmp/${archiveName}")
+
// Attempt to upload the scanning results to the dashboard
if (UPLOAD_TO_DASHBOARD.toBoolean()) {
if (common.validInputParam('DASHBOARD_API_URL')) {
@@ -159,6 +186,12 @@
}
}
}
+
+ // Prepare archive
+ sh "tar -cJf ${artifactsDir}.tar.xz ${artifactsDir}"
+
+ // Archive the build output artifacts
+ archiveArtifacts artifacts: "*.xz"
}
/* // Will be implemented later