| # |
| # Job to collect oscap results based on input benchmarks |
| # |
| parameters: |
| jenkins: |
| client: |
| job: |
| run-openscap-xccdf-evaluation: |
| type: workflow-scm |
| concurrent: true |
| discard: |
| build: |
| keep_num: 10 |
| artifact: |
| keep_num: 10 |
| display_name: "Run openscap xccdf evaluation on given nodes" |
| scm: |
| type: git |
| url: "${_param:jenkins_gerrit_url}/mk/mk-pipelines" |
| branch: "${_param:jenkins_pipelines_branch}" |
| credentials: "gerrit" |
| script: test-openscap-pipeline.groovy |
| param: |
| OPENSCAP_TEST_TYPE: |
| type: choice |
| description: "Type of tests to run" |
| choices: |
| - xccdf |
| - oval |
| DASHBOARD_API_URL: |
| type: string |
| default: "http://oscore-bandit.vm.mirantis.net:8090/api" |
| description: "The WORP api base url. Mandatory if UPLOAD_TO_DASHBOARD is true" |
| CLOUD_NAME: |
| type: string |
| description: "Custom name to set for the cloud in the Worp API. If not specified, cluster name from Salt minions is used." |
| SALT_MASTER_URL: |
| type: string |
| default: "" |
| SALT_MASTER_CREDENTIALS: |
| type: string |
| default: "salt-qa-credentials" |
| TARGET_SERVERS: |
| type: string |
| default: '*' |
| description: "The target Salt nodes" |
| UPLOAD_TO_DASHBOARD: |
| type: boolean |
| default: "false" |
| description: "Upload results to the WORP or not" |
| XCCDF_BENCHMARKS: |
| type: string |
| default: "cis_ubuntu_1604_server_l2/1.0.0/cis_ubuntu_1604_server_l2-xccdf.xml,default" |
| description: "List of pairs XCCDF benchmark filename and corresponding profile, format xccdf_benchmark 1, profile; xccdf_benchmark 2, profile" |
| XCCDF_BENCHMARKS_DIR: |
| type: string |
| default: "/usr/share/xccdf-benchmarks/mirantis/" |
| description: "The XCCDF benchmarks base directory" |
| XCCDF_VERSION: |
| type: string |
| default: "1.2" |
| description: "The XCCDF version" |
| XCCDF_TAILORING_ID: |
| type: string |
| default: "None" |
| description: "The tailoring id" |
| XCCDF_CPE: |
| type: string |
| default: '/usr/share/mirantis-scap-content/mirantis/cpe/openscap-cpe-dict.xml' |
| description: "CPE dictionary or language for applicability checks. (Example: /usr/share/openscap/cpe/openscap-cpe-dict.xml)" |