From ce659b9c05ea29946c5a4091fa0161842bca6009 Mon Sep 17 00:00:00 2001 From: The_Spider Date: Sat, 23 May 2020 06:27:58 -0500 Subject: [PATCH] adds certificate monitor. --- build-certificate-monitor.jenkins | 119 ++++++++++++++++++++++++++++++ 1 file changed, 119 insertions(+) create mode 100644 build-certificate-monitor.jenkins diff --git a/build-certificate-monitor.jenkins b/build-certificate-monitor.jenkins new file mode 100644 index 0000000..cfd56e0 --- /dev/null +++ b/build-certificate-monitor.jenkins @@ -0,0 +1,119 @@ +def label = "${UUID.randomUUID().toString()}" +def sonarScannerConfig = """ +sonar.projectKey=${env.JOB_BASE_NAME} +sonar.host.url=https://sonar.cluster.test-chamber-13.lan + +sonar.sources=. +sonar.exclusions=**/*_test.go,**/vendor/**,**/testdata/* + +sonar.tests=. +sonar.test.inclusions=**/*_test.go +sonar.test.exclusions=**/vendor/** +sonar.go.coverage.reportPaths=cover.out +""" +def dockerfile = """ +FROM golang:alpine AS BUILDER +RUN apk --no-cache add git +WORKDIR /go/src/app +COPY . . +RUN go get -d -v ./... && \\ + go install -v ./... && \\ + go build -ldflags="-s -w" -o app ./ + +FROM alpine:latest +RUN addgroup -S -g 1000 app && \\ + adduser -S app -G app -h /app -u 1000 && \\ + printf '%s\\n' \\ + "-----BEGIN CERTIFICATE-----" \\ + "MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\ + "JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\ + "DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\ + "TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\ + "ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\ + "ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\ + "XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\ + "Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\ + "BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\ + "HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\ + "xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\ + "UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\ + "-----END CERTIFICATE-----" > /usr/local/share/ca-certificates/test-chamber-13.lan.crt && \\ + update-ca-certificates + +USER app + +WORKDIR /app + +COPY --from=BUILDER /go/src/app/app /app/ + +ENTRYPOINT ./app +""" + +podTemplate( + label: label, + name: "sonarscanner", + yaml: """--- +apiVersion: v1 +kind: Pod +spec: + containers: + - name: golang + image: docker.io/golang:latest + tty: true + command: + - cat + - name: sonarscanner + imagePullPolicy: Always + image: registry.test-chamber-13.lan:5000/sonarscanner:latest + tty: true + command: + - cat + - name: kaniko + imagePullPolicy: Always + image: gcr.io/kaniko-project/executor:debug + tty: true + command: + - /busybox/cat +""", +) { + node (label) { + def workspace = pwd() + stage('Clone Repository') { + git url: 'ssh://git@gitlab.smoothnet.org:31822/The_Spider/certificate-monitor.git', + credentialsId: 'sonarqube-read-access', + branch: 'master' + } + stage('Prepare SonarScanner') { + writeFile file: 'sonar-project.properties', text: sonarScannerConfig + } + container('golang') { + stage('Run Tests') { + sh """ + go get -u github.com/jstemmer/go-junit-report + ln -s "${workspace}" "/go/src/${env.JOB_BASE_NAME}" + cd "/go/src/${env.JOB_BASE_NAME}" + go get -d -v ./... + go install -v ./... + go test -short -coverprofile=cover.out `go list ./... | grep -v vendor/` + go test -v 2>&1 | go-junit-report > report.xml + """ + } + } + container('sonarscanner') { + stage('SonarQube Analysis') { + withSonarQubeEnv('SonarQube') { + sh "sonar-scanner --define sonar.host.url=https://sonar.cluster.test-chamber-13.lan" + } + } + } + container('kaniko') { + stage('Build COntainer') { + writeFile file: workspace + '/Dockerfile', text: dockerfile + sh '/kaniko/executor --insecure --skip-tls-verify --context "' + workspace + '" -f "' + workspace + '/Dockerfile" --destination registry.test-chamber-13.lan:5000/certificate-monitor:latest' + } + } + stage('Submit Testing Report to Jenkins') + junit 'report.xml' + } + } +} \ No newline at end of file