#!/usr/bin/env groovy @Library("product-pipelines-shared-library") _ // Automated release, promotion and dependencies properties([ // Include the automated release parameters for the build release.addParams(), // Dependencies of the project that should trigger builds dependencies([]) ]) // Performs release promotion. No other stages will be run if (params.MODE == "PROMOTE") { release.promote(params.VERSION_TO_PROMOTE) { infrapool, sourceVersion, targetVersion, assetDirectory -> infrapool.agentSh """ ls "${assetDirectory}" cp "${assetDirectory}/cyberark-conjur-${targetVersion}.tar.gz" ./cyberark-conjur-${targetVersion}.tar.gz export TAG="v${targetVersion}" summon ./ci/publish_to_galaxy """ } release.copyEnterpriseRelease(params.VERSION_TO_PROMOTE) return } pipeline { agent { label 'conjur-enterprise-common-agent' } options { timestamps() buildDiscarder(logRotator(numToKeepStr: '30')) } triggers { cron(getDailyCronString()) } environment { MODE = release.canonicalizeMode() ANSIBLE_VERSION = 'stable-2.18' PYTHON_VERSION = '3.13' } stages { stage('Scan for internal URLs') { steps { script { detectInternalUrls() } } } stage('Get InfraPool ExecutorV2 Agent') { steps { script { // Request InfraPool INFRAPOOL_EXECUTORV2_AGENTS = getInfraPoolAgent(type: "ExecutorV2", quantity: 1, duration: 1) INFRAPOOL_EXECUTORV2_AGENT_0 = INFRAPOOL_EXECUTORV2_AGENTS[0] infrapool = infraPoolConnect(INFRAPOOL_EXECUTORV2_AGENT_0, {}) } } } // Generates a VERSION file based on the current build number and latest version in CHANGELOG.md stage('Validate Changelog and set version') { steps { script { updateVersion(infrapool, "CHANGELOG.md", "${BUILD_NUMBER}") } } } stage ('Run conjur_variable unit tests') { steps { script { infrapool.agentSh './dev/test_unit.sh -r' infrapool.agentStash name: 'unit-test-report', includes: 'tests/output/reports/coverage=units/*' unstash 'unit-test-report' } publishHTML (target : [allowMissing: false, alwaysLinkToLastBuild: false, keepAll: true, reportDir: 'tests/output/reports/coverage=units/', reportFiles: 'index.html', reportName: 'Ansible Coverage Report', reportTitles: 'Conjur Ansible Collection report']) } } stage('Run conjur_variable sanity tests') { parallel { stage('conjur_variable sanity tests for Ansible core 2.16') { steps { script { infrapool.agentSh './dev/test_sanity.sh -a stable-2.16 -p 3.12' } } } stage('conjur_variable sanity tests for Ansible core 2.17') { steps { script { infrapool.agentSh './dev/test_sanity.sh -a stable-2.17 -p 3.12' } } } stage('conjur_variable sanity tests for Ansible core (2.18) - default') { steps { script { infrapool.agentSh './dev/test_sanity.sh -r' infrapool.agentStash name: 'sanity-test-report', includes: 'tests/output/reports/coverage=sanity/*' unstash 'sanity-test-report' } publishHTML (target : [allowMissing: false, alwaysLinkToLastBuild: false, keepAll: true, reportDir: 'tests/output/reports/coverage=sanity/', reportFiles: 'index.html', reportName: 'Ansible Sanity Coverage Report', reportTitles: 'Conjur Ansible Collection sanity report']) } } } } stage('Run integration tests with Conjur Open Source') { stages { stage('Ansible v10 (core 2.17) - latest') { stages { stage('Deploy Conjur') { steps { script { infrapool.agentSh './dev/start.sh -v 10 -p 3.12' } } } stage('Run tests') { parallel { stage('Testing conjur_variable lookup plugin') { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_variable' } } post { always { script { infrapool.agentStash name: 'conjur_variable', includes: 'tests/conjur_variable/junit/*' unstash 'conjur_variable' junit 'tests/conjur_variable/junit/*' } } } } stage('Testing conjur_host_identity role') { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_host_identity' } } post { always { script { infrapool.agentStash name: 'conjur_host_identity', includes: 'roles/conjur_host_identity/tests/junit/*' unstash 'conjur_host_identity' junit 'roles/conjur_host_identity/tests/junit/*' } } } } } } } } stage('Ansible v11 (core 2.18) - latest') { stages { stage('Deploy Conjur') { steps { script { infrapool.agentSh './dev/start.sh -v 11 -p 3.13' } } } stage('Run tests') { parallel { stage('Testing conjur_variable lookup plugin') { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_variable' } } post { always { script { infrapool.agentStash name: 'conjur_variable', includes: 'tests/conjur_variable/junit/*' unstash 'conjur_variable' junit 'tests/conjur_variable/junit/*' } } } } stage('Testing conjur_host_identity role') { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_host_identity' } } post { always { script { infrapool.agentStash name: 'conjur_host_identity', includes: 'roles/conjur_host_identity/tests/junit/*' unstash 'conjur_host_identity' junit 'roles/conjur_host_identity/tests/junit/*' } } } } } } } } } } stage('Run integration tests with Conjur Enterprise') { stages { stage('Deploy Conjur Enterprise') { steps { script { infrapool.agentSh './dev/start.sh -e -v 11 -p 3.12' } } } stage('Run tests') { parallel { stage("Testing conjur_variable lookup plugin") { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_variable' } } post { always { script { infrapool.agentStash name: 'conjur_variable', includes: 'tests/conjur_variable/junit/*' unstash 'conjur_variable' junit 'tests/conjur_variable/junit/*' } } } } stage("Testing conjur_host_identity role") { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_host_identity' } } post { always { script { infrapool.agentStash name: 'conjur_host_identity', includes: 'roles/conjur_host_identity/tests/junit/*' unstash 'conjur_host_identity' junit 'roles/conjur_host_identity/tests/junit/*' } } } } } } } } stage('Run Conjur Cloud tests') { stages { stage('Create a Tenant') { steps { script { TENANT = getConjurCloudTenant() } } } stage('Authenticate') { steps { script { def id_token = getConjurCloudTenant.tokens( infrapool: infrapool, identity_url: "${TENANT.identity_information.idaptive_tenant_fqdn}", username: "${TENANT.login_name}" ) def conj_token = getConjurCloudTenant.tokens( infrapool: infrapool, conjur_url: "${TENANT.conjur_cloud_url}", identity_token: "${id_token}" ) env.conj_token = conj_token } } } stage('Run tests against Tenant') { environment { INFRAPOOL_CONJUR_APPLIANCE_URL="${TENANT.conjur_cloud_url}" INFRAPOOL_CONJUR_AUTHN_LOGIN="${TENANT.login_name}" INFRAPOOL_CONJUR_AUTHN_TOKEN="${env.conj_token}" INFRAPOOL_TEST_CLOUD=true } steps { script { infrapool.agentSh "./dev/start.sh -c -v 11 -p 3.13" } } } stage('Ansible v11 (core 2.18) - latest') { stages { stage('Run tests') { parallel { stage('Testing conjur_variable lookup plugin') { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_variable' } } post { always { script { infrapool.agentStash name: 'conjur_variable', includes: 'tests/conjur_variable/junit/*' unstash 'conjur_variable' junit 'tests/conjur_variable/junit/*' } } } } stage('Testing conjur_host_identity role') { steps { script { infrapool.agentSh './ci/test.sh -d -t conjur_host_identity' } } post { always { script { infrapool.agentStash name: 'conjur_host_identity', includes: 'roles/conjur_host_identity/tests/junit/*' unstash 'conjur_host_identity' junit 'roles/conjur_host_identity/tests/junit/*' } } } } } } } } } } stage('Build artifacts') { steps { script { infrapool.agentSh './ci/build_release' } } } stage('Release') { when { expression { MODE == "RELEASE" } } steps { script { release(infrapool) { billOfMaterialsDirectory, assetDirectory, toolsDirectory -> // Publish release artifacts to all the appropriate locations // Copy any artifacts to assetDirectory to attach them to the Github release infrapool.agentSh "cp cyberark-conjur-*.tar.gz ${assetDirectory}" } } } } } post { always { script { deleteConjurCloudTenant("${TENANT.id}") } releaseInfraPoolAgent(".infrapool/release_agents") } } }