From d5d699d642c798d519e94063616127a06bf3d56c Mon Sep 17 00:00:00 2001 From: Curtis Yanko Date: Thu, 27 Apr 2017 20:08:44 -0400 Subject: [PATCH 01/75] first crack at blue ocean and a jenkinsfile --- Jenkinsfile | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 Jenkinsfile diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000000..f544c54d28 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,18 @@ +pipeline { + agent any + stages { + stage('Prepare') { + steps { + git(url: 'https://github.com/CMYanko/WebGoat.git', branch: 'develop') + tool 'M3' + tool 'JDK8' + } + } + stage('Build') { + steps { + isUnix() + sh '${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./webgoat/pom.xml clean install -U' + } + } + } +} \ No newline at end of file From d56e0c662df256077b623b6309fb639f33ba4d38 Mon Sep 17 00:00:00 2001 From: Curtis Yanko Date: Thu, 27 Apr 2017 20:14:21 -0400 Subject: [PATCH 02/75] Adding quotes to shell script step --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index f544c54d28..f5728f8333 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -11,7 +11,7 @@ pipeline { stage('Build') { steps { isUnix() - sh '${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./webgoat/pom.xml clean install -U' + sh '"\'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./webgoat/pom.xml clean install -U"' } } } From 6315cfcf1731d8f033eb619e12c68265f6bece5a Mon Sep 17 00:00:00 2001 From: Curtis Yanko Date: Thu, 27 Apr 2017 20:15:24 -0400 Subject: [PATCH 03/75] Fixed path to POM --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index f5728f8333..0a1d9be7b4 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -11,7 +11,7 @@ pipeline { stage('Build') { steps { isUnix() - sh '"\'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./webgoat/pom.xml clean install -U"' + sh '"\'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./pom.xml clean install -U"' } } } From f39ef2dfca290fb013fb41ad702a9642213e573e Mon Sep 17 00:00:00 2001 From: Curtis Yanko Date: Thu, 27 Apr 2017 20:43:16 -0400 Subject: [PATCH 04/75] trying to get mavenhome set --- Jenkinsfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 0a1d9be7b4..8c39d3b347 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -4,14 +4,13 @@ pipeline { stage('Prepare') { steps { git(url: 'https://github.com/CMYanko/WebGoat.git', branch: 'develop') - tool 'M3' - tool 'JDK8' } } stage('Build') { steps { + tool 'M3' isUnix() - sh '"\'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./pom.xml clean install -U"' + sh '\'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./pom.xml clean package -U' } } } From ee79404d608ab31429a187276e2e96a90ac41df7 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Thu, 27 Apr 2017 21:29:27 -0400 Subject: [PATCH 05/75] direct editing as Blue Ocean is cutting it just trying to get a maven build to kick off --- Jenkinsfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 8c39d3b347..51d19e56b0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,5 +1,9 @@ pipeline { agent any + def mvnHome + env.JAVA_HOME="{tool'JDK8'}" + env.PATH="${env.JAVA_HOME}/bin:${env.PATH}" + stages { stage('Prepare') { steps { @@ -8,9 +12,9 @@ pipeline { } stage('Build') { steps { - tool 'M3' + mvnHome = tool 'M3' isUnix() - sh '\'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./pom.xml clean package -U' + sh "'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./pom.xml clean package -U" } } } From 27868d8bd5d6eaa86c1a7aea96a313aabd83246d Mon Sep 17 00:00:00 2001 From: CMYanko Date: Thu, 27 Apr 2017 21:40:20 -0400 Subject: [PATCH 06/75] trying to fix syntax --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 51d19e56b0..3eea3293d9 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -14,7 +14,7 @@ pipeline { steps { mvnHome = tool 'M3' isUnix() - sh "'${mvnHome}/bin/mvn\' -Dmaven.test.failure.ignore -f ./pom.xml clean package -U" + sh "'${mvnHome}/bin/mvn' -Dmaven.test.failure.ignore -f ./pom.xml clean package -U" } } } From 4294ede96e72dfe0b4530be4cc9b73c1325197b4 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 10:58:44 -0400 Subject: [PATCH 07/75] Jenkinsfile example that is just boilerplate --- Jenkinsfile | 27 ++++++++------------------- 1 file changed, 8 insertions(+), 19 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3eea3293d9..bb4b5e83df 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,21 +1,10 @@ -pipeline { - agent any - def mvnHome - env.JAVA_HOME="{tool'JDK8'}" - env.PATH="${env.JAVA_HOME}/bin:${env.PATH}" - - stages { - stage('Prepare') { - steps { - git(url: 'https://github.com/CMYanko/WebGoat.git', branch: 'develop') - } +pipeline { + agent any + stages { + stage('Build') { + steps { + echo 'This is a minimal pipeline.' + } + } } - stage('Build') { - steps { - mvnHome = tool 'M3' - isUnix() - sh "'${mvnHome}/bin/mvn' -Dmaven.test.failure.ignore -f ./pom.xml clean package -U" - } - } - } } \ No newline at end of file From 10573e5ea7a756fadfa0c27d672278a88be96f44 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 11:14:48 -0400 Subject: [PATCH 08/75] adding 'tools' and test to see if they are configure properly --- Jenkinsfile | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index bb4b5e83df..7303cb9072 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,5 +1,18 @@ pipeline { - agent any + agent any + tools { + maven 'M3' + jdk 'jdk8' + } + stages { + stage ('Initialize') { + steps { + sh ''' + echo "PATH = ${PATH}" + echo "M2_HOME = ${M2_HOME}" + ''' + } + } stages { stage('Build') { steps { From 9dd253e8d2e0db7a2dfcf502c78e951ba7ab008a Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 11:19:37 -0400 Subject: [PATCH 09/75] copy-paste error, removed extra 'stages' --- Jenkinsfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 7303cb9072..502254da13 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -13,7 +13,6 @@ pipeline { ''' } } - stages { stage('Build') { steps { echo 'This is a minimal pipeline.' From ff62cb3f5e334e74e7f85914f44783cbf1b32f05 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 13:22:32 -0400 Subject: [PATCH 10/75] Adding mvn clean install --- Jenkinsfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 502254da13..ae8c4f2e0c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -14,8 +14,13 @@ pipeline { } } stage('Build') { - steps { - echo 'This is a minimal pipeline.' + steps { + sh 'mvn -Dmaven.test.failure.ignore=true clean install' + } + post { + success { + junit 'target/surefire-reports/**/*.xml' + } } } } From 956cb438e56aeb834d22c9cd221eeb61dbc34d19 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 13:29:38 -0400 Subject: [PATCH 11/75] Adding -B to suppress download progress --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index ae8c4f2e0c..e58d4b9f04 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -15,7 +15,7 @@ pipeline { } stage('Build') { steps { - sh 'mvn -Dmaven.test.failure.ignore=true clean install' + sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' } post { success { From 542269c1dbb822cac306a9d63cab660c7bf91fc5 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 13:50:00 -0400 Subject: [PATCH 12/75] Changed initialize stage to pre-build and run and effective pom --- Jenkinsfile | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index e58d4b9f04..3fb8c6e042 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,23 +5,26 @@ pipeline { jdk 'jdk8' } stages { - stage ('Initialize') { + stage ('Pre-Build') { steps { sh ''' echo "PATH = ${PATH}" echo "M2_HOME = ${M2_HOME}" ''' } + steps { + // Run the maven build + if (isUnix()) { + sh 'mvn -B help:effective-pom' + } else { + bat(/"${mvnHome}\bin\mvn" -B help:effective-pom/) + } + } } stage('Build') { steps { sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' } - post { - success { - junit 'target/surefire-reports/**/*.xml' - } - } } } } \ No newline at end of file From 80776a6bfa41fc648cffefe04a93741174a23604 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 13:51:49 -0400 Subject: [PATCH 13/75] Consisten use tool invocation --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3fb8c6e042..800ccf4268 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -15,7 +15,7 @@ pipeline { steps { // Run the maven build if (isUnix()) { - sh 'mvn -B help:effective-pom' + sh "'${mvnHome}/bin/mvn' -B help:effective-pom" } else { bat(/"${mvnHome}\bin\mvn" -B help:effective-pom/) } From 9bfe0d4fda2338aa795cf0bfae81510f17899afb Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 13:54:14 -0400 Subject: [PATCH 14/75] updated build invocation to be platform independent --- Jenkinsfile | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 800ccf4268..69565fd52c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -13,7 +13,7 @@ pipeline { ''' } steps { - // Run the maven build + // Run the maven effective pom if (isUnix()) { sh "'${mvnHome}/bin/mvn' -B help:effective-pom" } else { @@ -23,7 +23,13 @@ pipeline { } stage('Build') { steps { - sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' + sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' + // Run the maven effective pom + if (isUnix()) { + sh "'${mvnHome}/bin/mvn' -B -Dmaven.test.failure.ignore=true clean install" + } else { + bat(/"${mvnHome}\bin\mvn" -B -Dmaven.test.failure.ignore=true clean install/) + } } } } From 4ee321ca857de3a9bdc622decbc08f6b554e3289 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 13:56:18 -0400 Subject: [PATCH 15/75] Adding stage for IQ scan --- Jenkinsfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 69565fd52c..5e1532012a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -32,5 +32,8 @@ pipeline { } } } + stage('IQ Scan - Build') { + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' + } } } \ No newline at end of file From 7ef54949ae58fda171726570663f331db5069104 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 14:09:31 -0400 Subject: [PATCH 16/75] fixing syntax around steps section of pre-build --- Jenkinsfile | 3 --- 1 file changed, 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 5e1532012a..e186eef967 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -11,8 +11,6 @@ pipeline { echo "PATH = ${PATH}" echo "M2_HOME = ${M2_HOME}" ''' - } - steps { // Run the maven effective pom if (isUnix()) { sh "'${mvnHome}/bin/mvn' -B help:effective-pom" @@ -23,7 +21,6 @@ pipeline { } stage('Build') { steps { - sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' // Run the maven effective pom if (isUnix()) { sh "'${mvnHome}/bin/mvn' -B -Dmaven.test.failure.ignore=true clean install" From bd070d45355a5414aebe7b4c8ab29d44466b3301 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:01:18 -0400 Subject: [PATCH 17/75] Revert "Adding stage for IQ scan" This reverts commit 4ee321ca857de3a9bdc622decbc08f6b554e3289. --- Jenkinsfile | 3 --- 1 file changed, 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index e186eef967..2530d5d257 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -29,8 +29,5 @@ pipeline { } } } - stage('IQ Scan - Build') { - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' - } } } \ No newline at end of file From b299da1cd9f89de1fc4fc1c6f1dc9c05584e0b1f Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:09:21 -0400 Subject: [PATCH 18/75] reverting to prior to breaking syntaxt --- Jenkinsfile | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 2530d5d257..e58d4b9f04 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,28 +5,22 @@ pipeline { jdk 'jdk8' } stages { - stage ('Pre-Build') { + stage ('Initialize') { steps { sh ''' echo "PATH = ${PATH}" echo "M2_HOME = ${M2_HOME}" ''' - // Run the maven effective pom - if (isUnix()) { - sh "'${mvnHome}/bin/mvn' -B help:effective-pom" - } else { - bat(/"${mvnHome}\bin\mvn" -B help:effective-pom/) - } } } stage('Build') { steps { - // Run the maven effective pom - if (isUnix()) { - sh "'${mvnHome}/bin/mvn' -B -Dmaven.test.failure.ignore=true clean install" - } else { - bat(/"${mvnHome}\bin\mvn" -B -Dmaven.test.failure.ignore=true clean install/) - } + sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' + } + post { + success { + junit 'target/surefire-reports/**/*.xml' + } } } } From f54ea950fcc60e60083fd9bbe104f3ff27622f0f Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:09:46 -0400 Subject: [PATCH 19/75] Renaming stage --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index e58d4b9f04..63f7fc3c2d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,7 +5,7 @@ pipeline { jdk 'jdk8' } stages { - stage ('Initialize') { + stage ('Pre-Build') { steps { sh ''' echo "PATH = ${PATH}" From f913aa77e90412b66735eb1f88df1e8d4867b36b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:15:56 -0400 Subject: [PATCH 20/75] tryng to get test from multi-module build --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 63f7fc3c2d..b061c80991 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } post { success { - junit 'target/surefire-reports/**/*.xml' + junit '**/target/surefire-reports/**/*.xml' } } } From bb848104bb1c16f67ccaac788843e291b90ce9aa Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:22:58 -0400 Subject: [PATCH 21/75] Adding IQ scan --- Jenkinsfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index b061c80991..423d383dd0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -23,5 +23,8 @@ pipeline { } } } + stage('IQ Scan - Build') { + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' + } } } \ No newline at end of file From 88a2dfed8452498b6eaf3547322b0ed0f200a651 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:29:32 -0400 Subject: [PATCH 22/75] fixed syntax, needed a 'steps' block --- Jenkinsfile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 423d383dd0..6483d39cac 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -24,7 +24,9 @@ pipeline { } } stage('IQ Scan - Build') { - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' + steps{ + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' + } } } } \ No newline at end of file From 613f52a30705867e936839e855987f283f4dca50 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:34:46 -0400 Subject: [PATCH 23/75] cleaned up tabs --- Jenkinsfile | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 6483d39cac..e8f734fbee 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -13,17 +13,17 @@ pipeline { ''' } } - stage('Build') { - steps { - sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' - } - post { - success { - junit '**/target/surefire-reports/**/*.xml' - } + stage('Build') { + steps { + sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' + } + post { + success { + junit '**/target/surefire-reports/**/*.xml' } } - stage('IQ Scan - Build') { + } + stage('IQ Scan - Build') { steps{ nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' } From e519ab6b0a6d02b86ddea728aea403566827fc58 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:40:00 -0400 Subject: [PATCH 24/75] added iqScanPatterns --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index e8f734fbee..571c77b7e0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,7 +25,7 @@ pipeline { } stage('IQ Scan - Build') { steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', jobCredentialsId: '' + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: '**/*.jar, **/*.war, **/*.ear, **/*.zip, **/*.tar.gz', jobCredentialsId: '' } } } From 7e74a6bd170349dd42899cf4001ecb9930ddc55f Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 15:44:38 -0400 Subject: [PATCH 25/75] trying to fix scan pattern syntax --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 571c77b7e0..a07ae78a6d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,7 +25,7 @@ pipeline { } stage('IQ Scan - Build') { steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: '**/*.jar, **/*.war, **/*.ear, **/*.zip, **/*.tar.gz', jobCredentialsId: '' + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPatter: '**/*.jar, **/*.war, **/*.ear, **/*.zip, **/*.tar.gz']], jobCredentialsId: '' } } } From 5fd499769501c26701234426c2cfe7d4ec28e459 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 16:19:44 -0400 Subject: [PATCH 26/75] adding job credentials --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index a07ae78a6d..ca5563711d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,7 +25,7 @@ pipeline { } stage('IQ Scan - Build') { steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPatter: '**/*.jar, **/*.war, **/*.ear, **/*.zip, **/*.tar.gz']], jobCredentialsId: '' + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPatter: '**/*.jar, **/*.war, **/*.ear, **/*.zip, **/*.tar.gz']], jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' } } } From 2c27e16c423386cad765acfcabe223f8a5d994c8 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 16:24:51 -0400 Subject: [PATCH 27/75] changing to always post test, not just success --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index ca5563711d..2a9f09ec2d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -18,7 +18,7 @@ pipeline { sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' } post { - success { + always { junit '**/target/surefire-reports/**/*.xml' } } From f35802c47b07f1b27e9bb5498f4b8dd8da310aed Mon Sep 17 00:00:00 2001 From: CMYanko Date: Mon, 28 Aug 2017 17:01:07 -0400 Subject: [PATCH 28/75] testing how the pipeline reacts to nuetering the scanpatter --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 2a9f09ec2d..64f90b8749 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,7 +25,7 @@ pipeline { } stage('IQ Scan - Build') { steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPatter: '**/*.jar, **/*.war, **/*.ear, **/*.zip, **/*.tar.gz']], jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPattern: '']], jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' } } } From 522a6b9a140aee15f9e8df33f5ad166684cdf74b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 20:23:16 -0400 Subject: [PATCH 29/75] cleaned up formatting for readability --- Jenkinsfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 64f90b8749..bf9205257a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -25,7 +25,11 @@ pipeline { } stage('IQ Scan - Build') { steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPattern: '']], jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + nexusPolicyEvaluation failBuildOnNetworkError: false, + iqApplication: 'webgoat8', + iqStage: 'build', + iqScanPatterns: [[scanPattern: '']], + jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' } } } From bf2d130e96210d0e4f81fdb5daca4701454828ed Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 20:35:47 -0400 Subject: [PATCH 30/75] adding container creation --- Jenkinsfile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index bf9205257a..7b6a990548 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -33,4 +33,12 @@ pipeline { } } } + stage('Build Container'){ + steps { + sh ''' + cd webgoat server + mvn docker:build + ''' + } + } } \ No newline at end of file From 65f9e63273fe51ff85a2217cdd5d85f73c12f7e5 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 20:43:06 -0400 Subject: [PATCH 31/75] fixing syntax error, moved bracket --- Jenkinsfile | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 7b6a990548..3adea9100c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -13,17 +13,17 @@ pipeline { ''' } } - stage('Build') { - steps { - sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' - } - post { - always { - junit '**/target/surefire-reports/**/*.xml' + stage('Build') { + steps { + sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' + } + post { + always { + junit '**/target/surefire-reports/**/*.xml' + } } } - } - stage('IQ Scan - Build') { + stage('IQ Scan - Build') { steps{ nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', @@ -32,13 +32,13 @@ pipeline { jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' } } - } - stage('Build Container'){ - steps { - sh ''' - cd webgoat server - mvn docker:build - ''' + stage('Build Container') { + steps { + sh ''' + cd webgoat server + mvn docker:build + ''' + } } } } \ No newline at end of file From a84790f023b7f25d9786c3164e9928a645dc19c6 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 20:48:10 -0400 Subject: [PATCH 32/75] fixed directory name for webgaot-server to build container --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3adea9100c..d5529e98e5 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -35,7 +35,7 @@ pipeline { stage('Build Container') { steps { sh ''' - cd webgoat server + cd webgoat-server mvn docker:build ''' } From 0640ff6fda56d78b2007e38522c323b7f4ca0ee5 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 21:09:00 -0400 Subject: [PATCH 33/75] removed 'clean' from maven build to keep it fast. --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index d5529e98e5..1b7d89b47a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -15,7 +15,7 @@ pipeline { } stage('Build') { steps { - sh 'mvn -B -Dmaven.test.failure.ignore=true clean install' + sh 'mvn -B -Dmaven.test.failure.ignore=true install' } post { always { @@ -36,7 +36,7 @@ pipeline { steps { sh ''' cd webgoat-server - mvn docker:build + mvn -B docker:build ''' } } From 9d1b3209a51bc17b5c33dbf51d4ac6f3cd1ab50f Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 21:58:37 -0400 Subject: [PATCH 34/75] now taging and pushing to nexus --- Jenkinsfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 1b7d89b47a..1671678939 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -37,6 +37,8 @@ pipeline { sh ''' cd webgoat-server mvn -B docker:build + docker tag webgoat/webgoat-8.0 webgoat/webgoat-8.0:8.0 + docker push mycompany.com:18444/webgoat/webgoat-8.0 ''' } } From 28ee1581f2c0ac6d6b841634d88cbfa4d0a21a71 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:03:03 -0400 Subject: [PATCH 35/75] didnt tag right to push to nexus --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 1671678939..bf4a84f675 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -37,7 +37,7 @@ pipeline { sh ''' cd webgoat-server mvn -B docker:build - docker tag webgoat/webgoat-8.0 webgoat/webgoat-8.0:8.0 + docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 docker push mycompany.com:18444/webgoat/webgoat-8.0 ''' } From 3a6a762f48305a9c29c8d37dff42b4d50da76602 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:31:03 -0400 Subject: [PATCH 36/75] now adding save to tar and scan with IQ --- Jenkinsfile | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index bf4a84f675..e8b3fd73a7 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -31,6 +31,7 @@ pipeline { iqScanPatterns: [[scanPattern: '']], jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' } + } stage('Build Container') { steps { @@ -42,5 +43,17 @@ pipeline { ''' } } + stage('Scan Container') { + steps{ + sh 'docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar' + } + steps{ + nexusPolicyEvaluation failBuildOnNetworkError: false, + iqApplication: 'webgoat8', + iqStage: 'release', + iqScanPatterns: [[scanPattern: '*.tar']], + jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + } + } } } \ No newline at end of file From c891568ec3ad1d7c839996729545bd9f2f56dcc8 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:38:08 -0400 Subject: [PATCH 37/75] still learning the syntrax since I can't get blue ocean to do the editing. looking for 2 steps in one stage --- Jenkinsfile | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index e8b3fd73a7..beb6a29a9c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -45,15 +45,17 @@ pipeline { } stage('Scan Container') { steps{ - sh 'docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar' - } - steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, - iqApplication: 'webgoat8', - iqStage: 'release', - iqScanPatterns: [[scanPattern: '*.tar']], - jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' - } + step{ + sh 'docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar' + } + step{ + nexusPolicyEvaluation failBuildOnNetworkError: false, + iqApplication: 'webgoat8', + iqStage: 'release', + iqScanPatterns: [[scanPattern: '*.tar']], + jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + } + } } } } \ No newline at end of file From c6504cb4baba09a8d6cd88c30e410284311a064e Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:43:17 -0400 Subject: [PATCH 38/75] ok, so multiple steps in a stage aren't working, rolling back and trying to put multiple commands in a step --- Jenkinsfile | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index beb6a29a9c..366a8e4d4c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -45,16 +45,13 @@ pipeline { } stage('Scan Container') { steps{ - step{ - sh 'docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar' - } - step{ - nexusPolicyEvaluation failBuildOnNetworkError: false, - iqApplication: 'webgoat8', - iqStage: 'release', - iqScanPatterns: [[scanPattern: '*.tar']], - jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' - } + sh 'docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar' + + nexusPolicyEvaluation failBuildOnNetworkError: false, + iqApplication: 'webgoat8', + iqStage: 'release', + iqScanPatterns: [[scanPattern: '*.tar']], + jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' } } } From 901ffa1fac80b80d1a9fb9f4663fe405c471c9f5 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:47:56 -0400 Subject: [PATCH 39/75] trying double quaotes --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 366a8e4d4c..cb8c33e9cd 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -45,7 +45,7 @@ pipeline { } stage('Scan Container') { steps{ - sh 'docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar' + sh "docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', From 5d426200872ea5ec1db4552f41e11e285f76898f Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:52:54 -0400 Subject: [PATCH 40/75] either i pull my image or use the one already lying around, lets be lazy and use the already lying around one. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index cb8c33e9cd..8b50cd7885 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -45,7 +45,7 @@ pipeline { } stage('Scan Container') { steps{ - sh "docker save mycompany.com:18444/webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" + sh "docker save webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', From 98e0240cf1695d4010b9002632e89bf45571715b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 6 Sep 2017 22:58:06 -0400 Subject: [PATCH 41/75] dumb guy here, see typo in container name so fixing and trying to save my private image again. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 8b50cd7885..e4000f986c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -45,7 +45,7 @@ pipeline { } stage('Scan Container') { steps{ - sh "docker save webgoat/wegoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" + sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', From 877204b9042678b410f863717f7637a146b8e598 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Thu, 7 Sep 2017 00:18:17 -0400 Subject: [PATCH 42/75] consolidating some stages --- Jenkinsfile | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index e4000f986c..9a667a1c0f 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -5,18 +5,14 @@ pipeline { jdk 'jdk8' } stages { - stage ('Pre-Build') { + stage ('Build') { steps { sh ''' echo "PATH = ${PATH}" echo "M2_HOME = ${M2_HOME}" + mvn -B -Dmaven.test.failure.ignore=true install ''' } - } - stage('Build') { - steps { - sh 'mvn -B -Dmaven.test.failure.ignore=true install' - } post { always { junit '**/target/surefire-reports/**/*.xml' From ee16e66d3c3d8b19829cb2b98abd2e25c26ff014 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 8 Sep 2017 11:12:20 -0400 Subject: [PATCH 43/75] Adding OWASP dep chack as a parallel scan. --- Jenkinsfile | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 9a667a1c0f..d05786c16e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -21,11 +21,27 @@ pipeline { } stage('IQ Scan - Build') { steps{ - nexusPolicyEvaluation failBuildOnNetworkError: false, - iqApplication: 'webgoat8', - iqStage: 'build', - iqScanPatterns: [[scanPattern: '']], - jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + parallel(IQ: { + nexusPolicyEvaluation failBuildOnNetworkError: false, + iqApplication: 'webgoat8', + iqStage: 'build', + iqScanPatterns: [[scanPattern: '']], + jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + }, + OWASP: { + dependencyCheckAnalyzer datadir: '', hintsFile: '', + includeCsvReports: false, + includeHtmlReports: false, + includeJsonReports: false, + isAutoupdateDisabled: false, + outdir: '', + scanpath: '', + skipOnScmChange: false, + skipOnUpstreamChange: false, + suppressionFile: '', + zipExtensions: '' + }) + } } } From 97118b0781e489fb0865d52de706c7e2bd8726ca Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 8 Sep 2017 11:27:19 -0400 Subject: [PATCH 44/75] Had an extra bracket --- Jenkinsfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index d05786c16e..1e9bfa7fbd 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -41,7 +41,6 @@ pipeline { suppressionFile: '', zipExtensions: '' }) - } } } From 4c8174f9a21a72826deb31dfc78156d52aa42272 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 8 Sep 2017 11:45:46 -0400 Subject: [PATCH 45/75] Trying to add the OWASP report publishing --- Jenkinsfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 1e9bfa7fbd..07df6462d5 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -40,6 +40,12 @@ pipeline { skipOnUpstreamChange: false, suppressionFile: '', zipExtensions: '' + + dependencyCheckPublisher canComputeNew: false, + defaultEncoding: '', + healthy: '', + pattern: '', + unHealthy: '' }) } From df17d98c23ec5e204449aba9ffc03acdc60806fb Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 15 Sep 2017 14:06:05 -0400 Subject: [PATCH 46/75] updating to logic to not publish container unless the scan passes --- Jenkinsfile | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 07df6462d5..5b63dbb306 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -46,20 +46,16 @@ pipeline { healthy: '', pattern: '', unHealthy: '' + }, + Build Container:{ + sh ''' + cd webgoat-server + mvn -B docker:build + ''' }) } } - stage('Build Container') { - steps { - sh ''' - cd webgoat-server - mvn -B docker:build - docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 - docker push mycompany.com:18444/webgoat/webgoat-8.0 - ''' - } - } stage('Scan Container') { steps{ sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" @@ -69,7 +65,21 @@ pipeline { iqStage: 'release', iqScanPatterns: [[scanPattern: '*.tar']], jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' - } + } + post { + success { + sh ''' + docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 + ''' + } + } + } + stage('Publish Container') { + steps { + sh ''' + docker push mycompany.com:18444/webgoat/webgoat-8.0 + ''' + } } } } \ No newline at end of file From 3c413cf62d6ab877356b0437d6857ea5ae4b839d Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 15 Sep 2017 14:14:34 -0400 Subject: [PATCH 47/75] thrying to fix the syntax in the parallel steps --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 5b63dbb306..5fa4854228 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -47,7 +47,7 @@ pipeline { pattern: '', unHealthy: '' }, - Build Container:{ + 'Build Container': { sh ''' cd webgoat-server mvn -B docker:build From b9325cf8c6ba60b3d6eed572be9fed4b91b7b5b2 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 15 Sep 2017 14:33:40 -0400 Subject: [PATCH 48/75] trying to see why the container scan isn't failing the build --- Jenkinsfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 5fa4854228..ae8840afbc 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -72,6 +72,9 @@ pipeline { docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 ''' } + failure { + echo '...the IQ Scan FAILED' + } } } stage('Publish Container') { From 21dc4710c13a7475f8a0968d3cacc1d5276ab5ab Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 3 Oct 2017 23:51:25 -0400 Subject: [PATCH 49/75] turning off test for now --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index ae8840afbc..1fe1ad6049 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -10,7 +10,7 @@ pipeline { sh ''' echo "PATH = ${PATH}" echo "M2_HOME = ${M2_HOME}" - mvn -B -Dmaven.test.failure.ignore=true install + mvn -B -DskipTest=true install ''' } post { From 4d4611cc7d3fed18e48aecb85a45a525af018905 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 00:02:04 -0400 Subject: [PATCH 50/75] removed credentials --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 1fe1ad6049..67149e1bb8 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -26,7 +26,7 @@ pipeline { iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPattern: '']], - jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + jobCredentialsId: '' }, OWASP: { dependencyCheckAnalyzer datadir: '', hintsFile: '', From d7ad1a5f0ee9b4b0b5111632aeec1079b1c995dc Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 00:03:04 -0400 Subject: [PATCH 51/75] removed other credential in container scan --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 67149e1bb8..bd9291f409 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -64,7 +64,7 @@ pipeline { iqApplication: 'webgoat8', iqStage: 'release', iqScanPatterns: [[scanPattern: '*.tar']], - jobCredentialsId: '6f9e8ba7-b926-4ce1-b83f-f9c203c955e8' + jobCredentialsId: '' } post { success { From ee532573d4ade38bf142115db36c127666e49bfd Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:02:12 -0400 Subject: [PATCH 52/75] forcing the step to fail if IQ scan fails --- Jenkinsfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Jenkinsfile b/Jenkinsfile index bd9291f409..a3378d50f3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -74,6 +74,7 @@ pipeline { } failure { echo '...the IQ Scan FAILED' + error("...the IQ Scan FAILED") } } } From a96304ddd32384bae2c99696a8751fed2b86b2c8 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:17:04 -0400 Subject: [PATCH 53/75] updating pipeline to look more real --- Jenkinsfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index a3378d50f3..734bcd2ca0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,8 +56,9 @@ pipeline { } } - stage('Scan Container') { + stage('Test Container') { steps{ + parallel('Scan Container': { sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, @@ -76,7 +77,10 @@ pipeline { echo '...the IQ Scan FAILED' error("...the IQ Scan FAILED") } - } + }, + "Functional Test":{ + echo "deploy and run functional test" + }) } stage('Publish Container') { steps { From 57fc142df619d295a02179dec8fc312bfa449034 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:21:48 -0400 Subject: [PATCH 54/75] changing a stage nme to be more explicit --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 734bcd2ca0..c203d10697 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('IQ Scan - Build') { + stage('Scan Components - Build Container') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, From d151f861b15fb2a9321401f738c2d1ac1da59a70 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:34:30 -0400 Subject: [PATCH 55/75] here goes nothing --- Jenkinsfile | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index c203d10697..f0bec5b09d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,9 +56,10 @@ pipeline { } } - stage('Test Container') { - steps{ - parallel('Scan Container': { + stages{ + stage('Test Container') { + parallel{ + stage('Scan Container'): { sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, @@ -78,10 +79,12 @@ pipeline { error("...the IQ Scan FAILED") } }, - "Functional Test":{ + stage("Functional Test"){ echo "deploy and run functional test" - }) + } + } } + stage('Publish Container') { steps { sh ''' From fb50be3d151831b14330480bfc533a25edcd4847 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:34:56 -0400 Subject: [PATCH 56/75] Revert "changing a stage nme to be more explicit" This reverts commit 57fc142df619d295a02179dec8fc312bfa449034. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index f0bec5b09d..49e5c9cc9f 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('Scan Components - Build Container') { + stage('IQ Scan - Build') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, From b16f9143e1efcd5f793c9668a6b292427300a3f8 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:35:26 -0400 Subject: [PATCH 57/75] Revert "Revert "changing a stage nme to be more explicit"" This reverts commit fb50be3d151831b14330480bfc533a25edcd4847. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 49e5c9cc9f..f0bec5b09d 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('IQ Scan - Build') { + stage('Scan Components - Build Container') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, From 618cbee334df3d0e0b694731555bc5a12cd4343b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:35:40 -0400 Subject: [PATCH 58/75] Revert "here goes nothing" This reverts commit d151f861b15fb2a9321401f738c2d1ac1da59a70. --- Jenkinsfile | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index f0bec5b09d..c203d10697 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,10 +56,9 @@ pipeline { } } - stages{ - stage('Test Container') { - parallel{ - stage('Scan Container'): { + stage('Test Container') { + steps{ + parallel('Scan Container': { sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, @@ -79,12 +78,10 @@ pipeline { error("...the IQ Scan FAILED") } }, - stage("Functional Test"){ + "Functional Test":{ echo "deploy and run functional test" - } - } + }) } - stage('Publish Container') { steps { sh ''' From 34493c38de7878474367efc82a1ec18787ff5a0f Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:41:32 -0400 Subject: [PATCH 59/75] big rollback --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index c203d10697..734bcd2ca0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('Scan Components - Build Container') { + stage('IQ Scan - Build') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, From 9d3a97b5be6d55582a0cd8f19c02aefd997fd1ef Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:43:17 -0400 Subject: [PATCH 60/75] and one more forward --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 734bcd2ca0..c203d10697 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('IQ Scan - Build') { + stage('Scan Components - Build Container') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, From 742743d2f4cdb7c33c308902612b4cc949ab8d7b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:47:21 -0400 Subject: [PATCH 61/75] trying the rollback again --- Jenkinsfile | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index c203d10697..a3378d50f3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('Scan Components - Build Container') { + stage('IQ Scan - Build') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, @@ -56,9 +56,8 @@ pipeline { } } - stage('Test Container') { + stage('Scan Container') { steps{ - parallel('Scan Container': { sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, @@ -77,10 +76,7 @@ pipeline { echo '...the IQ Scan FAILED' error("...the IQ Scan FAILED") } - }, - "Functional Test":{ - echo "deploy and run functional test" - }) + } } stage('Publish Container') { steps { From 79f470f1bff1c8479bce8934acd26bf299e12c0a Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 4 Oct 2017 14:54:39 -0400 Subject: [PATCH 62/75] more explicit stage name --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index a3378d50f3..27ce14aed0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -19,7 +19,7 @@ pipeline { } } } - stage('IQ Scan - Build') { + stage('Scan App - Build Container') { steps{ parallel(IQ: { nexusPolicyEvaluation failBuildOnNetworkError: false, From 945ac7cc335f578f6b09072223bcd66b04c68334 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 13 Oct 2017 08:23:34 -0400 Subject: [PATCH 63/75] updating stasge names --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 27ce14aed0..21b2757440 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -21,14 +21,14 @@ pipeline { } stage('Scan App - Build Container') { steps{ - parallel(IQ: { + parallel(IQ-BOM: { nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPattern: '']], jobCredentialsId: '' }, - OWASP: { + 'Static Analysis': { dependencyCheckAnalyzer datadir: '', hintsFile: '', includeCsvReports: false, includeHtmlReports: false, From 19e5bd4b8cd46e8ea53262ebbb3d5ebbf1f8019b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 13 Oct 2017 09:59:20 -0400 Subject: [PATCH 64/75] syntax --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 21b2757440..cbdbf8a36e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -21,7 +21,7 @@ pipeline { } stage('Scan App - Build Container') { steps{ - parallel(IQ-BOM: { + parallel('IQ-BOM': { nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', From 932ce7cd2157820ecfe33c24aa4edf114bc5001a Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 13 Oct 2017 14:58:57 -0400 Subject: [PATCH 65/75] big updates to improve pipeline look for screenshots --- Jenkinsfile | 48 +++++++++++++++++++++++++----------------------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index cbdbf8a36e..a71f1c487a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -22,30 +22,15 @@ pipeline { stage('Scan App - Build Container') { steps{ parallel('IQ-BOM': { - nexusPolicyEvaluation failBuildOnNetworkError: false, + nexusPolicyEvaluation + failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPattern: '']], jobCredentialsId: '' }, 'Static Analysis': { - dependencyCheckAnalyzer datadir: '', hintsFile: '', - includeCsvReports: false, - includeHtmlReports: false, - includeJsonReports: false, - isAutoupdateDisabled: false, - outdir: '', - scanpath: '', - skipOnScmChange: false, - skipOnUpstreamChange: false, - suppressionFile: '', - zipExtensions: '' - - dependencyCheckPublisher canComputeNew: false, - defaultEncoding: '', - healthy: '', - pattern: '', - unHealthy: '' + echo '...run SonarQube or other SAST tools here' }, 'Build Container': { sh ''' @@ -56,11 +41,26 @@ pipeline { } } + stage('Test Container') { + steps{ + echo '...run container and test it' + } + post { + success { + echo '...the Test Scan Passed!' + } + failure { + echo '...the Test FAILED' + error("...the Container Test FAILED") + } + } + } stage('Scan Container') { steps{ sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" - nexusPolicyEvaluation failBuildOnNetworkError: false, + nexusPolicyEvaluation + failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'release', iqScanPatterns: [[scanPattern: '*.tar']], @@ -68,19 +68,21 @@ pipeline { } post { success { - sh ''' - docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 - ''' + echo '...the IQ Scan PASSED :D' } failure { - echo '...the IQ Scan FAILED' + echo '...the IQ Scan FAILED :(' error("...the IQ Scan FAILED") } } } stage('Publish Container') { + when { + branch 'master' + } steps { sh ''' + docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 docker push mycompany.com:18444/webgoat/webgoat-8.0 ''' } From 5dfea878971a48cb927c736abe3488772104d9f3 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Fri, 13 Oct 2017 15:32:43 -0400 Subject: [PATCH 66/75] rolling back change to nexusPolicyEvaluation --- Jenkinsfile | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index a71f1c487a..83f7970e40 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -22,8 +22,7 @@ pipeline { stage('Scan App - Build Container') { steps{ parallel('IQ-BOM': { - nexusPolicyEvaluation - failBuildOnNetworkError: false, + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'build', iqScanPatterns: [[scanPattern: '']], @@ -59,8 +58,7 @@ pipeline { steps{ sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" - nexusPolicyEvaluation - failBuildOnNetworkError: false, + nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', iqStage: 'release', iqScanPatterns: [[scanPattern: '*.tar']], From f1711359d861987eb7fe04d8400526be0af96b6c Mon Sep 17 00:00:00 2001 From: CMYanko Date: Wed, 13 Dec 2017 15:05:31 -0500 Subject: [PATCH 67/75] fixed image name for docker save --- Jenkinsfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 83f7970e40..945cc10b98 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -56,7 +56,7 @@ pipeline { } stage('Scan Container') { steps{ - sh "docker save mycompany.com:18444/webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" + sh "docker save webgoat/webgoat-8.0 -o ${env.WORKSPACE}/webgoat.tar" nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'webgoat8', @@ -80,8 +80,8 @@ pipeline { } steps { sh ''' - docker tag webgoat/webgoat-8.0 mycompany.com:18444/webgoat/webgoat-8.0:8.0 - docker push mycompany.com:18444/webgoat/webgoat-8.0 + docker tag webgoat/webgoat-8.0 mycompany.com:5000/webgoat/webgoat-8.0:8.0 + docker push mycompany.com:5000/webgoat/webgoat-8.0 ''' } } From 5ee483267d557cbe16a80cad1f62596bce0b2b39 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 08:30:41 -0500 Subject: [PATCH 68/75] Adding github statuses --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 945cc10b98..0688d9380a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -66,10 +66,10 @@ pipeline { } post { success { - echo '...the IQ Scan PASSED :D' + postGitHub commitId, 'failure', 'build', 'IQ Scan PASSED' } failure { - echo '...the IQ Scan FAILED :(' + postGitHub commitId, 'failure', 'build', 'IQ Scan FAILED' error("...the IQ Scan FAILED") } } From 85cbe02812ebcc1d4d178cdadbc473fb94d7ed89 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 08:35:02 -0500 Subject: [PATCH 69/75] more github status posting --- Jenkinsfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 0688d9380a..6409a1f503 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -17,6 +17,9 @@ pipeline { always { junit '**/target/surefire-reports/**/*.xml' } + failure { + postGitHub commitId, 'success', 'build', 'Build FAILED' + } } } stage('Scan App - Build Container') { From 430ffd4990a675321f9b7c89e82316405c4c3e63 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 09:01:36 -0500 Subject: [PATCH 70/75] adding github function --- Jenkinsfile | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 6409a1f503..4dd4a24bf7 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -4,6 +4,17 @@ pipeline { maven 'M3' jdk 'jdk8' } + + def postGitHub(commitId, state, context, description, targetUrl) { + def payload = JsonOutput.toJson( + state: state, + context: context, + description: description, + target_url: targetUrl + ) + sh "curl -H \"Authorization: token ${gitHubApiToken}\" --request POST --data '${payload}' + https://api.github.com/repos/${project}/statuses/${commitId} > /dev/null" + } stages { stage ('Build') { steps { From 104600b09ea59090637875f66fcc4caca2fd1a13 Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 09:04:41 -0500 Subject: [PATCH 71/75] another github post --- Jenkinsfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 4dd4a24bf7..28b1bb0572 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -30,6 +30,9 @@ pipeline { } failure { postGitHub commitId, 'success', 'build', 'Build FAILED' + } + success { + postGitHub commitId, 'success', 'build', 'Build SUCCEEDED' } } } From dc7e4d968036c99fcac752b244428533e1e1203a Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 09:08:00 -0500 Subject: [PATCH 72/75] moved function to the end --- Jenkinsfile | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 28b1bb0572..1831557e53 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -4,17 +4,6 @@ pipeline { maven 'M3' jdk 'jdk8' } - - def postGitHub(commitId, state, context, description, targetUrl) { - def payload = JsonOutput.toJson( - state: state, - context: context, - description: description, - target_url: targetUrl - ) - sh "curl -H \"Authorization: token ${gitHubApiToken}\" --request POST --data '${payload}' - https://api.github.com/repos/${project}/statuses/${commitId} > /dev/null" - } stages { stage ('Build') { steps { @@ -103,4 +92,14 @@ pipeline { } } } + def postGitHub(commitId, state, context, description, targetUrl) { + def payload = JsonOutput.toJson( + state: state, + context: context, + description: description, + target_url: targetUrl + ) + sh "curl -H \"Authorization: token ${gitHubApiToken}\" --request POST --data '${payload}' + https://api.github.com/repos/${project}/statuses/${commitId} > /dev/null" + } } \ No newline at end of file From 33dac67e639960ed5500ffa885901f914619e09b Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 10:20:00 -0500 Subject: [PATCH 73/75] trying the helper script another way --- Jenkinsfile | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 1831557e53..9eab9ab522 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -4,6 +4,18 @@ pipeline { maven 'M3' jdk 'jdk8' } + script{ + def postGitHub(commitId, state, context, description, targetUrl) { + def payload = JsonOutput.toJson( + state: state, + context: context, + description: description, + target_url: targetUrl + ) + sh "curl -H \"Authorization: token ${gitHubApiToken}\" --request POST --data '${payload}' + https://api.github.com/repos/${project}/statuses/${commitId} > /dev/null" + } + } stages { stage ('Build') { steps { @@ -92,14 +104,4 @@ pipeline { } } } - def postGitHub(commitId, state, context, description, targetUrl) { - def payload = JsonOutput.toJson( - state: state, - context: context, - description: description, - target_url: targetUrl - ) - sh "curl -H \"Authorization: token ${gitHubApiToken}\" --request POST --data '${payload}' - https://api.github.com/repos/${project}/statuses/${commitId} > /dev/null" - } } \ No newline at end of file From 48eced626ecad25fec428fca1ced55c84d7f3c1a Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 10:21:28 -0500 Subject: [PATCH 74/75] rolled out the script --- Jenkinsfile | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 9eab9ab522..36a5ec6026 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -4,18 +4,6 @@ pipeline { maven 'M3' jdk 'jdk8' } - script{ - def postGitHub(commitId, state, context, description, targetUrl) { - def payload = JsonOutput.toJson( - state: state, - context: context, - description: description, - target_url: targetUrl - ) - sh "curl -H \"Authorization: token ${gitHubApiToken}\" --request POST --data '${payload}' - https://api.github.com/repos/${project}/statuses/${commitId} > /dev/null" - } - } stages { stage ('Build') { steps { From 9e3d99a45e9b09d76c49291f0df5e42f794949bb Mon Sep 17 00:00:00 2001 From: CMYanko Date: Tue, 19 Dec 2017 10:43:50 -0500 Subject: [PATCH 75/75] more rollback --- Jenkinsfile | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 36a5ec6026..ba59a1bbcc 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -16,13 +16,7 @@ pipeline { post { always { junit '**/target/surefire-reports/**/*.xml' - } - failure { - postGitHub commitId, 'success', 'build', 'Build FAILED' - } - success { - postGitHub commitId, 'success', 'build', 'Build SUCCEEDED' - } + } } } stage('Scan App - Build Container') { @@ -72,10 +66,10 @@ pipeline { } post { success { - postGitHub commitId, 'failure', 'build', 'IQ Scan PASSED' + echo '...the IQ Scan PASSED' } failure { - postGitHub commitId, 'failure', 'build', 'IQ Scan FAILED' + echo '...the IQ Scan FAILED' error("...the IQ Scan FAILED") } }