Compare commits
4 Commits
330bbff810
...
33195f607c
| Author | SHA1 | Date | |
|---|---|---|---|
|
33195f607c | ||
|
|
fd84c389aa | ||
| 95d2344f7f | |||
|
|
b655cb4c56 |
124
Jenkinsfile
vendored
124
Jenkinsfile
vendored
@@ -1,124 +0,0 @@
|
||||
pipeline {
|
||||
agent any
|
||||
|
||||
post {
|
||||
always {
|
||||
deleteDir() /* clean up our workspace */
|
||||
}
|
||||
success {
|
||||
updateGitlabCommitStatus state: 'success'
|
||||
}
|
||||
failure {
|
||||
updateGitlabCommitStatus state: 'failed'
|
||||
step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'support@confdroid.com', sendToIndividuals: true])
|
||||
}
|
||||
}
|
||||
|
||||
options {
|
||||
gitLabConnection('gitlab.confdroid.com')
|
||||
}
|
||||
|
||||
stages {
|
||||
|
||||
stage('pull master') {
|
||||
steps {
|
||||
sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
|
||||
sh '''
|
||||
git config user.name "Jenkins Server"
|
||||
git config user.email jenkins@confdroid.com
|
||||
# Ensure we're on the development branch (triggered by push)
|
||||
git checkout development
|
||||
# Create jenkins branch from development
|
||||
git checkout -b jenkins-build-$BUILD_NUMBER
|
||||
# Optionally merge master into jenkins to ensure compatibility
|
||||
git merge origin/master --no-ff || { echo "Merge conflict detected"; exit 1; }
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('puppet parser') {
|
||||
steps {
|
||||
sh '''for file in $(find . -iname \'*.pp\'); do
|
||||
/opt/puppetlabs/bin/puppet parser validate --color false --render-as s --modulepath=modules $file || exit 1;
|
||||
done;'''
|
||||
}
|
||||
}
|
||||
|
||||
stage('check templates') {
|
||||
steps{
|
||||
sh '''for file in $(find . -iname \'*.erb\');
|
||||
do erb -P -x -T "-" $file | ruby -c || exit 1;
|
||||
done;'''
|
||||
}
|
||||
}
|
||||
|
||||
stage('puppet-lint') {
|
||||
steps {
|
||||
sh '''/usr/local/bin/puppet-lint . \\
|
||||
--no-variable_scope-check \\
|
||||
|| { echo "Puppet lint failed"; exit 1; }
|
||||
'''
|
||||
}
|
||||
}
|
||||
|
||||
stage('SonarScan') {
|
||||
steps {
|
||||
withCredentials([string(credentialsId: 'sonar-token', variable: 'SONAR_TOKEN')]) {
|
||||
sh '''
|
||||
/opt/sonar-scanner/bin/sonar-scanner \
|
||||
-Dsonar.projectKey=confdroid_nrpe \
|
||||
-Dsonar.sources=. \
|
||||
-Dsonar.host.url=https://sonarqube.confdroid.com \
|
||||
-Dsonar.token=$SONAR_TOKEN
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('create Puppet documentation') {
|
||||
steps {
|
||||
sh '/opt/puppetlabs/bin/puppet strings'
|
||||
}
|
||||
}
|
||||
|
||||
stage('update repo') {
|
||||
steps {
|
||||
sshagent(['edd05eb6-26b5-4c7b-a5cc-ea2ab899f4fa']) {
|
||||
sh '''
|
||||
git config user.name "Jenkins Server"
|
||||
git config user.email jenkins@confdroid.com
|
||||
git rm -r --cached .vscode || echo "No .vscode to remove from git"
|
||||
git add -A && git commit -am "Recommit for updates in build $BUILD_NUMBER" || echo "No changes to commit"
|
||||
git push origin HEAD:master
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('Mirror to Gitea') {
|
||||
steps {
|
||||
withCredentials([usernamePassword(
|
||||
credentialsId: 'Jenkins-gitea',
|
||||
usernameVariable: 'GITEA_USER',
|
||||
passwordVariable: 'GITEA_TOKEN')]) {
|
||||
script {
|
||||
// Checkout from GitLab (already done implicitly)
|
||||
sh '''
|
||||
git checkout master
|
||||
git pull origin master
|
||||
git branch -D development
|
||||
git branch -D jenkins-build-$BUILD_NUMBER
|
||||
git rm -f Jenkinsfile
|
||||
git rm -r --cached .vscode || echo "No .vscode to remove from git"
|
||||
git commit --amend --no-edit --allow-empty
|
||||
git remote add master https://sourcecode.confdroid.com/confdroid/confdroid_nrpe.git
|
||||
git -c credential.helper="!f() { echo username=${GITEA_USER}; echo password=${GITEA_TOKEN}; }; f" \
|
||||
push master --mirror
|
||||
'''
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -206,8 +206,7 @@
|
||||
108
|
||||
109
|
||||
110
|
||||
111
|
||||
112</pre>
|
||||
111</pre>
|
||||
</td>
|
||||
<td>
|
||||
<pre class="code"><span class="info file"># File 'manifests/main/files.pp', line 6</span>
|
||||
@@ -278,15 +277,14 @@ class confdroid_nrpe::main::files (
|
||||
notify => Exec['create_nrpe_pp'],
|
||||
}
|
||||
}
|
||||
|
||||
# file for ssl certificate
|
||||
if $ne_enable_ssl == true {
|
||||
file { $ne_ssl_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_cert_file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -296,9 +294,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_privatekey_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_privatekey_file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0600',
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0400',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -308,9 +306,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_ca_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_ca_cert_file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
|
||||
@@ -349,24 +349,6 @@ inherited by all classes except defines.
|
||||
|
||||
</li>
|
||||
|
||||
<li>
|
||||
|
||||
<span class='name'>ne_ssl_version</span>
|
||||
|
||||
|
||||
<span class='type'>(<tt>String</tt>)</span>
|
||||
|
||||
|
||||
<em class="default">(defaults to: <tt>'TLSv2+'</tt>)</em>
|
||||
|
||||
|
||||
—
|
||||
<div class='inline'>
|
||||
<p>These directives allow you to specify how to use SSL/TLS.</p>
|
||||
</div>
|
||||
|
||||
</li>
|
||||
|
||||
<li>
|
||||
|
||||
<span class='name'>ne_ssl_cipher_list</span>
|
||||
@@ -781,6 +763,8 @@ inherited by all classes except defines.
|
||||
<pre class="lines">
|
||||
|
||||
|
||||
82
|
||||
83
|
||||
84
|
||||
85
|
||||
86
|
||||
@@ -871,13 +855,10 @@ inherited by all classes except defines.
|
||||
171
|
||||
172
|
||||
173
|
||||
174
|
||||
175
|
||||
176
|
||||
177</pre>
|
||||
174</pre>
|
||||
</td>
|
||||
<td>
|
||||
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 84</span>
|
||||
<pre class="code"><span class="info file"># File 'manifests/params.pp', line 82</span>
|
||||
|
||||
class confdroid_nrpe::params (
|
||||
|
||||
@@ -909,7 +890,6 @@ class confdroid_nrpe::params (
|
||||
String $ne_connection_timeout = '300',
|
||||
String $ne_allow_weak_rnd_seed = '1',
|
||||
Boolean $ne_enable_ssl = false,
|
||||
String $ne_ssl_version = 'TLSv2+',
|
||||
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
||||
String $ne_ssl_client_certs = '0',
|
||||
String $ne_ssl_logging = '0x00',
|
||||
@@ -944,7 +924,7 @@ class confdroid_nrpe::params (
|
||||
# directories
|
||||
$ne_main_conf_d_dir = '/etc/nrpe.d'
|
||||
$ne_run_dir = '/var/run/nrpe'
|
||||
$ne_servercert_dir = '/etc/pki/tls/servercerts'
|
||||
$ne_servercert_dir = '/etc/ssl/servercerts'
|
||||
|
||||
# files
|
||||
$ne_main_conf_file = '/etc/nagios/nrpe.cfg'
|
||||
|
||||
@@ -74,9 +74,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_cert_file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -86,9 +86,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_privatekey_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_privatekey_file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0600',
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0400',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
@@ -98,9 +98,9 @@ class confdroid_nrpe::main::files (
|
||||
file { $ne_ssl_ca_cert_file:
|
||||
ensure => file,
|
||||
path => $ne_ssl_ca_cert_file,
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
mode => '0644',
|
||||
owner => $ne_user,
|
||||
group => $ne_user,
|
||||
mode => '0440',
|
||||
selrange => s0,
|
||||
selrole => object_r,
|
||||
seltype => cert_t,
|
||||
|
||||
@@ -30,8 +30,6 @@
|
||||
# daemon will allow plugins to finish executing before killing them off.
|
||||
# @param [String] ne_connection_timeout maximum number of seconds that the
|
||||
# NRPE daemon will wait for a connection to be established before exiting.
|
||||
# @param [String] ne_ssl_version These directives allow you to specify how to
|
||||
# use SSL/TLS.
|
||||
# @param [String] ne_ssl_cipher_list ciphers can be used. For backward
|
||||
# compatibility, this defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in
|
||||
# this version but will be changed in a later version of NRPE.
|
||||
@@ -111,7 +109,6 @@ class confdroid_nrpe::params (
|
||||
String $ne_connection_timeout = '300',
|
||||
String $ne_allow_weak_rnd_seed = '1',
|
||||
Boolean $ne_enable_ssl = false,
|
||||
String $ne_ssl_version = 'TLSv2+',
|
||||
String $ne_ssl_cipher_list = 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH',
|
||||
String $ne_ssl_client_certs = '0',
|
||||
String $ne_ssl_logging = '0x00',
|
||||
|
||||
@@ -34,7 +34,6 @@ connection_timeout=<%= @ne_connection_timeout %>
|
||||
allow_weak_random_seed=<%= @ne_allow_weak_rnd_seed %>
|
||||
|
||||
<% if @ne_enable_ssl == true -%>
|
||||
ssl_version=<%= @ne_ssl_version %>
|
||||
ssl_cipher_list=<%= @ne_ssl_cipher_list %>
|
||||
ssl_cacert_file=<%= @ne_ssl_ca_cert_file %>
|
||||
ssl_cert_file=<%= @ne_ssl_cert_file %>
|
||||
|
||||
Reference in New Issue
Block a user