Page MenuHomeGRNET
Files F424863

No OneTemporary
Actions

File Metadata

Created
Thu, Apr 3, 5:10 AM

View Options

diff --git a/.gitignore b/.gitignore
index 4264f07..9b1838b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,3 @@
README.pdf
+jenkins_jobs.ini
+
diff --git a/jenkins_jobs.ini.example b/jenkins_jobs.ini.example
new file mode 100644
index 0000000..fe1a45c
--- /dev/null
+++ b/jenkins_jobs.ini.example
@@ -0,0 +1,21 @@
+[job_builder]
+ignore_cache=True
+keep_descriptions=False
+include_path=.:scripts:~/git/
+recursive=False
+exclude=.*:manual:./development
+allow_duplicates=False
+
+[jenkins]
+user=jenkins
+password=T0PS3CR3t
+url=http://jenkins-instance.eu
+query_plugins_info=False
+
+[plugin "hipchat"]
+authtoken=dummy
+
+[plugin "stash"]
+username=user
+password=pass
+
diff --git a/jobs/projects/apella.yaml b/jobs/projects/apella.yaml
new file mode 100644
index 0000000..345143a
--- /dev/null
+++ b/jobs/projects/apella.yaml
@@ -0,0 +1,12 @@
+- project:
+ name: apella
+ repo: https://github.com/grnet/panoramix
+ staging-env: https://service-apella.staging.grnet.gr/apella/
+ domain: service-apella.staging.grnet.gr
+ production-env: https://service-apella.grnet.gr/apella/
+ jobs:
+ - 'static-tools':
+ bandit_extra_args: '-s B101'
+ - 'dynamic-tools':
+ nmap_extra_args: '-sV'
+
diff --git a/jobs/projects/zeus.yaml b/jobs/projects/zeus.yaml
new file mode 100644
index 0000000..cb8e832
--- /dev/null
+++ b/jobs/projects/zeus.yaml
@@ -0,0 +1,11 @@
+- project:
+ name: zeus
+ repo: https://github.com/grnet/zeus
+ staging-env: https://zeus-testing.grnet.gr/zeus/
+ domain: zeus-testing.grnet.gr
+ production-env: https://zeus.grnet.gr/apella/
+ jobs:
+ - 'static-tools':
+ bandit_extra_args: '-s B101,B102'
+ - 'dynamic-tools':
+ nmap_extra_args: '-sV --reason --script=http-security-headers'
diff --git a/jobs/tools-templates/bandit.yaml b/jobs/tools-templates/bandit.yaml
new file mode 100644
index 0000000..beaff9c
--- /dev/null
+++ b/jobs/tools-templates/bandit.yaml
@@ -0,0 +1,18 @@
+- job-template:
+ name: '{name}-bandit'
+ description: "A job template for openstack's python static analyzer"
+ concurrent: true
+ output_type: html
+ builders:
+ - shell: |
+ #!/bin/bash -e
+ docker pull linosgian/bandit
+ docker run --rm \
+ -u $(id -u):$(id -g) \
+ -v $PWD:/app \
+ linosgian/bandit -r . -f {output_type} -o {name}.{output_type} {bandit_extra_args}
+ triggers:
+ - timed: '@hourly'
+ scm:
+ - git:
+ url: '{repo}'
diff --git a/jobs/tools-templates/dynamic.yaml b/jobs/tools-templates/dynamic.yaml
new file mode 100644
index 0000000..75f9046
--- /dev/null
+++ b/jobs/tools-templates/dynamic.yaml
@@ -0,0 +1,4 @@
+- job-group:
+ name: "dynamic-tools"
+ jobs:
+ - '{name}-nmap'
diff --git a/jobs/tools-templates/nmap.yaml b/jobs/tools-templates/nmap.yaml
new file mode 100644
index 0000000..113cdc7
--- /dev/null
+++ b/jobs/tools-templates/nmap.yaml
@@ -0,0 +1,13 @@
+- job-template:
+ name: '{name}-nmap'
+ description: "Nmap scanner"
+ concurrent: true
+ domain:
+ builders:
+ - shell: |
+ #!/bin/bash -e
+ docker pull linosgian/nmap
+ mkdir -p /tmp/nmap
+ docker run --rm linosgian/nmap {domain} {nmap_extra_args} | tee /tmp/nmap/{name}
+ triggers:
+ - timed: '@hourly'
diff --git a/jobs/tools-templates/static.yaml b/jobs/tools-templates/static.yaml
new file mode 100644
index 0000000..330c618
--- /dev/null
+++ b/jobs/tools-templates/static.yaml
@@ -0,0 +1,4 @@
+- job-group:
+ name: "static-tools"
+ jobs:
+ - '{name}-bandit'
diff --git a/tools/bandit/Dockerfile b/tools/bandit/Dockerfile
new file mode 100644
index 0000000..71a8f44
--- /dev/null
+++ b/tools/bandit/Dockerfile
@@ -0,0 +1,6 @@
+FROM python:2
+RUN pip install bandit
+
+WORKDIR /app
+
+ENTRYPOINT ["bandit"]

Event Timeline