i need to withcredntails i am storing my AWS keys in Jenkins credentials
def command = 'aws acm list-certificates --query "CertificateSummaryList[?DomainName=='*.osdemo.cf'].CertificateArn" --output text'
def proc = command.execute()
proc.waitFor()
def output = proc.in.text
def exitcode= proc.exitValue()
def error = proc.err.text
if (error) {
println "Std Err: ${error}"
println "Process exit code: ${exitcode}"
return exitcode
}
//println output.split()
return output.tokenize()
Related
I am using declarative pipeline wherein when I build my pipeline it is giving me java.io.NotSerializableException: org.jenkinsci.plugins.workflow.job.WorkflowJob error.
These are the 2 methods which I am using:-
#NonCPS
def getJob(name) {
def hi = Hudson.instance
return hi.getItemByFullName(name, Job)
}
#NonCPS
def getParam(WorkflowJob job, String paramName) {
def prop = job.getProperty(ParametersDefinitionProperty.class)
for (param in prop.getParameterDefinitions()) {
if (param.name == paramName) {
return param
}
}
return null
}
And below is the part of my code where I am getting this error.
stages{
stage("A"){
steps{
script {
def job = getJob(JOB_NAME)
def param = getParam(job, "AWS Ser")
def service_name = ("${SERVICE_NAME}".replace('AWS Ser:', '')).toString().tokenize(',[]')
if (service_name != 'All') {
def regions = "${REGIONS}".toString()
regions.split('\n').each() {
service_name.each() {
sh '''
echo "Welcome"
'''
}
}
}
Here, if you see when I put sh script then I get this error and if I remove this sh script then there is no error.
I tried to troubleshoot and something is wrong with the 2 methods which I mentioned above.
Don't return the WorkflowJob object to the Pipeline step. Refactor your functions like below.
#NonCPS
def getJob(name) {
def hi = Hudson.instance
return hi.getItemByFullName(name, Job)
}
#NonCPS
def getParam(String jobName, String paramName) {
def job = getJob(jobName)
def prop = job.getProperty(ParametersDefinitionProperty.class)
for (param in prop.getParameterDefinitions()) {
if (param.name == paramName) {
return param
}
}
return null
}
Then in the Pipeline stage call getParam as.
def param = getParam(JOB_NAME, "AWS Ser")
Please check what to write for just update password change not replace file kindly check.
Not all passwords change every time so it should only change passwords which are different
2)password file should be provided along with email
That's here I am stuck that how it is possible to do that because every time I run this it gets back with replacing the passwords file. It should have to update the changes just.
def json = 'initial_value'
def token = 'initial_value'
def count = 0
def csvContent = 'initial_value'
def ocpUrl ="https://api.nonprod.ocp.dev.ppr.gvv:6443"
def ocpRegistry="registry.apps.nonprod.ocp.dev.ppr.gvv"
pipeline {
agent any
environment {
VAULT_ADDR = credentials('VAULT_ADDR')
ROLE_ID = credentials('ROLE_ID')
SECRET_ID = credentials('SECRET_ID')
}
stages {
stage('Upload parameters and FILE') {
steps {
script {
//Load the csv file
def inputCSVPath = input message: 'Upload file', parameters: [file(name: 'Credentials.csv', description: 'Upload only CSV file')]
csvContent = readFile "${inputCSVPath}"
//Delete csv file
sh(""" rm -rf "$inputCSVPath" """)
json = '{"data":{'
csvContent.split('\n').each { line ->
if (count > 0) {
def fields = line.split(',',2)
def key = fields[0]
def pass = fields[1]
key = key.replaceAll(' ', '')
key=key.replaceAll('"', '')
pass=pass.replaceAll('"', '')
def item_data = '"'+key.trim()+'":"'+pass.trim()+'",'
json += item_data
}
count += 1
enter code here
}
count -= 1
json = json.substring(0, json.length() - 1)
json += '},"options":{}}'
//println(json)
//delete file
}
}
}
stage('Validate file'){
steps{
script {
csvContent = csvContent.trim()
csvContent = csvContent.replaceAll("\\S","")
println csvContent.length()
if(csvContent.equals("")){
currentBuild.result = "FAILURE"
echo "error"
exit o
}
}
}
}
stage('Authentication into vault'){
when {
expression { currentBuild.result != "FAILURE" }
}
steps{
script {
//Authentication Method
def response = sh(script: """curl --insecure -X PUT -H "X-Vault-Request: true" -d '{"role_id":"${ROLE_ID}","secret_id":"${SECRET_ID}"}' ${VAULT_ADDR}/v1/auth/approle/login""", returnStdout: true)
def responseObject = readJSON text: response
token = "$responseObject.auth.client_token"
}
}
}
stage('Update secrets into vault'){
when {
expression { currentBuild.result != "FAILURE" }
}
steps{
script{
// Updating the secret into vault
sh """
set +x
curl --insecure -X PUT -H "X-Vault-Request: true" -H "X-Vault-Token: "${token}"" -d '${json}' ${VAULT_ADDR}/v1/dev/data/db
set -x
"""
}
}
}
stage('Openshift delete Pods') {
steps{
withCredentials([usernamePassword(credentialsId: 'ocp-dev', usernameVariable: 'OCP_CREDS_USR', passwordVariable: 'OCP_CREDS_PSW')]) {
sh """
/usr/local/bin/oc login --insecure-skip-tls-verify -u '${OCP_CREDS_USR}' -p '${OCP_CREDS_PSW}' ${ocpUrl}
sudo docker login -u system -p \$(/usr/local/bin/oc whoami -t) ${ocpRegistry}
/usr/local/bin/oc delete --all pods --namespace md-dev
"""
}
}
}
}
post{
success{
emailext to: "${email}",
subject: "Jenkins Result",
body: "Password updated successfully",
attachLog: true
}
failure{
emailext to: "${email}",
subject: "Jenkins Result",
body: "Password updated failed with the error",
attachLog: true
}
}
}
My small piece of code
def proc ='./test.py'.execute()
proc.waitFor()
def output = proc.in.text
def exitcode = proc.exitValue()
def error = proc.err.text
return output.tokenize()
This above groovy script will execute from one of the Active Choice Reactive Reference Parameter in my Jenkins pipeline. Is there anyway to execute this from different slave. I don't have idea that the groovy script written in parameter will execute from other slave or not..
Could someone help me to achieve this?
You can try this
pipeline {
agent {
node { label "name-of-slave-jenkins"}
}
stages {
stage('stage 1') {
steps {
script {
def proc ='./test.py'.execute()
proc.waitFor()
}
}
}
stage('stage 2') {
steps{
script{
def output = proc.in.text
def exitcode = proc.exitValue()
def error = proc.err.text
return output.tokenize()
}
}
}
}
}
I am trying to run this code inside Jenkins Pipeline script:
def getTags = { svnurl ->
def command = ["svn","ls","${svnurl}"];
def proc = command.execute()
proc.waitFor()
proc.in.eachLine {
println(it)
}
}
getTags('http://svnurlexample.net/');
The result should be a list of folders at the svn location but what I am getting is an error:
[Pipeline] echo:
1.0.0/
expected to call java.lang.ProcessImpl$ProcessPipeInputStream.eachLine but wound up catching org.jenkinsci.plugins.workflow.cps.CpsClosure2.call
The proc.in.eachLine is causing the issue, as if Groovy finds the first folder on the location but can not handle the rest and reports an error.
This is what worked for me:
#NonCPS
def getTags (svnurl) {
def command = ["svn","ls","${svnurl}"];
def proc = command.execute()
proc.waitFor()
proc.in.eachLine {
println(it)
}
}
getTags('http://svnurlexample.net/');
Basically I can't pass build properties to Library var call without extra nonsense.
jenkinsfile relevant chunk:
tc_test{
repo = 'test1'
folder = 'test2'
submodules = true
refs = params.GitCheckout
}
That results in error
java.lang.NullPointerException: Cannot get property 'GitCheckout' on
null object
This, however, works:
def a1 = params.GitCheckout
tc_test{
repo = 'test1'
folder = 'test2'
submodules = true
refs = a1
}
The contents of the vars/tc_test.groovy in shared library :
def call ( body ) {
def config = [:]
body.resolveStrategy = Closure.DELEGATE_FIRST
body.delegate = config
try {
body()
} catch(e) {
currentBuild.result = "FAILURE";
throw e;
} finally {
config.each{ k, v -> println "${k}:${v}" }
}
}
I'm not really good with groovy, so it might be something obvious.
Got the answer from Jenkins JIRA.
Small workaround is using maps instead of closures:
tc_test ([
repo: 'test1',
folder: 'test2',
submodules: true,
refs = params.GitCheckout
])
May have drawbacks, but for me that worked perfectly.
Still have to transfer params as argument to have access to them, but at least the code makes more sense now.
Suppose you have a sharedLibrary to call a Rundeck Job,
Parameters:
1 runDeckJobId - Rundeck unique job id thats available in settings.
2 role - AD Group associated with Rundeck Job
3 runDeckProject - Name of the project configured in rundeck.
4 optional - All optional parameters as a Map.
- rundeckInstanceType - Rundeck instances are currently in UK or HK.
- retries - Number of retries for checking job status once started (Default value=100)
- timeout - Number of seconds to be waited before each retry (Default value=15)
- verbose - If verbose calls need to be made in the rundeck api calls (Default value=false)
- rundeckArgs - All rundeck parameters as a map. Eg: Name of the playBook, location of inventory file.
Example Usage in JenkinsFile:
if (isRundeckDeployment == "true") {
def optional = [
rundeckInstance : "UK",
timeout : 10,
rundeckArgs : [
artifactPack : "${artifactPath}",
DEPLOYMENT_ENVIRONMENT: "${deploymentEnvironment}",
EXTRA_ARGS : "-e deployment_serial=1"
]
]
triggerRundeckJob("job-id", "AD-group-id", "BitbucketKey", optional)
}
Shared Library Function with filename : triggerRundeckJob in vars folder
def call(String rundeckJobId, String role, String rundeckProject, Map optional) {
String jobUserId
wrap([$class: 'BuildUser']) {
jobUserId = "${BUILD_USER_ID}"
}
// Determine rundeck instance type, by default instance is UK (rundeckAuthToken)
String mainRundeckId = optional.rundeckInstance == "HK" ? "rundeckAuthTokenHK": "rundeckAuthToken"
String rundeckBaseURL = optional.rundeckInstance == "HK" ? "https://rundeckUrl/selfservice" : "https://rundeckUrl:9043/selfservice"
withCredentials([string(credentialsId: mainRundeckId, variable: 'mainRundeckIdVariable')]) {
int retries = optional.retries ?: 100
int timeout = optional.timeout ?: 15
String verbose = optional.verbose? "-v" : "-s"
String rundeckArgsString = optional.rundeckArgs.collect{ "-${it.key} \\\"${it.value}\\\"" }.join(" ")
def tokenResponse = sh(returnStdout: true, script: "curl -k ${verbose} -X POST -d '{\"user\": \"${jobUserId}\",\"roles\":\"${role}\",\"duration\":\"30m\"}' -H Accept:application/json -H 'Content-Type: application/json' -H X-Rundeck-Auth-Token:${mainRundeckIdVariable} ${rundeckBaseURL}/api/19/tokens")
def tokenResponseJson = readJSON text: tokenResponse
def rundeckResponse = sh(returnStdout: true, script: "curl -k ${verbose} --data-urlencode argString=\"${rundeckArgsString}\" -H Accept:application/json -H X-Rundeck-Auth-Token:${tokenResponseJson.token} ${rundeckBaseURL}/api/19/job/${rundeckJobId}/run")
def rundeckResponseJson = readJSON text: rundeckResponse
if(!rundeckResponseJson.error){
while(true){
if(retries==0) {
currentBuild.result = "FAILURE"
echo "Rundeck Job Timedout, See: ${rundeckBaseURL}/project/${rundeckProject}/job/show/${rundeckJobId}"
break;
}
def jobStateResponse = sh(returnStdout: true, script:"curl -k ${verbose} -H Accept:application/json -H X-Rundeck-Auth-Token:${tokenResponseJson.token} ${rundeckBaseURL}/api/19/execution/${rundeckResponseJson.id}/state")
def jobStateResponseJson = readJSON text: jobStateResponse
if(jobStateResponseJson.completed) {
if(jobStateResponseJson.executionState == "FAILED") {
currentBuild.result = "FAILURE"
echo "Rundeck Job FAILED, See: ${rundeckBaseURL}/project/${rundeckProject}/job/show/${rundeckJobId}"
break
}else{
currentBuild.result = "SUCCESS"
echo "Rundeck Job SUCCESS, See: ${rundeckBaseURL}/project/${rundeckProject}/job/show/${rundeckJobId}"
break
}
}
else{
sleep timeout
}
retries--
}
}else{
echo "******************Rundeck Job Error: ${rundeckResponseJson.message} ******************"
currentBuild.result = "FAILURE"
}
}
}