diff --git a/bitbucket-pipelines.yml b/bitbucket-pipelines.yml index 5b98510..a7552d3 100644 --- a/bitbucket-pipelines.yml +++ b/bitbucket-pipelines.yml @@ -34,13 +34,29 @@ pipelines: - parallel: - step: - name: bitbucket_config/iam_elasticsearch + name: aws_common/cw-disabled services: - docker script: - ./bin/install-ansible --dev - - cd roles/bitbucket_config - - pipenv run molecule test -s iam_elasticsearch + - cd roles/aws_common + - pipenv run molecule test -s cw-disabled + - step: + name: aws_common/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/aws_common + - pipenv run molecule test -s default + - step: + name: aws_common/logs-disabled + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/aws_common + - pipenv run molecule test -s logs-disabled - step: name: bitbucket_config/default services: @@ -49,6 +65,262 @@ pipelines: - ./bin/install-ansible --dev - cd roles/bitbucket_config - pipenv run molecule test -s default + - step: + name: bitbucket_config/iam_elasticsearch + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/bitbucket_config + - pipenv run molecule test -s iam_elasticsearch + - step: + name: confluence_config/aurora + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/confluence_config + - pipenv run molecule test -s aurora + - step: + name: confluence_config/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/confluence_config + - pipenv run molecule test -s default + - step: + name: confluence_config/password_char_escaping + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/confluence_config + - pipenv run molecule test -s password_char_escaping + - step: + name: confluence_config/system_jdk + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/confluence_config + - pipenv run molecule test -s system_jdk + - step: + name: diy_backup/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/diy_backup + - pipenv run molecule test -s default + - step: + name: jira_config/aurora + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/jira_config + - pipenv run molecule test -s aurora + - step: + name: jira_config/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/jira_config + - pipenv run molecule test -s default + - step: + name: jira_config/jira_config_props + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/jira_config + - pipenv run molecule test -s jira_config_props + - step: + name: jira_config/password_char_escaping + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/jira_config + - pipenv run molecule test -s password_char_escaping + - step: + name: linux_common/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/linux_common + - pipenv run molecule test -s default + - step: + name: product_common/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_common + - pipenv run molecule test -s default + - step: + name: product_common/system_jdk + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_common + - pipenv run molecule test -s system_jdk + - step: + name: product_install/bitbucket_latest + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s bitbucket_latest + - step: + name: product_install/confluence_latest + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s confluence_latest + - step: + name: product_install/crowd_latest + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s crowd_latest + - step: + name: product_install/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s default + - step: + name: product_install/jira_all + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_all + - step: + name: product_install/jira_cached_with_downgrade + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_cached_with_downgrade + - step: + name: product_install/jira_cached_with_upgrade + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_cached_with_upgrade + - step: + name: product_install/jira_software_latest + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_software_latest + - step: + name: product_install/jira_tarball + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_tarball + - step: + name: product_install/jira_version_from_file + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_version_from_file + - step: + name: product_install/jira_version_latest + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_version_latest + - step: + name: product_install/jira_version_override + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s jira_version_override + - step: + name: product_install/servicedesk3 + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s servicedesk3 + - step: + name: product_install/servicedesk4 + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s servicedesk4 + - step: + name: product_install/servicedesk_latest + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_install + - pipenv run molecule test -s servicedesk_latest + - step: + name: product_startup/bitbucket + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_startup + - pipenv run molecule test -s bitbucket + - step: + name: product_startup/default + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_startup + - pipenv run molecule test -s default + - step: + name: product_startup/startup_restart_false + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_startup + - pipenv run molecule test -s startup_restart_false + - step: + name: product_startup/synchrony + services: + - docker + script: + - ./bin/install-ansible --dev + - cd roles/product_startup + - pipenv run molecule test -s synchrony - step: name: restore_backups/default services: @@ -73,276 +345,15 @@ pipelines: - ./bin/install-ansible --dev - cd roles/restore_backups - pipenv run molecule test -s restore_jira_clustered - - step: - name: diy_backup/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/diy_backup - - pipenv run molecule test -s default - - step: - name: product_startup/synchrony - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_startup - - pipenv run molecule test -s synchrony - - step: - name: product_startup/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_startup - - pipenv run molecule test -s default - - step: - name: product_startup/bitbucket - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_startup - - pipenv run molecule test -s bitbucket - - step: - name: product_startup/startup_restart_false - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_startup - - pipenv run molecule test -s startup_restart_false - - step: - name: product_common/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_common - - pipenv run molecule test -s default - - step: - name: product_common/system_jdk - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_common - - pipenv run molecule test -s system_jdk - - step: - name: confluence_config/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/confluence_config - - pipenv run molecule test -s default - - step: - name: confluence_config/aurora - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/confluence_config - - pipenv run molecule test -s aurora - - step: - name: confluence_config/system_jdk - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/confluence_config - - pipenv run molecule test -s system_jdk - - step: - name: confluence_config/password_char_escaping - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/confluence_config - - pipenv run molecule test -s password_char_escaping - - step: - name: jira_config/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/jira_config - - pipenv run molecule test -s default - - step: - name: jira_config/aurora - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/jira_config - - pipenv run molecule test -s aurora - - step: - name: jira_config/jira_config_props - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/jira_config - - pipenv run molecule test -s jira_config_props - - step: - name: jira_config/password_char_escaping - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/jira_config - - pipenv run molecule test -s password_char_escaping - - step: - name: product_install/jira_version_from_file - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_version_from_file - - step: - name: product_install/jira_cached_with_upgrade - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_cached_with_upgrade - - step: - name: product_install/servicedesk4 - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s servicedesk4 - - step: - name: product_install/servicedesk3 - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s servicedesk3 - - step: - name: product_install/jira_software_latest - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_software_latest - - step: - name: product_install/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s default - - step: - name: product_install/bitbucket_latest - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s bitbucket_latest - - step: - name: product_install/jira_version_override - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_version_override - - step: - name: product_install/crowd_latest - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s crowd_latest - - step: - name: product_install/servicedesk_latest - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s servicedesk_latest - - step: - name: product_install/jira_version_latest - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_version_latest - - step: - name: product_install/confluence_latest - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s confluence_latest - - step: - name: product_install/jira_cached_with_downgrade - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_cached_with_downgrade - - step: - name: product_install/jira_tarball - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_tarball - - step: - name: product_install/jira_all - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/product_install - - pipenv run molecule test -s jira_all - - step: - name: aws_common/logs-disabled - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/aws_common - - pipenv run molecule test -s logs-disabled - - step: - name: aws_common/cw-disabled - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/aws_common - - pipenv run molecule test -s cw-disabled - - step: - name: aws_common/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/aws_common - - pipenv run molecule test -s default - - step: - name: linux_common/default - services: - - docker - script: - - ./bin/install-ansible --dev - - cd roles/linux_common - - pipenv run molecule test -s default + + - step: + name: Run Snyk security scan + services: + - docker + script: + - ./bin/install-ansible --dev + - apt-get update && apt-get install -y npm + - npm install -g snyk + - snyk auth $SNYK_TOKEN + - pipenv run snyk test --severity-threshold=high diff --git a/pipeline_generator/pipeline.py b/pipeline_generator/pipeline.py index b46de5c..9f85056 100644 --- a/pipeline_generator/pipeline.py +++ b/pipeline_generator/pipeline.py @@ -8,9 +8,9 @@ ROLES_DIR = 'roles/' def find_all_scenarios(): scenario_dirs = [] - for root, dirs, files in os.walk(Path(os.path.join(os.path.dirname(__file__), "..", ROLES_DIR))): + for root, dirs, files in os.walk('..'): [scenario_dirs.append(Path(root)) for f in files if f.endswith("molecule.yml")] - return scenario_dirs + return sorted(scenario_dirs) def load_template():