Enigo · May 11, 2023 03:55
diff --git a/Jenkinsfile.groovy b/Jenkinsfile.groovy
 #!groovy
 import groovy.transform.Field

 @Field
 def keyName
 @Field
 def instanceId
 @Field
 def securityGroupId

 pipeline {

    agent { label 'agent' }

    parameters {
        string(name: 'AMI_ID', trim: true)
        string(name: 'REGION', trim: true)
    }

    stages {
        stage('Create key-pair') {
            keyName = UUID.randomUUID().toString()
            env.SSH_KEY_PATH = UUID.randomUUID().toString() + ".pem"
            sh "aws ec2 create-key-pair --key-name ${keyName} --key-type ed25519 " +
                    "--tag-specifications 'ResourceType=key-pair,Tags=[{Key=Env,Value=test},{Key=Type,Value=serverspec}]' " +
                    "| jq -r .KeyMaterial > ${SSH_KEY_PATH}"
            sh "chmod 400 ${SSH_KEY_PATH}"
        }

        stage('Create security group') {
            def securityGroupName = UUID.randomUUID().toString()
            def interfaceMac = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/")
            def vpcId = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/${interfaceMac}/vpc-id")
            securityGroupId = sh(returnStdout: true, script: "aws ec2 create-security-group --vpc-id ${vpcId} " +
                    "--group-name ${"spec-" + securityGroupName} " +
                    "--description 'Temporary group created for running serverspec tests' " +
                    "--tag-specifications 'ResourceType=security-group,Tags=[{Key=Env,Value=test},{Key=Type,Value=serverspec}]' " +
                    "--query 'GroupId'").trim()
            def agentIpAddress = sh(returnStdout: true, script: "curl http://169.254.169.254/latest/meta-data/local-ipv4").trim()
            sh "aws ec2 authorize-security-group-ingress --group-id ${securityGroupId} " +
                    "--protocol tcp --port 22 --cidr ${agentIpAddress}/32"
        }

        stage('Launch instance') {
            steps {
                script {
                    withAWS(role: "${JENKINS_ROLE}", roleAccount: "${AWS_ACCOUNT}", region: "${REGION}") {
                        def interfaceMac = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/")
                        def subnetId = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/${interfaceMac}/subnet-id")
                        instanceId = sh(returnStdout: true, script: "aws ec2 run-instances --image-id ${AMI_ID.trim()} " +
                                "--security-group-ids ${securityGroupId} --key-name ${keyName} " +
                                "--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=serverspec-test},{Key=Env,Value=test},{Key=Type,Value=serverspec}]' " +
                                "--instance-type t3.small --subnet ${subnetId} " +
                                "--query 'Instances[].InstanceId' --output text").trim()
                        sh "aws ec2 wait instance-status-ok --instance-ids ${instanceId}"
                        env.INSTANCE_IP = sh(returnStdout: true, script: "aws ec2 describe-instances --instance-ids ${instanceId} " +
                                "--query 'Reservations[0].Instances[0].PrivateIpAddress' --output text").trim()
                    }
                }
            }
        }

        stage('Run serverspec tests') {
            steps {
                script {
                    sh "rspec --format documentation --pattern 'serverspec/spec/*.rb'"
                }
            }
        }
    }

    post {
        always {
            script {
                withAWS(role: "${JENKINS_ROLE}", roleAccount: "${AWS_ACCOUNT}", region: "${REGION}") {
                    sh "rm ${SSH_KEY_PATH}"
                    sh "aws ec2 terminate-instances --instance-ids ${instanceId}"
                    sh "aws ec2 wait instance-terminated --instance-ids ${instanceId}"
                    sh "aws ec2 delete-key-pair --key-name ${keyName}"
                    sh "aws ec2 delete-security-group --group-id ${securityGroupId}"
                }
            }
        }
    }
 }
	#!groovy
	import groovy.transform.Field

	@Field
	def keyName
	@Field
	def instanceId
	@Field
	def securityGroupId

	pipeline {

	agent { label 'agent' }

	parameters {
	string(name: 'AMI_ID', trim: true)
	string(name: 'REGION', trim: true)
	}

	stages {
	stage('Create key-pair') {
	keyName = UUID.randomUUID().toString()
	env.SSH_KEY_PATH = UUID.randomUUID().toString() + ".pem"
	sh "aws ec2 create-key-pair --key-name ${keyName} --key-type ed25519 " +
	"--tag-specifications 'ResourceType=key-pair,Tags=[{Key=Env,Value=test},{Key=Type,Value=serverspec}]' " +
	"\| jq -r .KeyMaterial > ${SSH_KEY_PATH}"
	sh "chmod 400 ${SSH_KEY_PATH}"
	}

	stage('Create security group') {
	def securityGroupName = UUID.randomUUID().toString()
	def interfaceMac = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/")
	def vpcId = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/${interfaceMac}/vpc-id")
	securityGroupId = sh(returnStdout: true, script: "aws ec2 create-security-group --vpc-id ${vpcId} " +
	"--group-name ${"spec-" + securityGroupName} " +
	"--description 'Temporary group created for running serverspec tests' " +
	"--tag-specifications 'ResourceType=security-group,Tags=[{Key=Env,Value=test},{Key=Type,Value=serverspec}]' " +
	"--query 'GroupId'").trim()
	def agentIpAddress = sh(returnStdout: true, script: "curl http://169.254.169.254/latest/meta-data/local-ipv4").trim()
	sh "aws ec2 authorize-security-group-ingress --group-id ${securityGroupId} " +
	"--protocol tcp --port 22 --cidr ${agentIpAddress}/32"
	}

	stage('Launch instance') {
	steps {
	script {
	withAWS(role: "${JENKINS_ROLE}", roleAccount: "${AWS_ACCOUNT}", region: "${REGION}") {
	def interfaceMac = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/")
	def subnetId = sh(returnStdout: true, script: "curl --silent http://169.254.169.254/latest/meta-data/network/interfaces/macs/${interfaceMac}/subnet-id")
	instanceId = sh(returnStdout: true, script: "aws ec2 run-instances --image-id ${AMI_ID.trim()} " +
	"--security-group-ids ${securityGroupId} --key-name ${keyName} " +
	"--tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=serverspec-test},{Key=Env,Value=test},{Key=Type,Value=serverspec}]' " +
	"--instance-type t3.small --subnet ${subnetId} " +
	"--query 'Instances[].InstanceId' --output text").trim()
	sh "aws ec2 wait instance-status-ok --instance-ids ${instanceId}"
	env.INSTANCE_IP = sh(returnStdout: true, script: "aws ec2 describe-instances --instance-ids ${instanceId} " +
	"--query 'Reservations[0].Instances[0].PrivateIpAddress' --output text").trim()
	}
	}
	}
	}

	stage('Run serverspec tests') {
	steps {
	script {
	sh "rspec --format documentation --pattern 'serverspec/spec/*.rb'"
	}
	}
	}
	}

	post {
	always {
	script {
	withAWS(role: "${JENKINS_ROLE}", roleAccount: "${AWS_ACCOUNT}", region: "${REGION}") {
	sh "rm ${SSH_KEY_PATH}"
	sh "aws ec2 terminate-instances --instance-ids ${instanceId}"
	sh "aws ec2 wait instance-terminated --instance-ids ${instanceId}"
	sh "aws ec2 delete-key-pair --key-name ${keyName}"
	sh "aws ec2 delete-security-group --group-id ${securityGroupId}"
	}
	}
	}
	}
	}