forked from infamousjoeg/conjur-policies
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Jenkinsfile
55 lines (50 loc) · 1.88 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
pipeline {
agent any
triggers {
pollSCM '* * * * *'
}
environment {
CONJUR_ACCOUNT = 'cyberarkdemo'
CONJUR_APPLIANCE_URL = 'https://conjur.joegarcia.dev'
}
stages {
stage('Install cybr-cli') {
steps {
sh '''
wget https://github.com/infamousjoeg/cybr-cli/releases/latest/download/cybr-cli_linux_amd64.tar.gz
tar -xzf cybr-cli_linux_amd64.tar.gz
chmod +x cybr
'''
sh './cybr version'
}
}
stage('Authenticate cybr-cli to Conjur') {
steps {
withCredentials([
conjurSecretCredential(credentialsId: 'SyncVault-LOB_CI-D-App-Conjur-Policies-host_ci_jenkins_projects_conjur-policies-username', variable: 'CONJUR_AUTHN_LOGIN'),
conjurSecretCredential(credentialsId: 'SyncVault-LOB_CI-D-App-Conjur-Policies-host_ci_jenkins_projects_conjur-policies-password', variable: 'CONJUR_AUTHN_API_KEY')
]) {
sh './cybr conjur logon-non-interactive'
}
}
}
stage('Load Conjur Policies') {
steps {
withCredentials([
conjurSecretCredential(credentialsId: 'SyncVault-LOB_CI-D-App-Conjur-Policies-host_ci_jenkins_projects_conjur-policies-username', variable: 'CONJUR_AUTHN_LOGIN'),
conjurSecretCredential(credentialsId: 'SyncVault-LOB_CI-D-App-Conjur-Policies-host_ci_jenkins_projects_conjur-policies-password', variable: 'CONJUR_AUTHN_API_KEY')
]) {
sh './load_policies.sh > output'
}
}
}
}
post {
always {
sh '''
echo "Output from Load Policies script:"
cat ./output
'''
}
}
}