v11.3 Release (cyberark#48)

* Support of v11.3 * Add TC5 * Add secure string * Change * Update requirements
dviryamin · Mar 4, 2020 · d0ce72f · d0ce72f
1 parent c85802a
commit d0ce72f
Show file tree

Hide file tree

Showing 3 changed files with 43 additions and 29 deletions.
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -7,7 +7,7 @@ pipeline {
   environment {
     AWS_REGION = sh(script: 'curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | python -c "import json,sys;obj=json.load(sys.stdin);print obj[\'region\']"', returnStdout: true).trim()
     // shortCommit = sh(script: "git log -n 1 --pretty=format:'%h'", returnStdout: true).trim()
-    CYBERARK_VERSION = "v11.2"
+    CYBERARK_VERSION = "v11.3"
     ENV_TIMESTAMP = sh(script: "date +%s", returnStdout: true).trim()
   }
   stages {
@@ -82,14 +82,31 @@ pipeline {
                 }
               }
             }
+            stage('Run pas-orchestrator in-domain #0 failure (TC5)') {
+              steps {
+                withCredentials([usernamePassword(credentialsId: 'default_vault_credentials', passwordVariable: 'ansible_password', usernameVariable: 'ansible_user')]) {
+                  sh '''
+                    source .testenv/bin/activate
+                    VAULT_IP=$(cat /tmp/vault_ip_tc_1.txt)
+                    cp -r tests/playbooks/pas-infrastructure/outputs/hosts_tc_1.yml inventories/staging/hosts_tc_1.yml
+                  '''
+                  catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') {
+                    sh '''
+                      source .testenv/bin/activate
+                      ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_1.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP vault_password='blahblah' cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='cyberark.com\\\\$ansible_user' ansible_password=$ansible_password"
+                    '''
+                  }
+                }
+              }
+            }
             stage('Run pas-orchestrator in-domain #1') {
               steps {
                 withCredentials([usernamePassword(credentialsId: 'default_vault_credentials', passwordVariable: 'ansible_password', usernameVariable: 'ansible_user')]) {
                   sh '''
                     source .testenv/bin/activate
                     VAULT_IP=$(cat /tmp/vault_ip_tc_1.txt)
                     cp -r tests/playbooks/pas-infrastructure/outputs/hosts_tc_1.yml inventories/staging/hosts_tc_1.yml
-                    ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_1.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP vault_password=$ansible_password cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='cyberark.com\\\\$ansible_user' ansible_password=$ansible_password"
+                    ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_1.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP vault_password=$ansible_password psm_hardening=false cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='cyberark.com\\\\$ansible_user' ansible_password=$ansible_password"
                   '''
                 }
               }
@@ -101,7 +118,7 @@ pipeline {
                     source .testenv/bin/activate
                     VAULT_IP=$(cat /tmp/vault_ip_tc_1.txt)
                     cp -r tests/playbooks/pas-infrastructure/outputs/hosts_tc_1.yml inventories/staging/hosts_tc_1.yml
-                    ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_1.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP vault_password=$ansible_password cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='cyberark.com\\\\$ansible_user' ansible_password=$ansible_password"
+                    ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_1.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP vault_password=$ansible_password psm_hardening=false cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='cyberark.com\\\\$ansible_user' ansible_password=$ansible_password"
                   '''
                 }
               }
@@ -234,7 +251,7 @@ pipeline {
                     VAULT_IP=$(cat /tmp/vault_ip_tc_3.txt)
                     VAULT_DR_IP=$(cat /tmp/vaultdr_ip_tc_3.txt)
                     cp -r tests/playbooks/pas-infrastructure/outputs/hosts_tc_3.yml inventories/staging/hosts_tc_3.yml
-                    ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_3.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP dr_vault_ip=$VAULT_DR_IP vault_password=$ansible_password {pvwa_hardening:false} {cpm_hardening:false} {psm_hardening:false} {psm_out_of_domain:true} cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='$ansible_user' ansible_password=$ansible_password"
+                    ansible-playbook pas-orchestrator.yml -i inventories/staging/hosts_tc_3.yml -v -e "accept_eula=yes vault_ip=$VAULT_IP dr_vault_ip=$VAULT_DR_IP vault_password=$ansible_password pvwa_hardening=false cpm_hardening=false psm_hardening=false psm_out_of_domain=true cpm_zip_file_path=/tmp/packages/cpm.zip psm_zip_file_path=/tmp/packages/psm.zip pvwa_zip_file_path=/tmp/packages/pvwa.zip connect_with_rdp=Yes ansible_user='$ansible_user' ansible_password=$ansible_password"
                   '''
                 }
               }

diff --git a/requirements.txt b/requirements.txt
@@ -1,30 +1,27 @@
-ansible==2.8.6
+ansible==2.8.8
 boto==2.49.0
-boto3==1.10.5
-botocore==1.13.5
-certifi==2019.9.11
-cffi==1.13.1
+boto3==1.12.8
+botocore==1.15.8
+certifi==2019.11.28
+cffi==1.14.0
 chardet==3.0.4
 cryptography==2.8
 docutils==0.15.2
-enum34==1.1.6
-futures==3.3.0
-idna==2.8
-ipaddress==1.0.23
-Jinja2==2.10.3
-jmespath==0.9.4
+idna==2.9
+Jinja2==2.11.1
+jmespath==0.9.5
 MarkupSafe==1.1.1
 ntlm-auth==1.4.0
-pyasn1==0.4.7
+pyasn1==0.4.8
 pycparser==2.19
-pyOpenSSL==19.0.0
-python-dateutil==2.8.0
-pywinrm==0.3.0
-PyYAML==5.1.2
-requests==2.22.0
-requests-credssp==1.1.0
+pyOpenSSL==19.1.0
+python-dateutil==2.8.1
+pywinrm==0.4.1
+PyYAML==5.3
+requests==2.23.0
+requests-credssp==1.1.1
 requests-ntlm==1.1.0
-s3transfer==0.2.1
-six==1.12.0
-urllib3==1.25.6
-xmltodict==0.12.0
+s3transfer==0.3.3
+six==1.14.0
+urllib3==1.25.8
+xmltodict==0.12.0
diff --git a/requirements.yml b/requirements.yml
@@ -3,14 +3,14 @@
 # pvwa git repo
 - src: https://github.com/cyberark/pvwa.git
   scm: git
-  version: v11.2
+  version: v11.3
 
 # cpm git repo
 - src: https://github.com/cyberark/cpm.git
   scm: git
-  version: v11.2
+  version: v11.3
 
 # psm git repo
 - src: https://github.com/cyberark/psm.git
   scm: git
-  version: v11.2
+  version: v11.3