Commit ce12cfb2 authored by Thomas Bouffard's avatar Thomas Bouffard Committed by Adrien

chore(ci): add sanity checks and related Jenkins pipeline (#14)

* chore(ci): add sanity checks and related Jenkins pipeline

Covers [CI-456](https://bonitasoft.atlassian.net/browse/CI-456)
parent 3eee7580
# Sanity checks script
Tested on Linux and Windows (with Git Bash)
This script allows to perform the following checks
* service availability by calling an health check url (no sign processing)
* sign processing availability by performing an actual sign operation
Run `./checks.sh --help` to know how to use the script.
## Requirements
`jq` must be installed
## Implementation details
### Windows executable used to test the sign process
This file has been generated using powershell 5.1 on Windows 10 Professional with the following command
```
Add-Type -outputtype consoleapplication -outputassembly helloworld.exe 'public class helloworld{public static void Main(){System.Console.WriteLine("hello world");}}'
```
**Note**: to run, this exe file requires Powershell to be enable
Inspiration: https://laurentschneider.com/wordpress/2012/05/create-helloworld-exe-file-in-powershell.html
### Mac application used to test the sign process
It is a plain text file stored in a zip.
/**
* Jenkins pipeline for Sanity Checks run at Bonitasoft
*/
pipeline {
agent any
options {
timestamps()
}
stages {
stage('Check Windows Sign Service') {
steps {
dir('infrastructure/sanity-checks') {
sh '''#!/bin/bash +x
set -euo pipefail
./check.sh --windows-sign-url ${SIGN_SERVICE_URL}
'''
}
}
}
stage('Check Mac Sign Service') {
steps {
dir('infrastructure/sanity-checks') {
sh '''#!/bin/bash +x
set -euo pipefail
./check.sh --mac-sign-url ${MAC_SIGN_SERVICE_URL}
'''
}
}
}
}
}
#!/bin/bash +x
set -euo pipefail
rm -rf work
mkdir -p work/mac
mkdir -p work/windows
SIGN_SERVICE_URL_MAC=
SIGN_SERVICE_URL_WINDOWS=
function sign() {
local url=$1
local inputFile=$2
local output=$3
echo "Signing $inputFile..."
echo "URL=$url"
local http_code=$(curl -sS -w '%{http_code}' --request POST -o $output -F exeFile=@$inputFile $url;)
if [[ $http_code -ne 200 ]]; then
echo "Sign failed and returned http ${http_code}"
echo "Server message: $(cat $output)" # in this case, the output is plain text
exit 22
fi
echo "Sign done"
}
function checkConnectivity() {
local url=$1
echo "Checking connectivity with ${url}"
local response=$(curl -sS --request GET ${url})
echo "Response: ${response}"
# {"timestamp":"2018-12-21T15:40:21.943+0000","status":405,"error":"Method Not Allowed","message":"Request method 'GET' not supported","path":"/sign"}
local http_code=`echo ${response} | jq --raw-output '.status'`
if [[ $http_code -ne 405 ]]; then
echo "Connectivity failed and returned http code: ${http_code}"
exit 21
fi
echo "Connectivity check done"
}
function checkWindowsService() {
local url=$1
checkConnectivity ${url}
echo "Testing the Windows codesign"
cp helloworld.exe work/windows/input.exe
sign ${SIGN_SERVICE_URL_WINDOWS} work/windows/input.exe work/windows/output.exe
echo "Windows codesign OK"
}
function checkMacService() {
local url=$1
checkConnectivity ${url}
echo "Testing the Mac codesign"
cp helloworld.app.zip work/mac/input.app.zip
sign ${SIGN_SERVICE_URL_MAC} work/mac/input.app.zip work/mac/output.app
echo "Mac codesign OK"
}
function usage() {
launch_command=`basename ${0}`
echo "Usage: ${launch_command}"
echo " --mac-sign-url <url> url of the mac sign service"
echo " --windows-sign-url <url> url of the windows sign service"
echo " --help display this help"
exit 1
}
while [[ $# -gt 0 ]]; do
case $1 in
--mac-sign-url ) shift
SIGN_SERVICE_URL_MAC=$1
;;
--windows-sign-url ) shift
SIGN_SERVICE_URL_WINDOWS=$1
;;
--help ) usage
exit
;;
* ) echo "Unknown option: $1"
usage
exit 1
esac
shift
done
if [[ -n "${SIGN_SERVICE_URL_WINDOWS}" ]]; then
checkWindowsService ${SIGN_SERVICE_URL_WINDOWS}
fi
if [[ -n "${SIGN_SERVICE_URL_MAC}" ]]; then
checkMacService ${SIGN_SERVICE_URL_MAC}
fi
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment