chore: remove sysadmin repo. reference

edx · Jan 8, 2024 · b9d9295 · b9d9295
1 parent 183a1e8
commit b9d9295
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 42 deletions.
diff --git a/devops/jobs/SAMLSSLExpirationCheck.groovy b/devops/jobs/SAMLSSLExpirationCheck.groovy
@@ -9,8 +9,8 @@
                  saml_secret (required)
                  secret_key (required)
     * SECURE_GIT_CREDENTIALS: secure-bot-user (required)
-    * CONFIGURATION_REPO: name of config repo, default is https://github.com/edx/configuration.git
-    * CONFIGURATION_BRANCH: default is master
+    * MONITORING_SCRIPT_REPO: name of config repo, default is https://github.com/edx/configuration.git
+    * MONITORING_SCRIPT_REPO_BRANCH: default is master
     * REGION: default is us-east-1
     * NOTIFY_ON_FAILURE: [email protected]
     * FOLDER_NAME: folder, default is Monitoring
@@ -21,40 +21,69 @@
 package devops.jobs
 import static org.edx.jenkins.dsl.Constants.common_logrotator
 
-class SAMLSSLExpirationCheck{
-    public static def job = { dslFactory, extraVars ->
-        assert extraVars.containsKey('DEPLOYMENTS') : "Please define DEPLOYMENTS. It should be a list of strings."
-        assert !(extraVars.get('DEPLOYMENTS') instanceof String) : "Make sure DEPLOYMENTS is a list and not a string"
-        extraVars.get('DEPLOYMENTS').each { deployment, configuration ->
-                configuration.environments.each { environment, inner_config -> 
-                    dslFactory.job(extraVars.get("FOLDER_NAME","Monitoring") + "/saml-ssl-expiration-check-${environment}-${deployment}") {
-                        logRotator common_logrotator
-
-
-                        def gitCredentialId = extraVars.get('SECURE_GIT_CREDENTIALS','')
-
-                        triggers {
-                            cron("H 15 * * * ")
-                        }
-
-                        environmentVariables {
-                            env('REGION', extraVars.get('REGION','us-east-1'))
-                            env('DAYS', extraVars.get('DAYS', 90))
-                            env('SAML_SECRET',inner_config.get('saml_secret'))
-                            env('SECRET_KEY',inner_config.get('secret_key'))
-                        }
-
-                        steps {
-                          shell(dslFactory.readFileFromWorkspace('devops/resources/saml-ssl-expiration-check.sh'))
-                       }
-
-                       if (extraVars.get('NOTIFY_ON_FAILURE')){
-                           publishers {
-                               mailer(extraVars.get('NOTIFY_ON_FAILURE'), false, false)
-                       }
-                  }
-               }
-           }
-       }
-   }
+class SAMLSSLExpirationCheck {
+  public static def job = {
+    dslFactory,
+    extraVars ->
+    assert extraVars.containsKey('DEPLOYMENTS'): "Please define DEPLOYMENTS. It should be a list of strings."
+    assert!(extraVars.get('DEPLOYMENTS') instanceof String): "Make sure DEPLOYMENTS is a list and not a string"
+    extraVars.get('DEPLOYMENTS').each {
+      deployment,
+      configuration ->
+      configuration.environments.each {
+        environment,
+        inner_config ->
+        dslFactory.job(extraVars.get("FOLDER_NAME", "Monitoring") + "/saml-ssl-expiration-check-${environment}-${deployment}") {
+          logRotator common_logrotator
+
+          def gitCredentialId = extraVars.get('SECURE_GIT_CREDENTIALS', '')
+
+          parameters {
+            stringParam('MONITORING_SCRIPTS_REPO', extraVars.get('MONITORING_SCRIPTS_REPO', '[email protected]:edx/monitoring-scripts.git'),
+              'Git repo containing edX monitoring scripts, which contains the ssl expiration check script.')
+            stringParam('MONITORING_SCRIPTS_BRANCH', extraVars.get('MONITORING_SCRIPTS_BRANCH', 'master'),
+              'e.g. tagname or origin/branchname')
+          }
+
+          multiscm {}
+          git {
+            remote {
+              url('$MONITORING_SCRIPTS_REPO')
+              branch('$MONITORING_SCRIPTS_BRANCH')
+              if (gitCredentialId) {
+                credentials(gitCredentialId)
+              }
+            }
+            extensions {
+              cleanAfterCheckout()
+              pruneBranches()
+              relativeTargetDirectory('monitoring-scripts')
+            }
+          }
+        }
+
+        triggers {
+          cron("H 15 * * * ")
+        }
+
+        environmentVariables {
+          env('REGION', extraVars.get('REGION', 'us-east-1'))
+          env('DAYS', extraVars.get('DAYS', 90))
+          env('SAML_SECRET', inner_config.get('saml_secret'))
+          env('SECRET_KEY', inner_config.get('secret_key'))
+        }
+
+        steps {
+          shell(dslFactory.readFileFromWorkspace('devops/resources/saml-ssl-expiration-check.sh'))
+        }
+
+        if (extraVars.get('NOTIFY_ON_FAILURE')) {
+          publishers {
+            mailer(extraVars.get('NOTIFY_ON_FAILURE'), false, false)
+          }
+        }
+      }
+    }
+  }
+}
 }
diff --git a/devops/jobs/SSLExpirationCheck.groovy b/devops/jobs/SSLExpirationCheck.groovy
@@ -44,7 +44,6 @@ class SSLExpirationCheck{
                 }
 
                 def gitCredentialId = extraVars.get('SECURE_GIT_CREDENTIALS','')
-                assert extraVars.containsKey('SYSADMIN_REPO') : "Please define a system admin repo where the SSL expiration check  script is located"
 
                 parameters{
                     stringParam('CONFIGURATION_REPO', extraVars.get('CONFIGURATION_REPO', 'https://github.com/edx/configuration.git'),

diff --git a/devops/resources/saml-ssl-expiration-check.sh b/devops/resources/saml-ssl-expiration-check.sh
@@ -14,13 +14,16 @@ HOME=/edx/var/jenkins
 env
 set -x
 
-cd $WORKSPACE/sysadmin
+
+cd $WORKSPACE/monitoring-scripts
 pip install -r requirements/base.txt
-pip install awscli
+cd saml_ssl_expiration_check
 
-cd jenkins
 set +x
 
+
+
+
 export SSL=$($SAML_SECRET | sed 's/\\"/"/g' | jq -r ".$SECRET_KEY")
 
 python saml-ssl-expiration-check.py -d $DAYS -v SSL