6

I am trying to setup an application testing environment with Jenkins.

Since the GIT repository is in another separate network, it is required to connect to a VPN connection to establish a connection between Jenkins and GIT.

So, is there any way to establish a VPN connection before the GIT pull step?

I have a CLI command to start/stop a VPN connection. Currently, I use "Post Steps" section's "Execute Shell Script" option to run the command to stop VPN connection.

ckruczek
  • 2,361
  • 2
  • 20
  • 23
Udara Seneviratne
  • 2,303
  • 1
  • 33
  • 49
  • why wouldn't you establish it once and forever? Using the OS tools instead. – zerkms Jun 12 '17 at 04:45
  • 1
    @zerkms Due to the security and resource concerns as a practice we don't keep the VPN connection up forever. Before GIT pull we start VPN and after GIT pull we stop the connection. That's a requirement. – Udara Seneviratne Jun 12 '17 at 04:51
  • You need reassess your security policies, since the solution you have or are going to implement is not more, but less secure. – zerkms Jun 12 '17 at 04:53
  • @zerkms Actually here the security perspective is affecting the test environment to the live environments. However changing the security policies may get a long time. Any help is appreciated. – Udara Seneviratne Jun 12 '17 at 05:39

2 Answers2

0

You can see if a plugin like OpenConnect could help.
As mentioned in this answer, you would then run a job with a run task called "Connect to Cisco AnyConnect VPN". If that job succeed, then you can run your regular job with a Git url.

For that Git url, you might have to establish an ssh tunnel.

ssh -L3333:git.example.com:22 you@proxy.example.com
git clone ssh://git@localhost:3333/example.git

The first command would be part of the first job I mentioned above, the one which starts the VPN.
The second line, the ssh url one, would be the one to use in the Git url field of the second job (the one which should get the sources).
That second job, as a post-build step, can then clone the VPN.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
0

you can try:
step 1: in jenkins:
1.1 create New Item>Freestyle project
1.2 in Build> Add build step> Execute shell> add cmd:

nmcli con up id NAME


show your connection NAME:

nmcli con


note: if you use CI-CD, you can hook in here!
step 2: open your Item in jenkins:
in tab Build Triggers > select Build after other projects are built> Project to watch
config name item you create in step 1
step 3: create new Item in jenkins(down your connect)
3.1 in tab Build Triggers > select Build after other projects are built> Project to watch
config name your item
3.2 in tab Build > add Execute shell> add cmd

nmcli con down id ConnectionName


Good luck! =)))

Kiu Kiu Duck Pea
  • 54
  • 4