Add jenkins CI groovy

Change-Id: I16d94289b282df8c4fc2f1e195874653e6d9c45f

Author: guardhao104

.eslintrc.json renamed to .eslintrc

@@ -3,7 +3,8 @@
     "env": {
         "node": true,
         "commonjs": true,
-        "es6": true
+        "es6": true,
+        "mocha": true
     },
     "parserOptions": {
         "ecmaVersion": 8
@@ -90,7 +91,7 @@
         "operator-linebreak": ["error", "after"],
         "prefer-template": "error",
         "quote-props": ["error", "as-needed"],
-        "quotes": ["error", "single"],
+        "quotes": ["error", "single", {"avoidEscape": true}],
         "require-await": "error",
         "semi": ["error", "always", {
             "omitLastInOneLineBlock": true

generator.js

@@ -41,7 +41,8 @@ const bucketExists = () => {
         let params = {
             Bucket: process.env.S3_BUCKET
         };
-        S3.headBucket(params, function(err, data) { // eslint-disable-line no-unused-vars
+        // eslint-disable-next-line no-unused-vars
+        S3.headBucket(params, function(err, data) {
             if (err) {
                 console.log('called bucketExists and return error: ', err.stack);
                 reject(err);
@@ -79,21 +80,24 @@ const scanDBTable = () => {
  */
 const getBlockListFile = () => {
     return new Promise((resolve, reject) => {
-        S3.getObject({
-            Bucket: process.env.S3_BUCKET,
-            Key: process.env.S3_BLOCKLIST_KEY
-        }, function(err, data) {
-            if (err && err.statusCode.toString() !== '404') {
-                console.log('called saveBlockListToBucket and return error: ', err.stack);
-                reject('Get ip block list error.');
-            } else {
-                if (err && err.statusCode.toString() === '404') {
-                    resolve('');
+        S3.getObject(
+            {
+                Bucket: process.env.S3_BUCKET,
+                Key: process.env.S3_BLOCKLIST_KEY
+            },
+            function(err, data) {
+                if (err && err.statusCode.toString() !== '404') {
+                    console.log('called saveBlockListToBucket and return error: ', err.stack);
+                    reject('Get ip block list error.');
                 } else {
-                    resolve(data.Body.toString('ascii'));
+                    if (err && err.statusCode.toString() === '404') {
+                        resolve('');
+                    } else {
+                        resolve(data.Body.toString('ascii'));
+                    }
                 }
             }
-        });
+        );
     });
 };
 
@@ -113,28 +117,31 @@ const saveBlockListFile = (items, blockList) => {
             found.add(finding.ip);
         });
 
-        S3.putObject({
-            Body: blockList,
-            Bucket: process.env.S3_BUCKET,
-            Key: process.env.S3_BLOCKLIST_KEY,
-            ACL: 'public-read',
-            ContentType: 'text/plain'
-        }, function(err, data) { // eslint-disable-line no-unused-vars
-            if (err) {
-                console.log('called saveBlockListToBucket and return error: ',
-                    err.stack);
-                reject('Put ip block list error');
-            } else {
-                console.log('called saveBlockListToBucket: no error.');
-                let msg = `${found.size} IP addresses found,
+        S3.putObject(
+            {
+                Body: blockList,
+                Bucket: process.env.S3_BUCKET,
+                Key: process.env.S3_BLOCKLIST_KEY,
+                ACL: 'public-read',
+                ContentType: 'text/plain'
+            },
+            // eslint-disable-next-line no-unused-vars
+            function(err, data) {
+                if (err) {
+                    console.log('called saveBlockListToBucket and return error: ', err.stack);
+                    reject('Put ip block list error');
+                } else {
+                    console.log('called saveBlockListToBucket: no error.');
+                    let msg = `${found.size} IP addresses found,
                         and ${added} new IP addresses have been added to ip block list.`;
-                setResp(msg, {
-                    found: found.size,
-                    added: added
-                });
-                resolve();
+                    setResp(msg, {
+                        found: found.size,
+                        added: added
+                    });
+                    resolve();
+                }
             }
-        });
+        );
     });
 };
 
@@ -189,8 +196,11 @@ exports.handler = async (event, context, callback) => {
         // update and save the ip block list file
         await saveBlockListFile(ipRecords, blockList);
     } catch (err) {
-        setResp('There\'s a problem in generating ip block list. Pleasesee detailed' +
-            ' information in CloudWatch logs.', null);
+        setResp(
+            "There's a problem in generating ip block list. Please see detailed" +
+                ' information in CloudWatch logs.',
+            null
+        );
     } finally {
         callback(null, respArr);
     }

jenkins/ci.groovy

@@ -0,0 +1,38 @@
+node('devops-aws') {
+    stage('Clean up') {
+        sh "rm -rf *"
+    }
+
+    stage('Checkout') {
+        def changeBranch = "change-${GERRIT_CHANGE_NUMBER}-${GERRIT_PATCHSET_NUMBER}"
+        def scmVars = checkout scm
+        git url: scmVars.GIT_URL
+        sh "git fetch origin ${GERRIT_REFSPEC}:${changeBranch}"
+        sh "git checkout ${changeBranch}"
+    }
+
+    stage('NPM Install') {
+        echo 'NPM Install..'
+        sh 'npm install'
+    }
+
+    stage('Format check') {
+        echo 'Format checking..'
+        sh './node_modules/.bin/ftnt-devops-ci check -f "**/*.{js,json}"'
+    }
+
+    stage('Lint') {
+        echo 'Linting..'
+        sh './node_modules/.bin/ftnt-devops-ci check -l "**/*.js"'
+    }
+
+    stage('Test') {
+        echo 'Testing..'
+        sh 'npm test'
+    }
+
+    stage('Build') {
+        echo 'Building..'
+        sh 'npm run build'
+    }
+}

local.js

@@ -31,7 +31,8 @@ var fs = require('fs');
 
 var event = null,
     context = {},
-    callback = function(context, response) { // eslint-disable-line no-shadow
+    // eslint-disable-next-line no-shadow
+    callback = function(context, response) {
         console.log('handle callback is called with:', response, context);
     };
 
@@ -41,9 +42,13 @@ if (process.argv[ARGV_PROCESS_ENV_SCRIPT] !== undefined) {
 }
 
 // if provided an event json file, use is. otherwise, use an empty event.
-if (process.argv[ARGV_PROCESS_EVENT_JSON] !== undefined &&
-    fs.existsSync(process.argv[ARGV_PROCESS_EVENT_JSON])) {
+if (
+    process.argv[ARGV_PROCESS_EVENT_JSON] !== undefined &&
+    fs.existsSync(process.argv[ARGV_PROCESS_EVENT_JSON])
+) {
     const data = fs.readFileSync(process.argv[ARGV_PROCESS_EVENT_JSON]);
+    // TODO: fix this:
+    // eslint-disable-next-line no-useless-catch
     try {
         event = JSON.parse(data);
     } catch (e) {

monitor.js

@@ -10,8 +10,7 @@ Required IAM permissions:
 DynamoDB: UpdateItem
 
 */
-const
-    objectUtils = require('./utils/ObjectUtils.js'),
+const objectUtils = require('./utils/ObjectUtils.js'),
     respArr = [];
 
 let docClient = null;
@@ -57,8 +56,9 @@ const updateDBTable = (findingId, ip, lastSeen) => {
                 console.log('called updateDBTable and returned with error:', err.stack);
                 reject('Unable to Update ip into DynamoDB Table.');
             } else {
-                console.log('called updateDBTable: ' +
-                    `finding entry (${findingId}) updated into DB.`);
+                console.log(
+                    'called updateDBTable: ' + `finding entry (${findingId}) updated into DB.`
+                );
                 resolve(data);
             }
         });
@@ -99,42 +99,41 @@ exports.handler = async (event, context, callback) => {
 
     const minSeverity = process.env.minSeverity || 3,
         detail = objectUtils.fetch(event, 'detail') || {},
-        ip = objectUtils.fetch(detail,
-            'service/action/networkConnectionAction/remoteIpDetails/ipAddressV4'),
-        direction = objectUtils.fetch(detail,
-            'service/action/networkConnectionAction/connectionDirection'),
-        threatListName = objectUtils.fetch(detail,
-            'service/additionalInfo/threatListName'),
+        ip = objectUtils.fetch(
+            detail,
+            'service/action/networkConnectionAction/remoteIpDetails/ipAddressV4'
+        ),
+        direction = objectUtils.fetch(
+            detail,
+            'service/action/networkConnectionAction/connectionDirection'
+        ),
+        threatListName = objectUtils.fetch(detail, 'service/additionalInfo/threatListName'),
         findingId = objectUtils.fetch(event, 'id'),
         lastSeen = objectUtils.fetch(detail, 'service/eventLastSeen');
 
     if (!ip) {
-
         setResp('IP not found', null);
         callback(null, respArr);
-
     } else if (direction === 'OUTBOUND') {
-
         setResp('Ignore OUTBOUND connection', null);
         callback(null, respArr);
-
     } else if (direction === 'UNKNOWN' && !threatListName) {
-
         setResp('Ignore UNKNOWN connection due to undefined threat list name', null);
         callback(null, respArr);
-
     } else if (detail.severity >= minSeverity) {
         try {
             await updateDBTable(findingId, ip, lastSeen);
             setResp(`finding entry (${findingId}) updated into DB.`, null);
         } catch (err) {
-            setResp('There\'s a problem in updating ip to the DB. Please' +
-                ' see detailed information in CloudWatch logs.', null);
+            setResp(
+                "There's a problem in updating ip to the DB. Please" +
+                    ' see detailed information in CloudWatch logs.',
+                null
+            );
         } finally {
             callback(null, respArr);
         }
     } else {
-
         setResp(`Ignore due to severity less than ${minSeverity}`, null);
         callback(null, respArr);
     }