Jenkins pipeline for automated VM builds of all templates

Jenkinsfile

@@ -0,0 +1,17 @@
+pipeline {
+    agent none 
+    stages {
+        stage('Build') { 
+            agent {
+                dockerfile {
+                    filename 'Dockerfile'
+                    dir 'tests/smoke'
+                    args '-v /dev/vboxdrv:/dev/vboxdrv --privileged'
+                }
+            }
+            steps {
+                sh 'tests/smoke/build-all-templates.sh'
+            }
+        }
+    }
+}

tests/smoke/Dockerfile

@@ -0,0 +1,29 @@
+FROM ubuntu:16.04
+
+RUN apt-get update && apt-get install -y --no-install-recommends virtualbox python3 python3-pip python3-setuptools wget unzip bash git && \
+    wget https://releases.hashicorp.com/packer/1.3.1/packer_1.3.1_linux_amd64.zip && unzip packer_1.3.1_linux_amd64.zip -d packer && \
+    mv packer/packer /usr/local/bin/ && chmod a+x /usr/local/bin/packer && rm packer_1.3.1_linux_amd64.zip && rmdir packer
+
+# Config between delimiters taken from https://github.com/jenkinsci/docker/blob/master/Dockerfile
+# --
+ARG user=jenkins
+ARG group=jenkins
+ARG uid=1000
+ARG gid=1006
+# [...]
+ARG JENKINS_HOME=/var/jenkins_home
+
+ENV JENKINS_HOME $JENKINS_HOME
+
+# Jenkins is run with user `jenkins`, uid = 1000
+# If you bind mount a volume from the host or a data container,
+# ensure you use the same uid
+RUN mkdir -p $JENKINS_HOME \
+  && chown ${uid}:${gid} $JENKINS_HOME \
+  && groupadd -g ${gid} ${group} \
+  && useradd -d "$JENKINS_HOME" -u ${uid} -g ${gid} -m -s /bin/bash ${user}
+
+USER ${user}
+# --
+
+CMD ["/bin/bash"]

tests/smoke.sh → tests/smoke/build-all-templates.sh

@@ -16,27 +16,27 @@
 #
 
 export PATH=$PATH:$HOME/.local/bin
-pip3 install --upgrade git+https://github.com/GoSecure/malboxes.git#egg=malboxes
+pip3 install --upgrade git+https://github.com/GoSecure/malboxes.git@${GIT_BRANCH#*/}#egg=malboxes
 
-echo "Fetching all profiles..."
-PROFILES=`malboxes list | head -n-1 | tail -n+3`
+echo "Fetching all templates..."
+TEMPLATES=`malboxes list | head -n-1 | tail -n+3`
 
-# build all profiles
+# build all templates
 declare -A RESULTS
 WORST_EXIT_STATUS=0
-for _P in $PROFILES; do
-        echo "Building profile $_P"
-        malboxes build --force --skip-vagrant-box-add --config config.js $_P
+for _T in $TEMPLATES; do
+        echo "Building template $_T"
+        malboxes build --force --skip-vagrant-box-add --config tests/smoke/config.js $_T
 	EXIT_VAL=$?
 	if (( $EXIT_VAL > $WORST_EXIT_STATUS )); then
 		WORST_EXIT_STATUS=$EXIT_VAL
 	fi
-        RESULTS[$_P]=$EXIT_VAL
+        RESULTS[$_T]=$EXIT_VAL
 done
 
-echo Finished building all profiles. Results:
-for _P in "${!RESULTS[@]}"; do
-  echo "$_P: ${RESULTS[$_P]}"
+echo Finished building all templates. Results:
+for _T in "${!RESULTS[@]}"; do
+  echo "$_T: ${RESULTS[$_T]}"
 done
 
 # Not necessarily worse but at least non-zero

tests/smoke/config.js

@@ -0,0 +1,57 @@
+{
+    /*
+     * Malboxes Example Configuration File
+     *
+     * Uncomment a specific section of the file to trigger a particular feature.
+     *
+     * Paths should be written using forward slashes even on Windows.
+     * For ex: C:/Tools
+     */
+
+    // This allows you to use a local filestore for ISOs.
+    // For all versions of Windows except Windows 10 you will need this.
+    "iso_path": "/isos/",
+
+    // Trial or registered version?
+    // If using a registered product update the product_key and set trial to 'false'.
+    // See https://github.com/GoSecure/malboxes/blob/master/docs/windows-licenses.adoc for more information.
+    "trial": "true",
+    //"trial": "false",
+    //"product_key": "9DYFR-MB64K-K9QFT-MKH79-2TVY4",
+    //"product_key": "GFYY9-G6TJ7-2DK27-BY2G3-HWBK3",
+
+    // VM settings
+    "username": "malboxes",
+    "password": "malboxes",
+    "computername": "smoketest",
+    // disk size is in megabytes
+    "disk_size": "20480",
+
+    // Windows Defender: true means enabled, false means disabled. Default is false.
+    //"windows_defender": "false",
+
+    // This example profile will attempt to load profiles/maldoc.js
+    // For more information on profiles check an example profile:
+    // https://github.com/GoSecure/malboxes/blob/master/malboxes/profile-example.js
+    //"profile": "maldoc",
+    //"input_locale": "fr-FR",
+
+    // Provision settings
+    // Which Hypervisor for privisoning and deployment? (Options are: "virtualbox" and "vsphere") Default is "virtualbox"
+    //"hypervisor": "kvm",
+
+    // Chocolatey packages to install on the VM
+    // TODO re-add dependencywalker and regshot once upstream choco package provides a checksum
+    "choco_packages": "sysinternals windbg wireshark 7zip putty apm",
+
+    // Setting the IDA Path will copy the IDA remote debugging tools into the guest
+    //"ida_path": "/path/to/your/ida",
+
+    // Setting Tools Path will copy all the files under the given path into the guest.
+    // Useful to copy proprietary or unpackaged tools.
+    // Note: packer's file provisonning is really slow, avoid having more than
+    // 100 megabytes in there.
+    //"tools_path": "/path/to/your/tools",
+
+    "_comment": "last line must finish without a comma for file to be valid json"
+}