def baseName = 'deploy' def stackPrefix = 'jenkins' def stacks = ['samba-1x3', 'samba-3x3', 'samba-8sp-1x3-pub', 'samba-8sp-3x3-pub', 'samba-9-3x3-pub', 'samba-sisyphus-1x3', 'samba-sisyphus-1x3-pub', 'samba-sisyphus-3x3-pub', 'samba-sisyphus-3x3', 'krb5-sisyphus-1x1'] def infraRepo = 'https://github.com/altlinuxteam/infra.git' def infraBranch = 'master' def confRepo = 'http://gogs.srt/BaseALT/infra-conf.git' def confBranch = 'master' stacks.each { s -> def jobName = "${baseName}-${s}" job(jobName) { label('nix && small') logRotator(-1, 10, -1, 10) parameters { stringParam('ENV', 'test', 'infra environment name') stringParam('STACK', "${stackPrefix}-${s}", 'infra stack name') stringParam('TASKS', '', 'comma separated tasks list to add as additional repos') choiceParam('DEPLOY_MODE', ['deploy', 'redeploy', 'destroy'], '') } multiscm { git { remote { name('origin') url(infraRepo) } branch(infraBranch) extensions { submoduleOptions { disable(false) tracking(true) } } } git { remote { name('origin') url(confRepo) } branch(confBranch) extensions { relativeTargetDirectory('vars/conf') } } } wrappers { colorizeOutput() timestamps() credentialsBinding { string('VAULT_KEY', 'vault-test-key') } sshAgent('robot_key', 'jenkins-gogs') } steps { shell('''#!/usr/bin/env bash set -euo pipefail set -x mkdir -p .tmp/ echo ${VAULT_KEY} > .tmp/.pass-${ENV} chmod 600 .tmp/.pass-${ENV} if [[ -n "${TASKS+x}" ]]; then sed -ie "s/apt_sources_from_tasks:.*/apt_sources_from_tasks: [$TASKS]/" \ vars/conf/stacks/$STACK/apps.yml fi '''.stripIndent()) shell('''#!/usr/bin/env bash set -euo pipefail set -x rm -f .script cat <<'EOF' >.script #!/usr/bin/env bash set -euo pipefail set -x export ANSIBLE_FORCE_COLOR=1 export PYTHONUNBUFFERED=1 params="" if [[ "${DEPLOY_MODE}" == "redeploy" ]]; then params="$params -e redeploy_all=yes" elif [[ "${DEPLOY_MODE}" == "destroy" ]]; then params="$params -e destroy_all=yes" fi ansible-playbook \ -e env_name=$ENV \ -e stack_name=$STACK \ --vault-id $ENV@.tmp/.pass-$ENV \ $params provision.yml if [[ "${DEPLOY_MODE}" != "destroy" ]]; then ansible-playbook -i .tmp/ansible_hosts \ -e env_name=$ENV \ -e stack_name=$STACK \ --vault-id $ENV@.tmp/.pass-$ENV \ $ENV-$STACK-apps.yml fi EOF chmod +x .script '''.stripIndent()) shell('''#!/usr/bin/env bash set -euo pipefail set -x rm -rf .tmp/* nix-shell --run ./.script '''.stripIndent()) } publishers { archiveArtifacts { pattern('.tmp/ssh_config') pattern('.tmp/domain_config') pattern("vars/conf/stacks/${stackPrefix}-${s}/**") onlyIfSuccessful(false) } } } }