132 lines
2.8 KiB
Groovy
132 lines
2.8 KiB
Groovy
def baseName = 'deploy'
|
|
def stackPrefix = 'jenkins'
|
|
def stacks = ['samba-1x3',
|
|
'samba-3x3',
|
|
'samba-8sp-1x3-pub',
|
|
'samba-8sp-3x3-pub',
|
|
'samba-9-3x3-pub',
|
|
'samba-sisyphus-1x3',
|
|
'samba-sisyphus-1x3-pub',
|
|
'samba-sisyphus-3x3-pub',
|
|
'samba-sisyphus-3x3',
|
|
'krb5-sisyphus-1x1',
|
|
'krb5-9-1x1']
|
|
def infraRepo = 'https://github.com/altlinuxteam/infra.git'
|
|
def infraBranch = 'master'
|
|
def confRepo = 'http://gogs.srt/BaseALT/infra-conf.git'
|
|
def confBranch = 'master'
|
|
|
|
stacks.each { s ->
|
|
def jobName = "${baseName}-${s}"
|
|
job(jobName) {
|
|
label('nix && small')
|
|
logRotator(-1, 10, -1, 10)
|
|
parameters {
|
|
stringParam('ENV', 'test', 'infra environment name')
|
|
stringParam('STACK', "${stackPrefix}-${s}", 'infra stack name')
|
|
stringParam('TASKS', '', 'comma separated tasks list to add as additional repos')
|
|
choiceParam('DEPLOY_MODE', ['deploy', 'redeploy', 'destroy'], '')
|
|
}
|
|
multiscm {
|
|
git {
|
|
remote {
|
|
name('origin')
|
|
url(infraRepo)
|
|
}
|
|
branch(infraBranch)
|
|
extensions {
|
|
submoduleOptions {
|
|
disable(false)
|
|
tracking(true)
|
|
}
|
|
}
|
|
}
|
|
git {
|
|
remote {
|
|
name('origin')
|
|
url(confRepo)
|
|
}
|
|
branch(confBranch)
|
|
extensions {
|
|
relativeTargetDirectory('vars/conf')
|
|
}
|
|
}
|
|
}
|
|
wrappers {
|
|
colorizeOutput()
|
|
timestamps()
|
|
credentialsBinding {
|
|
string('VAULT_KEY', 'vault-test-key')
|
|
}
|
|
sshAgent('robot_key', 'jenkins-gogs')
|
|
}
|
|
steps {
|
|
shell('''#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
set -x
|
|
mkdir -p .tmp/
|
|
echo ${VAULT_KEY} > .tmp/.pass-${ENV}
|
|
chmod 600 .tmp/.pass-${ENV}
|
|
|
|
if [[ -n "${TASKS+x}" ]]; then
|
|
sed -ie "s/apt_sources_from_tasks:.*/apt_sources_from_tasks: [$TASKS]/" \
|
|
vars/conf/stacks/$STACK/apps.yml
|
|
fi
|
|
'''.stripIndent())
|
|
|
|
shell('''#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
set -x
|
|
rm -f .script
|
|
cat <<'EOF' >.script
|
|
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
set -x
|
|
|
|
export ANSIBLE_FORCE_COLOR=1
|
|
export PYTHONUNBUFFERED=1
|
|
|
|
params=""
|
|
|
|
if [[ "${DEPLOY_MODE}" == "redeploy" ]]; then
|
|
params="$params -e redeploy_all=yes"
|
|
elif [[ "${DEPLOY_MODE}" == "destroy" ]]; then
|
|
params="$params -e destroy_all=yes"
|
|
fi
|
|
|
|
ansible-playbook \
|
|
-e env_name=$ENV \
|
|
-e stack_name=$STACK \
|
|
--vault-id $ENV@.tmp/.pass-$ENV \
|
|
$params provision.yml
|
|
|
|
if [[ "${DEPLOY_MODE}" != "destroy" ]]; then
|
|
ansible-playbook -i .tmp/ansible_hosts \
|
|
-e env_name=$ENV \
|
|
-e stack_name=$STACK \
|
|
--vault-id $ENV@.tmp/.pass-$ENV \
|
|
$ENV-$STACK-apps.yml
|
|
fi
|
|
EOF
|
|
chmod +x .script
|
|
'''.stripIndent())
|
|
|
|
shell('''#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
set -x
|
|
rm -rf .tmp/*
|
|
nix-shell --run ./.script
|
|
'''.stripIndent())
|
|
}
|
|
|
|
publishers {
|
|
archiveArtifacts {
|
|
pattern('.tmp/ssh_config')
|
|
pattern('.tmp/domain_config')
|
|
pattern("vars/conf/stacks/${stackPrefix}-${s}/**")
|
|
onlyIfSuccessful(false)
|
|
}
|
|
}
|
|
}
|
|
}
|