Browse Source

Обновить 'Jenkinsfile_keygen'

Vladimir Tomishinets 6 years ago
parent
commit
80102df125
1 changed files with 46 additions and 6 deletions
  1. 46 6
      Jenkinsfile_keygen

+ 46 - 6
Jenkinsfile_keygen

@@ -5,7 +5,7 @@ pipeline {
   environment {
     DOCKER_REGISTRY='dev-registry.infoclinica.ru:5000'
     DOCKER_IMAGE='ovpn-rsa'
-    SERVICE_NAME="keygen"
+    SERVICE_NAME="ovpn-rsa_server"
     PKI_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/openvpn-pki.git'
     PKI_GIT_NAME='openvpn-pki'
     OVPN_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/openvpn.git'
@@ -13,12 +13,13 @@ pipeline {
     JENKINS_MAIL='jenkins.dev@sdsys.ru'
     SMTP_SERVER='mail.sdsys.ru'
     DOCKER_CERT_PATH='/run/secrets/swarm'
+    CLUSTER_NAME='dev-iru-swarm.infoclinica.lan'
     COMMAND=''
   }
   parameters {
     string(
       name: "branch",
-      defaultValue: "master",
+      defaultValue: "97009",
       description: "Which branch to use"
     )
     choice (
@@ -148,11 +149,50 @@ pipeline {
                   git push origin ${branch}
                '''
           }
-          
+        }
       }
     }
-  }
-    
+    stage("Send key, certs and config with email") {
+      when {
+        expression { params.TASK_ACTION == 'keygen' }
+      }
+      steps {
+        script {
+          fileZip = "${WORKSPACE}/${PKI_GIT_NAME}/open/easy-rsa/client_keys/sds-${key_name}.zip"
+          if ( !fileExists("${fileZip}")) {
+            currentBuild.result == 'FAILURE'
+            return
+          } else {
+            withEnv(["zip=${fileZip}"]) {
+              withCredentials([usernamePassword(credentialsId: 'jenkins', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
+                sh '''echo "Ваши ключ, сертификаты и конфигурационный файл для подключения к infoclinica.ru" | email -s "Your Certs and Key" \
+                      -f ${JENKINS_MAIL} \
+                      -r ${SMTP_SERVER} \
+                      -m login \
+                      -u ${USERNAME} \
+                      -i ${PASSWORD} \
+                      -a ${zip} \
+                      ${client_mail}
+                   '''
+              }
+            }
+          } 
+        }
+      }
+    }
+    stage("Update ccd-files and crl.pem") {
+      steps {
+        script {
+          def NODE = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME}:2376 DOCKER_TLS_VERIFY=1 docker service ps \${SERVICE_NAME} --format '{{.Node}}' --filter desired-state=Running" , returnStdout: true).trim()
+          sh "if [ -z ${NODE} ]; then echo '${SERVICE_NAME} doesn't running'; exit 1"
+          def container_id = sh (script: "DOCKER_HOST=tcp://${NODE}:2376 DOCKER_TLS_VERIFY=1 docker ps -q -f label=ru.sdsys.subcontainer=\${SERVICE_NAME}" , returnStdout: true).trim()
+          sh "DOCKER_HOST=tcp://${NODE}:2376 DOCKER_TLS_VERIFY=1 docker cp ${WORKSPACE}/${OVPN_GIT_DIR}/${OVPN_GIT_DIR}/ccd/ ${container_id}:/etc/${OVPN_GIT_DIR}/persist"
+          sh "DOCKER_HOST=tcp://${NODE}:2376 DOCKER_TLS_VERIFY=1 docker cp ${WORKSPACE}/${PKI_GIT_NAME}/open/easy-rsa/keys/stonevpn.crl"
+
+        }
+      }
+    }
+  }  
   post {
     always {
       echo "CleaningUp work directory"
@@ -173,4 +213,4 @@ pipeline {
            body: "<b>ATTENTION!!!</b> <b><br> Jenkins job aborted.\n\n <b><br> The CNAME ${key_name} is already exists!\n\n <b><br>Project Name:</b> ${env.JOB_NAME} <b><br>\nBuild Number:</b> ${env.BUILD_NUMBER} <b><br>\nURL Build:</b> ${RUN_DISPLAY_URL}"
     }
   }
-}
+}