|
@@ -5,7 +5,7 @@ pipeline {
|
|
|
environment {
|
|
environment {
|
|
|
DOCKER_REGISTRY='dev-registry.infoclinica.ru:5000'
|
|
DOCKER_REGISTRY='dev-registry.infoclinica.ru:5000'
|
|
|
DOCKER_IMAGE='ovpn-rsa'
|
|
DOCKER_IMAGE='ovpn-rsa'
|
|
|
- SERVICE_NAME="keygen"
|
|
|
|
|
|
|
+ SERVICE_NAME="ovpn-rsa_server"
|
|
|
PKI_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/openvpn-pki.git'
|
|
PKI_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/openvpn-pki.git'
|
|
|
PKI_GIT_NAME='openvpn-pki'
|
|
PKI_GIT_NAME='openvpn-pki'
|
|
|
OVPN_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/openvpn.git'
|
|
OVPN_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/openvpn.git'
|
|
@@ -13,12 +13,13 @@ pipeline {
|
|
|
JENKINS_MAIL='jenkins.dev@sdsys.ru'
|
|
JENKINS_MAIL='jenkins.dev@sdsys.ru'
|
|
|
SMTP_SERVER='mail.sdsys.ru'
|
|
SMTP_SERVER='mail.sdsys.ru'
|
|
|
DOCKER_CERT_PATH='/run/secrets/swarm'
|
|
DOCKER_CERT_PATH='/run/secrets/swarm'
|
|
|
|
|
+ CLUSTER_NAME='dev-iru-swarm.infoclinica.lan'
|
|
|
COMMAND=''
|
|
COMMAND=''
|
|
|
}
|
|
}
|
|
|
parameters {
|
|
parameters {
|
|
|
string(
|
|
string(
|
|
|
name: "branch",
|
|
name: "branch",
|
|
|
- defaultValue: "master",
|
|
|
|
|
|
|
+ defaultValue: "97009",
|
|
|
description: "Which branch to use"
|
|
description: "Which branch to use"
|
|
|
)
|
|
)
|
|
|
choice (
|
|
choice (
|
|
@@ -148,11 +149,50 @@ pipeline {
|
|
|
git push origin ${branch}
|
|
git push origin ${branch}
|
|
|
'''
|
|
'''
|
|
|
}
|
|
}
|
|
|
-
|
|
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
- }
|
|
|
|
|
-
|
|
|
|
|
|
|
+ stage("Send key, certs and config with email") {
|
|
|
|
|
+ when {
|
|
|
|
|
+ expression { params.TASK_ACTION == 'keygen' }
|
|
|
|
|
+ }
|
|
|
|
|
+ steps {
|
|
|
|
|
+ script {
|
|
|
|
|
+ fileZip = "${WORKSPACE}/${PKI_GIT_NAME}/open/easy-rsa/client_keys/sds-${key_name}.zip"
|
|
|
|
|
+ if ( !fileExists("${fileZip}")) {
|
|
|
|
|
+ currentBuild.result == 'FAILURE'
|
|
|
|
|
+ return
|
|
|
|
|
+ } else {
|
|
|
|
|
+ withEnv(["zip=${fileZip}"]) {
|
|
|
|
|
+ withCredentials([usernamePassword(credentialsId: 'jenkins', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
|
|
|
|
|
+ sh '''echo "Ваши ключ, сертификаты и конфигурационный файл для подключения к infoclinica.ru" | email -s "Your Certs and Key" \
|
|
|
|
|
+ -f ${JENKINS_MAIL} \
|
|
|
|
|
+ -r ${SMTP_SERVER} \
|
|
|
|
|
+ -m login \
|
|
|
|
|
+ -u ${USERNAME} \
|
|
|
|
|
+ -i ${PASSWORD} \
|
|
|
|
|
+ -a ${zip} \
|
|
|
|
|
+ ${client_mail}
|
|
|
|
|
+ '''
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ stage("Update ccd-files and crl.pem") {
|
|
|
|
|
+ steps {
|
|
|
|
|
+ script {
|
|
|
|
|
+ def NODE = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME}:2376 DOCKER_TLS_VERIFY=1 docker service ps \${SERVICE_NAME} --format '{{.Node}}' --filter desired-state=Running" , returnStdout: true).trim()
|
|
|
|
|
+ sh "if [ -z ${NODE} ]; then echo '${SERVICE_NAME} doesn't running'; exit 1"
|
|
|
|
|
+ def container_id = sh (script: "DOCKER_HOST=tcp://${NODE}:2376 DOCKER_TLS_VERIFY=1 docker ps -q -f label=ru.sdsys.subcontainer=\${SERVICE_NAME}" , returnStdout: true).trim()
|
|
|
|
|
+ sh "DOCKER_HOST=tcp://${NODE}:2376 DOCKER_TLS_VERIFY=1 docker cp ${WORKSPACE}/${OVPN_GIT_DIR}/${OVPN_GIT_DIR}/ccd/ ${container_id}:/etc/${OVPN_GIT_DIR}/persist"
|
|
|
|
|
+ sh "DOCKER_HOST=tcp://${NODE}:2376 DOCKER_TLS_VERIFY=1 docker cp ${WORKSPACE}/${PKI_GIT_NAME}/open/easy-rsa/keys/stonevpn.crl"
|
|
|
|
|
+
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
post {
|
|
post {
|
|
|
always {
|
|
always {
|
|
|
echo "CleaningUp work directory"
|
|
echo "CleaningUp work directory"
|
|
@@ -173,4 +213,4 @@ pipeline {
|
|
|
body: "<b>ATTENTION!!!</b> <b><br> Jenkins job aborted.\n\n <b><br> The CNAME ${key_name} is already exists!\n\n <b><br>Project Name:</b> ${env.JOB_NAME} <b><br>\nBuild Number:</b> ${env.BUILD_NUMBER} <b><br>\nURL Build:</b> ${RUN_DISPLAY_URL}"
|
|
body: "<b>ATTENTION!!!</b> <b><br> Jenkins job aborted.\n\n <b><br> The CNAME ${key_name} is already exists!\n\n <b><br>Project Name:</b> ${env.JOB_NAME} <b><br>\nBuild Number:</b> ${env.BUILD_NUMBER} <b><br>\nURL Build:</b> ${RUN_DISPLAY_URL}"
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-}
|
|
|
|
|
|
|
+}
|
