Tomishinets Vladimir пре 4 година
родитељ
комит
4964935f3f
1 измењених фајлова са 25 додато и 14 уклоњено
  1. 25 14
      OFFICERenewalWildcardJenkinsfile

+ 25 - 14
OFFICERenewalWildcardJenkinsfile

@@ -5,6 +5,7 @@ BACKUP_FILE = ''
 CONFIG_DIR = ''
 COMMAND = ''
 TARGET_HOSTS_APACHE = [ 'sugar', 'owncloud' ]
+TARGET_HOST_PROXMOX = [ 'kvm-test' ]
 pipeline {
   agent {
     label "swarm"
@@ -73,7 +74,27 @@ pipeline {
         }
       }
     }
-*/    stage("Update certificate and key") {
+*/    stage("Update certificate and key to Proxmox") {
+      steps {
+        script {
+// Следующие 2 строчки после тестирования необходимо убрать, так как репозитории клонируются в 2 stage
+          git_clone(PKI_GIT_URL)
+          git_clone(SWARM_GIT_URL)
+          NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
+          TARGET_HOSTS_PROXMOX.each { item -> 
+            ENDDATE = sh (script: "echo|openssl s_client -servername ${item}.${DOMAIN} -connect ${item}.${DOMAIN}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
+            if (ENDDATE != NEW_ENDDATE) {
+              echo "Update certificate and key for ${item}"
+              def PLAYBOOK = PKI_GIT_NAME + '/' + DOMAIN + '/wildcard/acme-dns/' + 'proxmox.yml'
+              def TARGET_HOST = item + '.' + DOMAIN
+              def TARGET_DIR = WORKSPACE + '/' + CONFIG_DIR
+              update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
+            }
+          }
+        }
+      }
+    }  
+/*    stage("Update certificate and key") {
       steps {
         script {
 // Следующие 2 строчки после тестирования необходимо убрать, так как репозитории клонируются в 2 stage
@@ -91,18 +112,17 @@ pipeline {
             }
           }
           ENDDATE = sh (script: "echo|openssl s_client -servername ${SMTP_SERVER} -connect ${SMTP_SERVER}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
-//          if (ENDDATE != NEW_ENDDATE) {
+          if (ENDDATE != NEW_ENDDATE) {
             echo "Update certificate and key for ${SMTP_SERVER}"
             sh "cat ${PKI_GIT_NAME}/${DOMAIN}/wildcard/acme-dns/letsencrypt.ca.pem >> ${CONFIG_DIR}/live/${DOMAIN}/fullchain.pem"
             PLAYBOOK = PKI_GIT_NAME + '/' + DOMAIN + '/wildcard/acme-dns/' + 'mail.yml'
             TARGET_DIR = WORKSPACE + '/' + CONFIG_DIR
-//            update_zimbra(PLAYBOOK, TARGET_DIR, SMTP_SERVER, DOMAIN)
             update_sertificate(PLAYBOOK, TARGET_DIR, SMTP_SERVER, DOMAIN)
-//          }
+          }
         }
       }
     }
-  }
+*/  }
   post {
     always {
       echo "CleaningUp work directory"
@@ -159,12 +179,3 @@ def update_sertificate(String PLAYBOOK, String TARGET_DIR, String TARGET_HOST, S
         }
       }
 }
-def update_zimbra(String PLAYBOOK, String TARGET_DIR, String TARGET_HOST, String DOMAIN) {
-      withCredentials([sshUserPrivateKey(credentialsId: 'ansible', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
-        sh """ansible-playbook --private-key ${GIT_SSH_KEY} ${PLAYBOOK} \
-                -u ansible -e TARGET_DIR=${TARGET_DIR} \
-                -e TARGET_HOST=${TARGET_HOST} -e DOMAIN=${DOMAIN} \
-                --ssh-common-args='-o StrictHostKeyChecking=no'
-           """
-      }
-}