浏览代码

missprint

Владимир Томишинец 5 年之前
父节点
当前提交
4b125efde6
共有 1 个文件被更改,包括 70 次插入71 次删除
  1. 70 71
      RenewalJenkinsfile

+ 70 - 71
RenewalJenkinsfile

@@ -5,86 +5,85 @@ BACKUP_FILE = ''
 CONFIG_DIR = ''
 COMMAND = ''
 pipeline {
-    agent {
-        label "swarm"
-    }
-    environment {
-        CLUSTER_NAME_OPEN='iru-swarm1-open.infoclinica.lan'
-        CLUSTER_NAME_PROD='iru-swarm.infoclinica.lan'
-        CLUSTER_NAME_DEV='dev-iru-swarm.infoclinica.lan'
-        DOCKER_CERT_PATH='/run/secrets/swarm'
-        IMAGE_NAME='registry.infoclinica.ru:5000/acme-dns:1.3'
-        JENKINS_MAIL='jenkins.dev@sdsys.ru'
-        SMTP_SERVER='mail.sdsys.ru'
-        RECIPIENT_MAIL_BOX='admin@sdsys.ru'
-        PKI_GIT_SUBDIR='iru'
-        PKI_GIT_NAME='pki'
-        DOMAIN='infoclinica.ru'
-        PKI_GIT_URL='ssh://git@git.sdsys.ru:8022/sdsys/pki.git'
-        STACK-DEPLOY_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/stack-deploy.git'
-        STACK-DEPLOY_GIT_NAME='stack-deploy'
-    }
-    parameters {
-        string(
-            name: "mailto",
-            defaultValue: "admin@sdsys.ru",
-            description: "Email which has to be notified."
-        )
-    }
-    stages {
-      stage("Calculate Variables) {
-        steps {
-          script {
-            ENDDATE = sh (script: "$(echo | openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null | openssl x509 -noout -enddate)", returnStdout: true).trim()
-            CONFIG_DIR = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/letsencrypt'
-            BACKUP_FILE = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/acme-dns/' + DOMAIN + '.dump.gz'
-            COMMAND = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/acme-dns/' + 'renewal.sh'
-            withCredentials([usernamePassword(credentialsId: 'jenkins', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
-              JENKINS_USER = USERNAME
-              JENKINS_PASS = PASSWORD
-            }
+  agent {
+    label "swarm"
+  }
+  environment {
+    CLUSTER_NAME_OPEN='iru-swarm1-open.infoclinica.lan'
+    CLUSTER_NAME_PROD='iru-swarm.infoclinica.lan'
+    CLUSTER_NAME_DEV='dev-iru-swarm.infoclinica.lan'
+    DOCKER_CERT_PATH='/run/secrets/swarm'
+    IMAGE_NAME='registry.infoclinica.ru:5000/acme-dns:1.3'
+    JENKINS_MAIL='jenkins.dev@sdsys.ru'
+    SMTP_SERVER='mail.sdsys.ru'
+    RECIPIENT_MAIL_BOX='admin@sdsys.ru'
+    PKI_GIT_SUBDIR='iru'
+    PKI_GIT_NAME='pki'
+    DOMAIN='infoclinica.ru'
+    PKI_GIT_URL='ssh://git@git.sdsys.ru:8022/sdsys/pki.git'
+    STACK-DEPLOY_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/stack-deploy.git'
+    STACK-DEPLOY_GIT_NAME='stack-deploy'
+  }
+  parameters {
+    string(
+      name: "mailto",
+      defaultValue: "admin@sdsys.ru",
+      description: "Email which has to be notified."
+    )
+  }
+  stages {
+    stage("Calculate Variables") {
+      steps {
+        script {
+          ENDDATE = sh (script: "$(echo | openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null | openssl x509 -noout -enddate)", returnStdout: true).trim()
+          CONFIG_DIR = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/letsencrypt'
+          BACKUP_FILE = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/acme-dns/' + DOMAIN + '.dump.gz'
+          COMMAND = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/acme-dns/' + 'renewal.sh'
+          withCredentials([usernamePassword(credentialsId: 'jenkins', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]) {
+            JENKINS_USER = USERNAME
+            JENKINS_PASS = PASSWORD
           }
         }
       }
-      stage("Run Renewal") {
-        steps {
+    }
+    stage("Run Renewal") {
+      steps {
+        withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
+          sh """set +x
+                DOCKER_HOST=tcp://${CLUSTER_NAME_OPEN}:2376 DOCKER_TLS_VERIFY=1 docker run -t --rm -e TZ=Europe/Moscow \
+                  -e DOMAIN=${DOMAIN} -e CONFIG_DIR=${CONFIG_DIR} -e BACKUP_FILE=${BACKUP_FILE} \
+                  -e JENKINS_MAIL=${JENKINS_MAIL} -e JENKINS_MAIL_USER=${JENKINS_USER} -e JENKINS_MAIL_PASS=${JENKINS_PASS} \
+                  -e git_url=${PKI_GIT_URL} -e SMTP_SERVER=${SMTP_SERVER} -e RECIPIENT_MAIL_BOX=${RECIPIENT_MAIL_BOX} \
+                  -e "SSHKEY=`cat ${GIT_SSH_KEY}`" -p 53:53/udp -p 53:53/tcp ${IMAGE_NAME} \
+                  /${COMMAND}
+             """
+        }
+      }
+    }
+    stage("Update secret in CLUSTERS") {
+      steps {
+        script {
+          git_clone(PKI_GIT_URL)
+          git_clone(STACK-DEPLOY_GIT_URL)
           withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
-            sh """set +x
-                  DOCKER_HOST=tcp://${CLUSTER_NAME_OPEN}:2376 DOCKER_TLS_VERIFY=1 docker run -t --rm -e TZ=Europe/Moscow \
-                    -e DOMAIN=${DOMAIN} -e CONFIG_DIR=${CONFIG_DIR} -e BACKUP_FILE=${BACKUP_FILE} \
-                    -e JENKINS_MAIL=${JENKINS_MAIL} -e JENKINS_MAIL_USER=${JENKINS_USER} -e JENKINS_MAIL_PASS=${JENKINS_PASS} \
-                    -e git_url=${PKI_GIT_URL} -e SMTP_SERVER=${SMTP_SERVER} -e RECIPIENT_MAIL_BOX=${RECIPIENT_MAIL_BOX} \
-                    -e "SSHKEY=`cat ${GIT_SSH_KEY}`" -p 53:53/udp -p 53:53/tcp ${IMAGE_NAME} \
-                    /${COMMAND}
+            sh """GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
+                    git clone ${PKI_GIT_URL}
+                  GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
+                    git clone ${STACK-DEPLOY_GIT_URL}
                """
           }
-        }
-      }
-      stage("Update secret in CLUSTERS") {
-        steps {
-          script {
-            git_clone(PKI_GIT_URL)
-            git_clone(STACK-DEPLOY_GIT_URL)
-            withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
-              sh """GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
-                      git clone ${PKI_GIT_URL}
-                    GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
-                      git clone ${STACK-DEPLOY_GIT_URL}
-                 """
-            }
-            def NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
-            if (ENDDATE != NEW_ENDDATE) {
-              echo "Update docker secret in ${CLUSTER_NAME_PROD}"
-              def NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME_PROD}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
-              update_secret(NODE_IP, STACK-DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
-              echo "Update docker secret in ${CLUSTER_NAME_DEV}"
-              NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME_DEV}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
-              update_secret(NODE_IP, STACK-DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
-            }
+          def NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
+          if (ENDDATE != NEW_ENDDATE) {
+            echo "Update docker secret in ${CLUSTER_NAME_PROD}"
+            def NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME_PROD}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
+            update_secret(NODE_IP, STACK-DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
+            echo "Update docker secret in ${CLUSTER_NAME_DEV}"
+            NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME_DEV}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
+            update_secret(NODE_IP, STACK-DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
           }
         }
       }
-    
+    }
   }
   post {
     always {