Владимир Томишинец 5 年之前
父节点
当前提交
a1baa35c38
共有 1 个文件被更改,包括 10 次插入17 次删除
  1. 10 17
      RenewalJenkinsfile

+ 10 - 17
RenewalJenkinsfile

@@ -9,11 +9,11 @@ pipeline {
     label "swarm"
   }
   environment {
-    CLUSTER_NAME_OPEN='iru-swarm1-open.infoclinica.lan'
+    CLUSTER_NAME_OPEN='iru-swarm1-open.infoclinica.ru'
     CLUSTER_NAME_PROD='iru-swarm.infoclinica.lan'
     CLUSTER_NAME_DEV='dev-iru-swarm.infoclinica.lan'
     DOCKER_CERT_PATH='/run/secrets/swarm'
-    IMAGE_NAME='registry.infoclinica.ru:5000/acme-dns:1.3'
+    IMAGE_NAME='registry.infoclinica.ru:5000/acme-dns:1.5'
     JENKINS_MAIL='jenkins.dev@sdsys.ru'
     SMTP_SERVER='mail.sdsys.ru'
     RECIPIENT_MAIL_BOX='admin@sdsys.ru'
@@ -21,8 +21,8 @@ pipeline {
     PKI_GIT_NAME='pki'
     DOMAIN='infoclinica.ru'
     PKI_GIT_URL='ssh://git@git.sdsys.ru:8022/sdsys/pki.git'
-    STACK-DEPLOY_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/stack-deploy.git'
-    STACK-DEPLOY_GIT_NAME='stack-deploy'
+    STACK_DEPLOY_GIT_URL='ssh://git@git.sdsys.ru:8022/iru/stack-deploy.git'
+    STACK_DEPLOY_GIT_NAME='stack-deploy'
   }
   parameters {
     string(
@@ -35,7 +35,7 @@ pipeline {
     stage("Calculate Variables") {
       steps {
         script {
-          ENDDATE = sh (script: "$(echo | openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null | openssl x509 -noout -enddate)", returnStdout: true).trim()
+          ENDDATE = sh (script: "echo|openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
           CONFIG_DIR = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/letsencrypt'
           BACKUP_FILE = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/acme-dns/' + DOMAIN + '.dump.gz'
           COMMAND = PKI_GIT_NAME + '/' + PKI_GIT_SUBDIR + '/wildcard/acme-dns/' + 'renewal.sh'
@@ -64,22 +64,15 @@ pipeline {
       steps {
         script {
           git_clone(PKI_GIT_URL)
-          git_clone(STACK-DEPLOY_GIT_URL)
-          withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
-            sh """GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
-                    git clone ${PKI_GIT_URL}
-                  GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
-                    git clone ${STACK-DEPLOY_GIT_URL}
-               """
-          }
+          git_clone(STACK_DEPLOY_GIT_URL)
           def NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
           if (ENDDATE != NEW_ENDDATE) {
             echo "Update docker secret in ${CLUSTER_NAME_PROD}"
             def NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME_PROD}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
-            update_secret(NODE_IP, STACK-DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
+            update_secret(NODE_IP, STACK_DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
             echo "Update docker secret in ${CLUSTER_NAME_DEV}"
             NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_NAME_DEV}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
-            update_secret(NODE_IP, STACK-DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
+            update_secret(NODE_IP, STACK_DEPLOY_GIT_NAME, DOMAIN, CONFIG_DIR)
           }
         }
       }
@@ -113,12 +106,12 @@ def git_clone(String REPO) {
              """
         }
 }
-def update_secret(String NODE_IP, String STACK-DEPLOY_GIT_NAME, String DOMAIN, String CONFIG_DIR) {
+def update_secret(String NODE_IP, String STACK_DEPLOY_GIT_NAME, String DOMAIN, String CONFIG_DIR) {
         sh """export DOCKER_HOST=tcp://${NODE_IP}:2376 DOCKER_TLS_VERIFY=1
               docker service rm infrastructure_registry
               docker secret rm infoclinica_full
               docker secret create infoclinica_full ${CONFIG_DIR}/archive/${DOMAIN}/${DOMAIN}.full-bundle
-              cd ${STACK-DEPLOY_GIT_NAME}
+              cd ${STACK_DEPLOY_GIT_NAME}
               ./infrastructure.sh
            """
 }