|
@@ -46,7 +46,7 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-/* stage("Run Renewal") {
|
|
|
|
|
|
|
+ stage("Run Renewal") {
|
|
|
steps {
|
|
steps {
|
|
|
withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
|
|
withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
|
|
|
sh """set +x
|
|
sh """set +x
|
|
@@ -60,13 +60,13 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-*//* stage("Update docker secret in SWARM cluster") {
|
|
|
|
|
|
|
+ stage("Update docker secret in SWARM cluster") {
|
|
|
steps {
|
|
steps {
|
|
|
script {
|
|
script {
|
|
|
|
|
+ git_clone(PKI_GIT_URL)
|
|
|
|
|
+ git_clone(SWARM_GIT_URL)
|
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${REGISTRY_OFFICE} -connect ${REGISTRY_OFFICE}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${REGISTRY_OFFICE} -connect ${REGISTRY_OFFICE}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
|
if (ENDDATE != NEW_ENDDATE) {
|
|
if (ENDDATE != NEW_ENDDATE) {
|
|
|
- git_clone(PKI_GIT_URL)
|
|
|
|
|
- git_clone(SWARM_GIT_URL)
|
|
|
|
|
echo "Update docker secret in ${CLUSTER_OFFICE}"
|
|
echo "Update docker secret in ${CLUSTER_OFFICE}"
|
|
|
NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_OFFICE}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
|
|
NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_OFFICE}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
|
|
|
update_secret(NODE_IP, SWARM_GIT_NAME, DOMAIN, CONFIG_DIR)
|
|
update_secret(NODE_IP, SWARM_GIT_NAME, DOMAIN, CONFIG_DIR)
|
|
@@ -74,12 +74,9 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-*/ stage("Update certificate and key to Proxmox") {
|
|
|
|
|
|
|
+ stage("Update certificate and key to Proxmox") {
|
|
|
steps {
|
|
steps {
|
|
|
script {
|
|
script {
|
|
|
-// Следующие 2 строчки после тестирования необходимо убрать, так как репозитории клонируются в 2 stage
|
|
|
|
|
- git_clone(PKI_GIT_URL)
|
|
|
|
|
- git_clone(SWARM_GIT_URL)
|
|
|
|
|
NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
|
|
NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
|
|
|
TARGET_HOSTS_PROXMOX.each { item ->
|
|
TARGET_HOSTS_PROXMOX.each { item ->
|
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${item}.${DOMAIN} -connect ${item}.${DOMAIN}:8006 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${item}.${DOMAIN} -connect ${item}.${DOMAIN}:8006 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
@@ -94,12 +91,9 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-/* stage("Update certificate and key") {
|
|
|
|
|
|
|
+ stage("Update certificate and key APACHE-HOSTS") {
|
|
|
steps {
|
|
steps {
|
|
|
script {
|
|
script {
|
|
|
-// Следующие 2 строчки после тестирования необходимо убрать, так как репозитории клонируются в 2 stage
|
|
|
|
|
- git_clone(PKI_GIT_URL)
|
|
|
|
|
- git_clone(SWARM_GIT_URL)
|
|
|
|
|
NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
|
|
NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
|
|
|
TARGET_HOSTS_APACHE.each { item ->
|
|
TARGET_HOSTS_APACHE.each { item ->
|
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${item}.${DOMAIN} -connect ${item}.${DOMAIN}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${item}.${DOMAIN} -connect ${item}.${DOMAIN}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
@@ -111,6 +105,12 @@ pipeline {
|
|
|
update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
|
|
update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ }
|
|
|
|
|
+ stage("Update certificate and key to ZIMBRA") {
|
|
|
|
|
+ steps {
|
|
|
|
|
+ script {
|
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${SMTP_SERVER} -connect ${SMTP_SERVER}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
ENDDATE = sh (script: "echo|openssl s_client -servername ${SMTP_SERVER} -connect ${SMTP_SERVER}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
|
|
|
if (ENDDATE != NEW_ENDDATE) {
|
|
if (ENDDATE != NEW_ENDDATE) {
|
|
|
echo "Update certificate and key for ${SMTP_SERVER}"
|
|
echo "Update certificate and key for ${SMTP_SERVER}"
|
|
@@ -122,7 +122,7 @@ pipeline {
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
-*/ }
|
|
|
|
|
|
|
+ }
|
|
|
post {
|
|
post {
|
|
|
always {
|
|
always {
|
|
|
echo "CleaningUp work directory"
|
|
echo "CleaningUp work directory"
|
