Bladeren bron

move funcs to shared-library

Tomishinets Vladimir 4 jaren geleden
bovenliggende
commit
e39adea54d
1 gewijzigde bestanden met toevoegingen van 6 en 41 verwijderingen
  1. 6 41
      OFFICERenewalWildcardJenkinsfile

+ 6 - 41
OFFICERenewalWildcardJenkinsfile

@@ -63,14 +63,14 @@ pipeline {
     stage("Update docker secret in SWARM cluster") {
       steps {
         script {
-          git_clone(PKI_GIT_URL)
-          git_clone(SWARM_GIT_URL)
+          gitOps.clone(PKI_GIT_URL)
+          gitOps.clone(SWARM_GIT_URL)
           NEW_ENDDATE = sh (script: "openssl x509 -enddate -noout -in ${CONFIG_DIR}/live/${DOMAIN}/cert.pem", returnStdout: true).trim()
           ENDDATE = sh (script: "echo|openssl s_client -servername ${REGISTRY_OFFICE} -connect ${REGISTRY_OFFICE}:443 2>/dev/null|openssl x509 -noout -enddate", returnStdout: true).trim()
           if (ENDDATE != NEW_ENDDATE) {
             echo "Update docker secret in ${CLUSTER_OFFICE}"
             NODE_IP = sh (script: "DOCKER_HOST=tcp://${CLUSTER_OFFICE}:2376 DOCKER_TLS_VERIFY=1 docker node inspect self -f '{{.Status.Addr}}'" , returnStdout: true).trim()
-            update_secret(NODE_IP, SWARM_GIT_NAME, DOMAIN, CONFIG_DIR)
+            dockerWCrenewal.update_secret(NODE_IP, SWARM_GIT_NAME, DOMAIN, CONFIG_DIR)
           }
         }
       }
@@ -86,7 +86,7 @@ pipeline {
               def PLAYBOOK = PKI_GIT_NAME + '/' + DOMAIN + '/wildcard/acme-dns/' + 'proxmox.yml'
               def TARGET_HOST = item + '.' + DOMAIN
               def TARGET_DIR = WORKSPACE + '/' + CONFIG_DIR
-              update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
+              dockerWCrenewal.update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
             }
           }
         }
@@ -103,7 +103,7 @@ pipeline {
               def PLAYBOOK = PKI_GIT_NAME + '/' + DOMAIN + '/wildcard/acme-dns/' + 'apache.yml'
               def TARGET_HOST = item + '.' + DOMAIN
               def TARGET_DIR = WORKSPACE + '/' + CONFIG_DIR
-              update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
+              dockerWCrenewal.update_sertificate(PLAYBOOK, TARGET_DIR, TARGET_HOST, DOMAIN)
             }
           }
         }
@@ -118,7 +118,7 @@ pipeline {
             sh "cat ${PKI_GIT_NAME}/${DOMAIN}/wildcard/acme-dns/letsencrypt.ca.pem >> ${CONFIG_DIR}/live/${DOMAIN}/fullchain.pem"
             PLAYBOOK = PKI_GIT_NAME + '/' + DOMAIN + '/wildcard/acme-dns/' + 'mail.yml'
             TARGET_DIR = WORKSPACE + '/' + CONFIG_DIR
-            update_sertificate(PLAYBOOK, TARGET_DIR, SMTP_SERVER, DOMAIN)
+            dockerWCrenewal.update_sertificate(PLAYBOOK, TARGET_DIR, SMTP_SERVER, DOMAIN)
           }
         }
       }
@@ -145,38 +145,3 @@ pipeline {
     }
   }
 }
-def git_clone(String REPO) {
-      withCredentials([sshUserPrivateKey(credentialsId: 'provision', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
-        sh """GIT_SSH_COMMAND='ssh -i ${GIT_SSH_KEY} -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' \
-              git clone ${REPO}
-           """
-      }
-}
-def update_secret(String NODE_IP, String SWARM_GIT_NAME, String DOMAIN, String CONFIG_DIR) {
-      sh """export DOCKER_HOST=tcp://${NODE_IP}:2376 DOCKER_TLS_VERIFY=1
-            docker stack rm registry
-            docker stack rm proxy
-            docker secret rm sdsys_full
-            docker secret create sdsys_full ${CONFIG_DIR}/archive/${DOMAIN}/${DOMAIN}.full-bundle
-            sleep 10
-            docker stack deploy -c ${SWARM_GIT_NAME}/registry.yml registry
-            docker stack deploy -c ${SWARM_GIT_NAME}/proxy.yml proxy
-         """
-}
-def update_sertificate(String PLAYBOOK, String TARGET_DIR, String TARGET_HOST, String DOMAIN) {
-      withCredentials([sshUserPrivateKey(credentialsId: 'ansible', keyFileVariable: 'GIT_SSH_KEY', passphraseVariable: '', usernameVariable: 'GIT_SSH_USERNAME')]) {
-        ansiColor('xterm') {
-          ansiblePlaybook(
-            credentialsId: 'ansible',
-            playbook: PLAYBOOK,
-            disableHostKeyChecking: true,
-            extraVars: [
-              TARGET_DIR: TARGET_DIR,
-              TARGET_HOST: TARGET_HOST,
-              DOMAIN: DOMAIN
-            ],
-//            extras: '-vvv',
-            colorized: true)
-        }
-      }
-}