1 #!/usr/bin/env groovy
\r
4 properties([[$class: 'ParametersDefinitionProperty', parameterDefinitions: [
\r
5 [$class: 'hudson.model.StringParameterDefinition', name: 'PHASE', defaultValue: "BUILD"],
\r
6 [$class: 'hudson.model.StringParameterDefinition', name: 'ENV', defaultValue: "dev"],
\r
7 [$class: 'hudson.model.StringParameterDefinition', name: 'MECHID', defaultValue: "id"],
\r
8 [$class: 'hudson.model.StringParameterDefinition', name: 'KUBE_CONFIG', defaultValue: "kubeConfig-dev"],
\r
9 [$class: 'hudson.model.StringParameterDefinition', name: 'TILLER_NAMESPACE', defaultValue: "org-onar-otf"],
\r
10 [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_CERT', defaultValue: "otf_ssl_pkcs12_dev"],
\r
11 [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_KEY', defaultValue: "server_ssl_key_store_password"],
\r
12 [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_CERT', defaultValue: "otf_ssl_pem_dev"],
\r
13 [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_KEY', defaultValue: "otf_ssl_pem_key_dev"]
\r
19 echo "Build branch: ${env.BRANCH_NAME}"
\r
24 PHASES=PHASE.tokenize( '_' );
\r
25 echo "PHASES : " + PHASES
\r
26 ARTIFACT_ID="otf-cert-secret-builder"
\r
27 echo "Tiller Namespace: " + TILLER_NAMESPACE
\r
29 withEnv(["PATH=${env.PATH}:${tool 'jdk180'}:${env.WORKSPACE}/linux-amd64", "JAVA_HOME=${tool 'jdk180'}","HELM_HOME=${env.WORKSPACE}"]) {
\r
31 echo "PATH=${env.PATH}"
\r
32 echo "JAVA_HOME=${env.JAVA_HOME}"
\r
33 echo "HELM_HOME=${env.HELM_HOME}"
\r
35 wrap([$class: 'ConfigFileBuildWrapper', managedFiles: [
\r
36 [fileId: 'maven-settings.xml', variable: 'MAVEN_SETTINGS']
\r
39 if (PHASES.contains("DEPLOY") || PHASES.contains("UNDEPLOY")) {
\r
42 //check if helm exists if not install
\r
43 if(fileExists('linux-amd64/helm')){
\r
45 echo "helm is already installed"
\r
51 echo "installing helm"
\r
52 wget https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz
\r
53 tar -xf helm-v2.8.2-linux-amd64.tar.gz
\r
54 rm helm-v2.8.2-linux-amd64.tar.gz
\r
58 withCredentials([file(credentialsId: KUBE_CONFIG, variable: 'KUBECONFIG')]) {
\r
61 //check if charts are valid, and then perform dry run, if successful then upgrade/install charts
\r
63 if (PHASES.contains("UNDEPLOY") ) {
\r
67 helm delete --tiller-namespace=$TILLER_NAMESPACE --purge $ARTIFACT_ID
\r
71 //NOTE Double quotes are used below to access groovy variables like artifact_id and tiller_namespace
\r
72 if (PHASES.contains("DEPLOY") ){
\r
75 [usernamePassword(credentialsId: MECHID, usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD'),
\r
76 file(credentialsId: PKCS12_CERT, variable: 'VAR_PKCS12_CERT'),
\r
77 string(credentialsId: PKCS12_KEY, variable: 'VAR_PKCS12_KEY'),
\r
78 file(credentialsId: PEM_CERT, variable: 'VAR_PEM_CERT'),
\r
79 file(credentialsId: PEM_KEY, variable: 'VAR_PEM_KEY'),
\r
80 file(credentialsId: 'PRIVATE_KEY', variable: 'VAR_PRIVATE_KEY'),
\r
81 usernamePassword(credentialsId: 'PRIVATE_KEY_USER_PASS', usernameVariable: 'PRIVATE_KEY_USERNAME', passwordVariable: 'PRIVATE_KEY_PASSPHRASE')
\r
86 cp $VAR_PKCS12_CERT $ARTIFACT_ID
\r
87 cp $VAR_PEM_CERT $ARTIFACT_ID
\r
88 cp $VAR_PEM_KEY $ARTIFACT_ID
\r
89 cp $VAR_PRIVATE_KEY $ARTIFACT_ID
\r
90 FILE_PKCS12_CERT=`basename $VAR_PKCS12_CERT`
\r
91 FILE_PEM_CERT=`basename $VAR_PEM_CERT`
\r
92 FILE_PEM_KEY=`basename $VAR_PEM_KEY`
\r
93 FILE_PRIVATE_KEY=`basename $VAR_PRIVATE_KEY`
\r
95 echo "Validate Yaml"
\r
96 helm lint $ARTIFACT_ID
\r
98 echo "View Helm Templates"
\r
99 helm template $ARTIFACT_ID \
\r
100 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
\r
101 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
\r
102 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
\r
103 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
\r
104 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
\r
105 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
\r
106 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
\r
108 echo "Perform Dry Run Of Install"
\r
109 helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install --dry-run $ARTIFACT_ID $ARTIFACT_ID \
\r
110 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
\r
111 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
\r
112 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
\r
113 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
\r
114 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
\r
115 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
\r
116 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
\r
118 echo "Helm Install/Upgrade"
\r
119 helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install $ARTIFACT_ID $ARTIFACT_ID \
\r
120 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
\r
121 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
\r
122 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
\r
123 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
\r
124 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
\r
125 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
\r
126 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
\r