1 #!/usr/bin/env groovy
\r
3 /* Copyright (c) 2019 AT&T Intellectual Property. #
\r
5 # Licensed under the Apache License, Version 2.0 (the "License"); #
\r
6 # you may not use this file except in compliance with the License. #
\r
7 # You may obtain a copy of the License at #
\r
9 # http://www.apache.org/licenses/LICENSE-2.0 #
\r
11 # Unless required by applicable law or agreed to in writing, software #
\r
12 # distributed under the License is distributed on an "AS IS" BASIS, #
\r
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
\r
14 # See the License for the specific language governing permissions and #
\r
15 # limitations under the License. #
\r
16 ##############################################################################*/
\r
18 properties([[$class: 'ParametersDefinitionProperty', parameterDefinitions: [
\r
19 [$class: 'hudson.model.StringParameterDefinition', name: 'PHASE', defaultValue: "BUILD"],
\r
20 [$class: 'hudson.model.StringParameterDefinition', name: 'ENV', defaultValue: "dev"],
\r
21 [$class: 'hudson.model.StringParameterDefinition', name: 'MECHID', defaultValue: "id"],
\r
22 [$class: 'hudson.model.StringParameterDefinition', name: 'KUBE_CONFIG', defaultValue: "kubeConfig-dev"],
\r
23 [$class: 'hudson.model.StringParameterDefinition', name: 'TILLER_NAMESPACE', defaultValue: "org-onar-otf"],
\r
24 [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_CERT', defaultValue: "otf_ssl_pkcs12_dev"],
\r
25 [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_KEY', defaultValue: "server_ssl_key_store_password"],
\r
26 [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_CERT', defaultValue: "otf_ssl_pem_dev"],
\r
27 [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_KEY', defaultValue: "otf_ssl_pem_key_dev"]
\r
33 echo "Build branch: ${env.BRANCH_NAME}"
\r
38 PHASES=PHASE.tokenize( '_' );
\r
39 echo "PHASES : " + PHASES
\r
40 ARTIFACT_ID="otf-cert-secret-builder"
\r
41 echo "Tiller Namespace: " + TILLER_NAMESPACE
\r
43 withEnv(["PATH=${env.PATH}:${tool 'jdk180'}:${env.WORKSPACE}/linux-amd64", "JAVA_HOME=${tool 'jdk180'}","HELM_HOME=${env.WORKSPACE}"]) {
\r
45 echo "PATH=${env.PATH}"
\r
46 echo "JAVA_HOME=${env.JAVA_HOME}"
\r
47 echo "HELM_HOME=${env.HELM_HOME}"
\r
49 wrap([$class: 'ConfigFileBuildWrapper', managedFiles: [
\r
50 [fileId: 'maven-settings.xml', variable: 'MAVEN_SETTINGS']
\r
53 if (PHASES.contains("DEPLOY") || PHASES.contains("UNDEPLOY")) {
\r
56 //check if helm exists if not install
\r
57 if(fileExists('linux-amd64/helm')){
\r
59 echo "helm is already installed"
\r
65 echo "installing helm"
\r
66 wget https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz
\r
67 tar -xf helm-v2.8.2-linux-amd64.tar.gz
\r
68 rm helm-v2.8.2-linux-amd64.tar.gz
\r
72 withCredentials([file(credentialsId: KUBE_CONFIG, variable: 'KUBECONFIG')]) {
\r
75 //check if charts are valid, and then perform dry run, if successful then upgrade/install charts
\r
77 if (PHASES.contains("UNDEPLOY") ) {
\r
81 helm delete --tiller-namespace=$TILLER_NAMESPACE --purge $ARTIFACT_ID
\r
85 //NOTE Double quotes are used below to access groovy variables like artifact_id and tiller_namespace
\r
86 if (PHASES.contains("DEPLOY") ){
\r
89 [usernamePassword(credentialsId: MECHID, usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD'),
\r
90 file(credentialsId: PKCS12_CERT, variable: 'VAR_PKCS12_CERT'),
\r
91 string(credentialsId: PKCS12_KEY, variable: 'VAR_PKCS12_KEY'),
\r
92 file(credentialsId: PEM_CERT, variable: 'VAR_PEM_CERT'),
\r
93 file(credentialsId: PEM_KEY, variable: 'VAR_PEM_KEY'),
\r
94 file(credentialsId: 'PRIVATE_KEY', variable: 'VAR_PRIVATE_KEY'),
\r
95 usernamePassword(credentialsId: 'PRIVATE_KEY_USER_PASS', usernameVariable: 'PRIVATE_KEY_USERNAME', passwordVariable: 'PRIVATE_KEY_PASSPHRASE')
\r
100 cp $VAR_PKCS12_CERT $ARTIFACT_ID
\r
101 cp $VAR_PEM_CERT $ARTIFACT_ID
\r
102 cp $VAR_PEM_KEY $ARTIFACT_ID
\r
103 cp $VAR_PRIVATE_KEY $ARTIFACT_ID
\r
104 FILE_PKCS12_CERT=`basename $VAR_PKCS12_CERT`
\r
105 FILE_PEM_CERT=`basename $VAR_PEM_CERT`
\r
106 FILE_PEM_KEY=`basename $VAR_PEM_KEY`
\r
107 FILE_PRIVATE_KEY=`basename $VAR_PRIVATE_KEY`
\r
109 echo "Validate Yaml"
\r
110 helm lint $ARTIFACT_ID
\r
112 echo "View Helm Templates"
\r
113 helm template $ARTIFACT_ID \
\r
114 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
\r
115 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
\r
116 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
\r
117 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
\r
118 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
\r
119 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
\r
120 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
\r
122 echo "Perform Dry Run Of Install"
\r
123 helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install --dry-run $ARTIFACT_ID $ARTIFACT_ID \
\r
124 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
\r
125 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
\r
126 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
\r
127 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
\r
128 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
\r
129 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
\r
130 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
\r
132 echo "Helm Install/Upgrade"
\r
133 helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install $ARTIFACT_ID $ARTIFACT_ID \
\r
134 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
\r
135 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
\r
136 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
\r
137 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
\r
138 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
\r
139 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
\r
140 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
\r