Code Review / it / otf.git / blob
? search:


e9f31ff73ba5bd870e087668c1ae6df190a2ce92
[it/otf.git] / otf-cert-secret-builder / Jenkinsfile
1 #!/usr/bin/env groovy\r
2 \r
3 \r
4 properties([[$class: 'ParametersDefinitionProperty', parameterDefinitions: [\r
5         [$class: 'hudson.model.StringParameterDefinition', name: 'PHASE', defaultValue: "BUILD"],\r
6         [$class: 'hudson.model.StringParameterDefinition', name: 'ENV', defaultValue: "dev"],\r
7         [$class: 'hudson.model.StringParameterDefinition', name: 'MECHID', defaultValue: "id"],\r
8         [$class: 'hudson.model.StringParameterDefinition', name: 'KUBE_CONFIG', defaultValue: "kubeConfig-dev"],\r
9         [$class: 'hudson.model.StringParameterDefinition', name: 'TILLER_NAMESPACE', defaultValue: "org-onar-otf"],\r
10         [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_CERT', defaultValue: "otf_ssl_pkcs12_dev"],\r
11         [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_KEY', defaultValue: "server_ssl_key_store_password"],\r
12         [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_CERT', defaultValue: "otf_ssl_pem_dev"],\r
13         [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_KEY', defaultValue: "otf_ssl_pem_key_dev"]\r
14 \r
15 \r
16 ]]])\r
17 \r
18 \r
19 echo "Build branch: ${env.BRANCH_NAME}"\r
20 \r
21 node("docker"){\r
22   stage 'Checkout'\r
23   checkout scm\r
24   PHASES=PHASE.tokenize( '_' );\r
25   echo "PHASES : " + PHASES\r
26   ARTIFACT_ID="otf-cert-secret-builder"\r
27   echo "Tiller Namespace: " + TILLER_NAMESPACE\r
28 \r
29   withEnv(["PATH=${env.PATH}:${tool 'jdk180'}:${env.WORKSPACE}/linux-amd64", "JAVA_HOME=${tool 'jdk180'}","HELM_HOME=${env.WORKSPACE}"]) {\r
30 \r
31     echo "PATH=${env.PATH}"\r
32     echo "JAVA_HOME=${env.JAVA_HOME}"\r
33     echo "HELM_HOME=${env.HELM_HOME}"\r
34 \r
35     wrap([$class: 'ConfigFileBuildWrapper', managedFiles: [\r
36       [fileId: 'maven-settings.xml', variable: 'MAVEN_SETTINGS']\r
37       ]]) {\r
38 \r
39       if (PHASES.contains("DEPLOY") || PHASES.contains("UNDEPLOY")) {\r
40         stage 'Init Helm'\r
41 \r
42         //check if helm exists if not install\r
43         if(fileExists('linux-amd64/helm')){\r
44           sh """\r
45             echo "helm is already installed"\r
46           """\r
47         }\r
48         else{\r
49         //download helm\r
50           sh """\r
51             echo "installing helm"\r
52             wget  https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz\r
53             tar -xf helm-v2.8.2-linux-amd64.tar.gz\r
54             rm helm-v2.8.2-linux-amd64.tar.gz\r
55           """\r
56         }\r
57 \r
58         withCredentials([file(credentialsId: KUBE_CONFIG, variable: 'KUBECONFIG')]) {\r
59 \r
60           dir('helm'){\r
61               //check if charts are valid, and then perform dry run, if successful then upgrade/install charts\r
62 \r
63                 if (PHASES.contains("UNDEPLOY") ) {\r
64               stage 'Undeploy'\r
65 \r
66                   sh """\r
67                     helm delete --tiller-namespace=$TILLER_NAMESPACE --purge $ARTIFACT_ID\r
68                   """\r
69                 }\r
70 \r
71               //NOTE Double quotes are used below to access groovy variables like artifact_id and tiller_namespace\r
72                     if (PHASES.contains("DEPLOY") ){\r
73                             stage 'Deploy'\r
74                       withCredentials(\r
75                         [usernamePassword(credentialsId: MECHID, usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD'),\r
76                         file(credentialsId: PKCS12_CERT, variable: 'VAR_PKCS12_CERT'),\r
77                         string(credentialsId: PKCS12_KEY, variable: 'VAR_PKCS12_KEY'),\r
78                         file(credentialsId: PEM_CERT, variable: 'VAR_PEM_CERT'),\r
79                         file(credentialsId: PEM_KEY, variable: 'VAR_PEM_KEY'),\r
80                         file(credentialsId: 'PRIVATE_KEY', variable: 'VAR_PRIVATE_KEY'),\r
81                         usernamePassword(credentialsId: 'PRIVATE_KEY_USER_PASS', usernameVariable: 'PRIVATE_KEY_USERNAME', passwordVariable: 'PRIVATE_KEY_PASSPHRASE')\r
82                         ]) {\r
83 \r
84                         sh """\r
85 \r
86                           cp $VAR_PKCS12_CERT $ARTIFACT_ID\r
87                           cp $VAR_PEM_CERT $ARTIFACT_ID\r
88                           cp $VAR_PEM_KEY $ARTIFACT_ID\r
89                           cp $VAR_PRIVATE_KEY $ARTIFACT_ID\r
90                           FILE_PKCS12_CERT=`basename $VAR_PKCS12_CERT`\r
91                           FILE_PEM_CERT=`basename $VAR_PEM_CERT`\r
92                           FILE_PEM_KEY=`basename $VAR_PEM_KEY`\r
93                           FILE_PRIVATE_KEY=`basename $VAR_PRIVATE_KEY`\r
94 \r
95                           echo "Validate Yaml"\r
96                           helm lint $ARTIFACT_ID\r
97 \r
98                           echo "View Helm Templates"\r
99                           helm template $ARTIFACT_ID \\r
100                             --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \\r
101                             --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \\r
102                             --set Secret.PEM_CERT=\$FILE_PEM_CERT \\r
103                             --set Secret.PEM_KEY=\$FILE_PEM_KEY \\r
104                             --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \\r
105                             --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \\r
106                             --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \\r
107 \r
108                           echo "Perform Dry Run Of Install"\r
109                           helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install --dry-run $ARTIFACT_ID $ARTIFACT_ID \\r
110                             --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \\r
111                             --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \\r
112                             --set Secret.PEM_CERT=\$FILE_PEM_CERT \\r
113                             --set Secret.PEM_KEY=\$FILE_PEM_KEY \\r
114                             --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \\r
115                             --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \\r
116                             --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \\r
117 \r
118                           echo "Helm Install/Upgrade"\r
119                           helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install $ARTIFACT_ID $ARTIFACT_ID \\r
120                             --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \\r
121                             --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \\r
122                             --set Secret.PEM_CERT=\$FILE_PEM_CERT \\r
123                             --set Secret.PEM_KEY=\$FILE_PEM_KEY \\r
124                             --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \\r
125                             --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \\r
126                             --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \\r
127 \r
128                         """\r
129                       }\r
130               }\r
131 \r
132            }\r
133         }\r
134       }\r
135     }\r
136   }\r
137 }\r