--- /dev/null
+#!/usr/bin/env groovy\r
+\r
+\r
+properties([[$class: 'ParametersDefinitionProperty', parameterDefinitions: [\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'PHASE', defaultValue: "BUILD"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'ENV', defaultValue: "dev"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'MECHID', defaultValue: "id"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'KUBE_CONFIG', defaultValue: "kubeConfig-dev"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'TILLER_NAMESPACE', defaultValue: "org-onar-otf"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_CERT', defaultValue: "otf_ssl_pkcs12_dev"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_KEY', defaultValue: "server_ssl_key_store_password"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_CERT', defaultValue: "otf_ssl_pem_dev"],\r
+ [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_KEY', defaultValue: "otf_ssl_pem_key_dev"]\r
+\r
+\r
+]]])\r
+\r
+\r
+echo "Build branch: ${env.BRANCH_NAME}"\r
+\r
+node("docker"){\r
+ stage 'Checkout'\r
+ checkout scm\r
+ PHASES=PHASE.tokenize( '_' );\r
+ echo "PHASES : " + PHASES\r
+ ARTIFACT_ID="otf-cert-secret-builder"\r
+ echo "Tiller Namespace: " + TILLER_NAMESPACE\r
+\r
+ withEnv(["PATH=${env.PATH}:${tool 'jdk180'}:${env.WORKSPACE}/linux-amd64", "JAVA_HOME=${tool 'jdk180'}","HELM_HOME=${env.WORKSPACE}"]) {\r
+\r
+ echo "PATH=${env.PATH}"\r
+ echo "JAVA_HOME=${env.JAVA_HOME}"\r
+ echo "HELM_HOME=${env.HELM_HOME}"\r
+\r
+ wrap([$class: 'ConfigFileBuildWrapper', managedFiles: [\r
+ [fileId: 'maven-settings.xml', variable: 'MAVEN_SETTINGS']\r
+ ]]) {\r
+\r
+ if (PHASES.contains("DEPLOY") || PHASES.contains("UNDEPLOY")) {\r
+ stage 'Init Helm'\r
+\r
+ //check if helm exists if not install\r
+ if(fileExists('linux-amd64/helm')){\r
+ sh """\r
+ echo "helm is already installed"\r
+ """\r
+ }\r
+ else{\r
+ //download helm\r
+ sh """\r
+ echo "installing helm"\r
+ wget https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz\r
+ tar -xf helm-v2.8.2-linux-amd64.tar.gz\r
+ rm helm-v2.8.2-linux-amd64.tar.gz\r
+ """\r
+ }\r
+\r
+ withCredentials([file(credentialsId: KUBE_CONFIG, variable: 'KUBECONFIG')]) {\r
+\r
+ dir('helm'){\r
+ //check if charts are valid, and then perform dry run, if successful then upgrade/install charts\r
+\r
+ if (PHASES.contains("UNDEPLOY") ) {\r
+ stage 'Undeploy'\r
+\r
+ sh """\r
+ helm delete --tiller-namespace=$TILLER_NAMESPACE --purge $ARTIFACT_ID\r
+ """\r
+ }\r
+\r
+ //NOTE Double quotes are used below to access groovy variables like artifact_id and tiller_namespace\r
+ if (PHASES.contains("DEPLOY") ){\r
+ stage 'Deploy'\r
+ withCredentials(\r
+ [usernamePassword(credentialsId: MECHID, usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD'),\r
+ file(credentialsId: PKCS12_CERT, variable: 'VAR_PKCS12_CERT'),\r
+ string(credentialsId: PKCS12_KEY, variable: 'VAR_PKCS12_KEY'),\r
+ file(credentialsId: PEM_CERT, variable: 'VAR_PEM_CERT'),\r
+ file(credentialsId: PEM_KEY, variable: 'VAR_PEM_KEY'),\r
+ file(credentialsId: 'PRIVATE_KEY', variable: 'VAR_PRIVATE_KEY'),\r
+ usernamePassword(credentialsId: 'PRIVATE_KEY_USER_PASS', usernameVariable: 'PRIVATE_KEY_USERNAME', passwordVariable: 'PRIVATE_KEY_PASSPHRASE')\r
+ ]) {\r
+\r
+ sh """\r
+\r
+ cp $VAR_PKCS12_CERT $ARTIFACT_ID\r
+ cp $VAR_PEM_CERT $ARTIFACT_ID\r
+ cp $VAR_PEM_KEY $ARTIFACT_ID\r
+ cp $VAR_PRIVATE_KEY $ARTIFACT_ID\r
+ FILE_PKCS12_CERT=`basename $VAR_PKCS12_CERT`\r
+ FILE_PEM_CERT=`basename $VAR_PEM_CERT`\r
+ FILE_PEM_KEY=`basename $VAR_PEM_KEY`\r
+ FILE_PRIVATE_KEY=`basename $VAR_PRIVATE_KEY`\r
+\r
+ echo "Validate Yaml"\r
+ helm lint $ARTIFACT_ID\r
+\r
+ echo "View Helm Templates"\r
+ helm template $ARTIFACT_ID \\r
+ --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \\r
+ --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \\r
+ --set Secret.PEM_CERT=\$FILE_PEM_CERT \\r
+ --set Secret.PEM_KEY=\$FILE_PEM_KEY \\r
+ --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \\r
+ --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \\r
+ --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \\r
+\r
+ echo "Perform Dry Run Of Install"\r
+ helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install --dry-run $ARTIFACT_ID $ARTIFACT_ID \\r
+ --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \\r
+ --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \\r
+ --set Secret.PEM_CERT=\$FILE_PEM_CERT \\r
+ --set Secret.PEM_KEY=\$FILE_PEM_KEY \\r
+ --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \\r
+ --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \\r
+ --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \\r
+\r
+ echo "Helm Install/Upgrade"\r
+ helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install $ARTIFACT_ID $ARTIFACT_ID \\r
+ --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \\r
+ --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \\r
+ --set Secret.PEM_CERT=\$FILE_PEM_CERT \\r
+ --set Secret.PEM_KEY=\$FILE_PEM_KEY \\r
+ --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \\r
+ --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \\r
+ --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \\r
+\r
+ """\r
+ }\r
+ }\r
+\r
+ }\r
+ }\r
+ }\r
+ }\r
+ }\r
+}\r