Gitiles
Code Review Sign In
gerrit.nordix.org / oransc / it / otf / dec523597819e04cc176422e4001e6e863a2220d / . / otf-cert-secret-builder / Jenkinsfile
blob: e9f31ff73ba5bd870e087668c1ae6df190a2ce92 [file] [log] [blame]
Rohan Patelf49bd1e2019-09-23 15:04:19 -0400[diff] [blame]1#!/usr/bin/env groovy
2
3
4properties([[$class: 'ParametersDefinitionProperty', parameterDefinitions: [
5 [$class: 'hudson.model.StringParameterDefinition', name: 'PHASE', defaultValue: "BUILD"],
6 [$class: 'hudson.model.StringParameterDefinition', name: 'ENV', defaultValue: "dev"],
7 [$class: 'hudson.model.StringParameterDefinition', name: 'MECHID', defaultValue: "id"],
8 [$class: 'hudson.model.StringParameterDefinition', name: 'KUBE_CONFIG', defaultValue: "kubeConfig-dev"],
9 [$class: 'hudson.model.StringParameterDefinition', name: 'TILLER_NAMESPACE', defaultValue: "org-onar-otf"],
10 [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_CERT', defaultValue: "otf_ssl_pkcs12_dev"],
11 [$class: 'hudson.model.StringParameterDefinition', name: 'PKCS12_KEY', defaultValue: "server_ssl_key_store_password"],
12 [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_CERT', defaultValue: "otf_ssl_pem_dev"],
13 [$class: 'hudson.model.StringParameterDefinition', name: 'PEM_KEY', defaultValue: "otf_ssl_pem_key_dev"]
14
15
16]]])
17
18
19echo "Build branch: ${env.BRANCH_NAME}"
20
21node("docker"){
22 stage 'Checkout'
23 checkout scm
24 PHASES=PHASE.tokenize( '_' );
25 echo "PHASES : " + PHASES
26 ARTIFACT_ID="otf-cert-secret-builder"
27 echo "Tiller Namespace: " + TILLER_NAMESPACE
28
29 withEnv(["PATH=${env.PATH}:${tool 'jdk180'}:${env.WORKSPACE}/linux-amd64", "JAVA_HOME=${tool 'jdk180'}","HELM_HOME=${env.WORKSPACE}"]) {
30
31 echo "PATH=${env.PATH}"
32 echo "JAVA_HOME=${env.JAVA_HOME}"
33 echo "HELM_HOME=${env.HELM_HOME}"
34
35 wrap([$class: 'ConfigFileBuildWrapper', managedFiles: [
36 [fileId: 'maven-settings.xml', variable: 'MAVEN_SETTINGS']
37 ]]) {
38
39 if (PHASES.contains("DEPLOY") || PHASES.contains("UNDEPLOY")) {
40 stage 'Init Helm'
41
42 //check if helm exists if not install
43 if(fileExists('linux-amd64/helm')){
44 sh """
45 echo "helm is already installed"
46 """
47 }
48 else{
49 //download helm
50 sh """
51 echo "installing helm"
52 wget https://storage.googleapis.com/kubernetes-helm/helm-v2.8.2-linux-amd64.tar.gz
53 tar -xf helm-v2.8.2-linux-amd64.tar.gz
54 rm helm-v2.8.2-linux-amd64.tar.gz
55 """
56 }
57
58 withCredentials([file(credentialsId: KUBE_CONFIG, variable: 'KUBECONFIG')]) {
59
60 dir('helm'){
61 //check if charts are valid, and then perform dry run, if successful then upgrade/install charts
62
63 if (PHASES.contains("UNDEPLOY") ) {
64 stage 'Undeploy'
65
66 sh """
67 helm delete --tiller-namespace=$TILLER_NAMESPACE --purge $ARTIFACT_ID
68 """
69 }
70
71 //NOTE Double quotes are used below to access groovy variables like artifact_id and tiller_namespace
72 if (PHASES.contains("DEPLOY") ){
73 stage 'Deploy'
74 withCredentials(
75 [usernamePassword(credentialsId: MECHID, usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD'),
76 file(credentialsId: PKCS12_CERT, variable: 'VAR_PKCS12_CERT'),
77 string(credentialsId: PKCS12_KEY, variable: 'VAR_PKCS12_KEY'),
78 file(credentialsId: PEM_CERT, variable: 'VAR_PEM_CERT'),
79 file(credentialsId: PEM_KEY, variable: 'VAR_PEM_KEY'),
80 file(credentialsId: 'PRIVATE_KEY', variable: 'VAR_PRIVATE_KEY'),
81 usernamePassword(credentialsId: 'PRIVATE_KEY_USER_PASS', usernameVariable: 'PRIVATE_KEY_USERNAME', passwordVariable: 'PRIVATE_KEY_PASSPHRASE')
82 ]) {
83
84 sh """
85
86 cp $VAR_PKCS12_CERT $ARTIFACT_ID
87 cp $VAR_PEM_CERT $ARTIFACT_ID
88 cp $VAR_PEM_KEY $ARTIFACT_ID
89 cp $VAR_PRIVATE_KEY $ARTIFACT_ID
90 FILE_PKCS12_CERT=`basename $VAR_PKCS12_CERT`
91 FILE_PEM_CERT=`basename $VAR_PEM_CERT`
92 FILE_PEM_KEY=`basename $VAR_PEM_KEY`
93 FILE_PRIVATE_KEY=`basename $VAR_PRIVATE_KEY`
94
95 echo "Validate Yaml"
96 helm lint $ARTIFACT_ID
97
98 echo "View Helm Templates"
99 helm template $ARTIFACT_ID \
100 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
101 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
102 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
103 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
104 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
105 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
106 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
107
108 echo "Perform Dry Run Of Install"
109 helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install --dry-run $ARTIFACT_ID $ARTIFACT_ID \
110 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
111 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
112 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
113 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
114 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
115 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
116 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
117
118 echo "Helm Install/Upgrade"
119 helm upgrade --tiller-namespace=$TILLER_NAMESPACE --install $ARTIFACT_ID $ARTIFACT_ID \
120 --set Secret.PKCS12_CERT=\$FILE_PKCS12_CERT \
121 --set Secret.PKCS12_KEY=$VAR_PKCS12_KEY \
122 --set Secret.PEM_CERT=\$FILE_PEM_CERT \
123 --set Secret.PEM_KEY=\$FILE_PEM_KEY \
124 --set Secret.privateKey.key=\$FILE_PRIVATE_KEY \
125 --set Secret.privateKey.username=$PRIVATE_KEY_USERNAME \
126 --set Secret.privateKey.passphrase=$PRIVATE_KEY_PASSPHRASE \
127
128 """
129 }
130 }
131
132 }
133 }
134 }
135 }
136 }
137}