From 0ca550eb35964830ff19c4bce98eadf32918e39c Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sun, 1 Jul 2018 15:30:27 -0500 Subject: [PATCH] ci: Add pipeline for dch-vpn playbook --- ci/dch-vpn.jenkinsfile | 72 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 ci/dch-vpn.jenkinsfile diff --git a/ci/dch-vpn.jenkinsfile b/ci/dch-vpn.jenkinsfile new file mode 100644 index 0000000..d876f66 --- /dev/null +++ b/ci/dch-vpn.jenkinsfile @@ -0,0 +1,72 @@ +// vim: set ft=groovy sw=4 ts=4 sts=4 et : + +pipeline { + agent { + label 'ansible' + } + + triggers { + cron 'H H * * *' + } + + stages { + stage('kinit') { + steps { + withCredentials([file( + credentialsId: 'vault-jenkins@gw0', + variable: 'SUDO_PASS_FILE' + )]) { + sh 'cp -f "${SUDO_PASS_FILE}" host_vars/gw0/sudo-pass' + } + } + } + + stage('Remount R/W') { + steps { + ansiblePlaybook \ + playbook: 'remount.yml', + limit: 'dch-gw', + become: true, + credentialsId: 'jenkins-ssh', + vaultCredentialsId: 'ansible-vault', + extraVars: [ + remount_state: 'rw', + ] + } + } + + stage('VPN') { + steps { + ansiblePlaybook \ + playbook: 'dch-vpn.yml', + become: true, + vaultCredentialsId: 'ansible-vault', + extras: '--diff' + } + } + + stage('Remount R/O') { + steps { + ansiblePlaybook \ + playbook: 'remount.yml', + limit: 'dch-gw', + become: true, + credentialsId: 'jenkins-ssh', + vaultCredentialsId: 'ansible-vault' + } + } + + } + + post { + always { + sh 'find . -name sudo-pass -delete' + } + failure { + emailext \ + to: 'gyrfalcon@ebonfire.com', + subject: '$DEFAULT_SUBJECT', + body: '$DEFAULT_CONTENT' + } + } +}