From d1cdf1831b244c28fc145712b51a579203a9aebd Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Sun, 22 Apr 2018 11:50:07 -0500 Subject: [PATCH] ci: Add pipeline for NTP --- ci/ntp.jenkinsfile | 77 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 ci/ntp.jenkinsfile diff --git a/ci/ntp.jenkinsfile b/ci/ntp.jenkinsfile new file mode 100644 index 0000000..a115aab --- /dev/null +++ b/ci/ntp.jenkinsfile @@ -0,0 +1,77 @@ +// vim: set ft=groovy sw=4 ts=4 sts=4 et : + +pipeline { + agent { + label 'ansible' + } + + triggers { + cron 'H H * * *' + } + + environment { + KRB5CCNAME = "${WORKSPACE}/.krb5cc" + } + + stages { + stage('Prepare') { + steps { + withCredentials([file( + credentialsId: 'keytab-jenkins@pyrocufflink.blue', + variable: 'KEYTAB' + )]) { + sh 'kinit -kt "${KEYTAB}" jenkins@PYROCUFFLINK.BLUE' + } + withCredentials([file( + credentialsId: 'vault-jenkins@pyrocufflink.blue', + variable: 'SUDO_PASS_FILE' + )]) { + sh 'cp "${SUDO_PASS_FILE}" sudo-pass' + } + } + } + + stage('Remount R/W') { + steps { + ansiblePlaybook \ + playbook: 'remount.yml', + limit: 'ntpd', + become: true, + vaultCredentialsId: 'ansible-vault', + extraVars: [ + remount_state: 'rw', + ], + extras: '-e@sudo-pass' + } + } + + stage('NTP') { + steps { + ansiblePlaybook \ + playbook: 'ntp.yml', + become: true, + vaultCredentialsId: 'ansible-vault', + extras: '-e@sudo-pass --diff' + } + } + + stage('Remount R/O') { + steps { + ansiblePlaybook \ + playbook: 'remount.yml', + limit: 'ntpd', + become: true, + vaultCredentialsId: 'ansible-vault', + extras: '-e@sudo-pass' + } + } + + } + + post { + always { + sh 'rm -f sudo-pass' + sh 'kdestroy' + } + } +}