dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity
configpolicy/ci/radius.jenkinsfile

84 lines
2.4 KiB
Groovy
Raw Blame History

// vim: set ft=groovy sw=4 ts=4 sts=4 et :
pipeline {
agent {
label 'ansible'
}
triggers {
cron 'H H * * *'
}
stages {
stage('kinit') {
steps {
withCredentials([file(
credentialsId: 'keytab-jenkins@pyrocufflink.blue',
variable: 'KEYTAB')]) {
sh 'kinit -kt "${KEYTAB}" jenkins@PYROCUFFLINK.BLUE'
}
}
}
stage('Remount R/W') {
steps {
withCredentials([file(
credentialsId: 'vault-jenkins@pyrocufflink.blue',
variable: 'SUDO_PASS_FILE')]) {
ansiblePlaybook \
playbook: 'remount.yml',
limit: 'radius',
become: true,
vaultCredentialsId: 'ansible-vault',
extraVars: [
remount_state: 'rw',
],
extras: '-e@"${SUDO_PASS_FILE}"'
}
}
}
stage('RADIUS Servers') {
steps {
withCredentials([file(
credentialsId: 'vault-jenkins@pyrocufflink.blue',
variable: 'SUDO_PASS_FILE')]) {
ansiblePlaybook \
playbook: 'radius.yml',
become: true,
vaultCredentialsId: 'ansible-vault',
extras: '-e@"${SUDO_PASS_FILE}" --diff'
}
}
}
stage('Remount R/O') {
steps {
withCredentials([file(
credentialsId: 'vault-jenkins@pyrocufflink.blue',
variable: 'SUDO_PASS_FILE')]) {
ansiblePlaybook \
playbook: 'remount.yml',
limit: 'radius',
become: true,
vaultCredentialsId: 'ansible-vault',
extras: '-e@"${SUDO_PASS_FILE}"'
}
}
}
}
post {
always {
sh 'kdestroy'
}
failure {
emailext \
to: 'gyrfalcon@ebonfire.com',
subject: '$DEFAULT_SUBJECT',
body: '$DEFAULT_CONTENT'
}
}
}
Reference in New Issue View Git Blame Copy Permalink