Gitiles
Code Review Sign In
gerrit.opencord.org / ci-management / 50dd3d3ecb88abc2ac3495a152cfb75b0674399e / . / jjb / pipeline / tost-deploy-stratum.groovy
blob: c662f37c8f64624854714016419eb0b3b73e63da [file] [log] [blame]
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]1pipeline {
2 agent {
3 docker {
4 image 'ubuntu:18.04'
5 args '-u root:sudo'
6 }
7 }
8 environment {
9 KUBECONFIG = credentials("${params.k8s_config}")
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]10 gcp = credentials("${params.gcp_credential}")
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]11 git_password = credentials("${params.git_password_env}")
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]12 rancher_dev = credentials("${params.rancher_api_env}")
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]13 }
14 stages {
15 stage('Install tools') {
16 steps {
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]17 sh """
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]18 set -x
19 apt-get update -y
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]20 apt-get install -y curl wget jq git unzip
21
22 # Install yq
23 wget https://github.com/mikefarah/yq/releases/download/3.4.0/yq_linux_amd64 -O /usr/bin/yq &&\
24 chmod +x /usr/bin/yq
25 yq --help
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]26
27 # Install kubectl
28 curl -LO "https://storage.googleapis.com/kubernetes-release/release/v1.18.0/bin/linux/amd64/kubectl"
29 chmod +x ./kubectl
30 mv ./kubectl /usr/local/bin/kubectl
31
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]32 # Install terraform
33 wget https://releases.hashicorp.com/terraform/0.13.2/terraform_0.13.2_linux_amd64.zip
34 unzip terraform_0.13.2_linux_amd64.zip
35 mv terraform /usr/local/bin
36 terraform version
37 """
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]38 }
39 }
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]40 stage('Init Terraform') {
41 steps {
42 withCredentials([sshUserPrivateKey(credentialsId: "aether_jenkins", keyFileVariable: 'keyfile')]) {
43
44 sh """#!/bin/bash
45 set -x
46 mkdir -p ~/.ssh
47 ssh-keyscan -t rsa -p 29418 ${git_server} >> ~/.ssh/known_hosts
48cat <<EOF >> ~/.ssh/config
49Host ${git_server}
50 User ${git_user}
51 Hostname ${git_server}
52 Port 29418
53 IdentityFile ${keyfile}
54EOF
55
56 git clone "ssh://${git_server}:29418/${git_repo}"
57 cd ${workspace}/${git_repo}/${terraform_dir}/tost/stratum
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]58 if [ ! -z ${config_review} ] && [ ! -z ${config_patchset} ]; then
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]59 CFG_LAST2=\$(echo ${config_review} | tail -c 3)
60 git fetch "ssh://${git_server}:29418/${git_repo}" refs/changes/\${CFG_LAST2}/${config_review}/${config_patchset} && git checkout FETCH_HEAD
61 cp stratum.yaml tmp.yaml
62
63cat <<EOF >> config.yaml
64config:
65 review: ${config_review}
66 patchset: ${config_patchset}
67EOF
68
69 yq merge tmp.yaml config.yaml > stratum.yaml
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]70 fi
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]71 GOOGLE_BACKEND_CREDENTIALS=${gcp} terraform init
72 """
73 }
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]74 }
75 }
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]76 stage('Uninstall Apps') {
77 options {
78 timeout(time: 90, unit: "SECONDS")
79 }
80 steps {
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]81 sh """
82 cd ${workspace}/${git_repo}/${terraform_dir}/tost/stratum
83 GOOGLE_BACKEND_CREDENTIALS=${gcp} terraform destroy -var-file=${rancher_dev} -var 'cluster_name=${rancher_cluster}' -var 'project_name=tost' -var-file=app_map.tfvars -auto-approve
84 kubectl -n ${stratum_ns} delete secret stratum-git-secret || true
85 """
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]86 }
87 }
88 stage('Install apps') {
89 options {
90 timeout(time: 600, unit: "SECONDS")
91 }
92 steps {
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]93 sh """
94 cd ${workspace}/${git_repo}/${terraform_dir}/tost/stratum
95 GOOGLE_BACKEND_CREDENTIALS=${gcp} terraform apply -var-file=${rancher_dev} -var 'cluster_name=${rancher_cluster}' -var 'project_name=tost' -var-file=app_map.tfvars -auto-approve
96 """
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]97 }
98 }
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]99 stage('Push Secrets') {
100 steps {
101 sh """
102
103 kubectl -n ${stratum_ns} create secret generic stratum-git-secret --from-literal=username=${git_user} --from-literal=password=${git_password}
104
105 """
106 }
107 }
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]108
109 }
110 post {
111 always {
Hung-Wei Chiu99bff2f2020-09-17 13:05:31 -0700[diff] [blame]112
113 sh """
114 rm -rf ${workspace}/${git_repo}
115 """
Hung-Wei Chiud27e33b2020-09-03 12:05:41 -0700[diff] [blame]116 cleanWs()
117 }
118 }
119}