pipeline { agent any options { buildDiscarder logRotator ( numToKeepStr: '5', daysToKeepStr: '7', artifactNumToKeepStr: '10', artifactDaysToKeepStr: '7' ) ansiColor('xterm') timestamps() } parameters { string(name: "target_host", defaultValue: "", trim: true, description: "Target host") booleanParam(name: "rproxy_install", defaultValue: true, description: "Install Rproxy") booleanParam(name: "config_add", defaultValue: true, description: "Add config") string(name: "rproxy_service_name", defaultValue: "", trim: true, description: "Service name (for 'Add config' job only)") string(name: "rproxy_service_port", defaultValue: "", trim: true, description: "Service port (for 'Add config' job only)") string(name: "rproxy_service_address", defaultValue: "", trim: true, description: "Service address (for 'Add config' job only)") booleanParam(name: 'update_job', defaultValue: false, description: 'Update job, free run, no changes') } stages { stage('Update Job') { when { expression { return params.update_job } } steps { script { currentBuild.getRawBuild().getExecutor().interrupt(Result.SUCCESS) sleep(1) } } } stage('Save certs') { when { expression { return params.rproxy_install } } steps { script { def userInput = input message: 'Upload RootCA certificate and key', parameters: [base64File(name: 'rootca'), base64File(name: 'rootca_key')] writeFile(file: 'roles/rproxy/files/RootCA.crt', text: new String(userInput['rootca'].decodeBase64())) writeFile(file: 'roles/rproxy/files/RootCA.key', text: new String(userInput['rootca_key'].decodeBase64())) } } } stage('Prepare inventory') { steps { script { def hostsFile = new File("${WORKSPACE}/hosts.ini") hostsFile.append('[all]') hostsFile.append('\n' + params.target_host) println hostsFile.getText('UTF-8') } } } stage('Install Rproxy') { when { expression { return params.rproxy_install } } steps { script { withCredentials([ sshUserPrivateKey(credentialsId: 'JENKINS_DEPLOYER_KEY', keyFileVariable: 'SSH_KEY'), usernamePassword(credentialsId:'JENKINS_DEPLOYER_PASS', usernameVariable: 'username', passwordVariable: 'password') ]) { wrap([$class: 'MaskPasswordsBuildWrapper', varPasswordPairs: [[password: env.password]]]) { wrap([$class: 'AnsiColorBuildWrapper', colorMapName: "xterm"]) { ansiblePlaybook( playbook: 'rproxy.yml', inventory: 'hosts.ini', tags: 'install', colorized: true, extras: '--private-key ${SSH_KEY} -e "ansible_user=${username} ansible_password=${password} rproxy_service_name=${rproxy_service_name} rproxy_service_port=${rproxy_service_port} rproxy_service_address=${rproxy_service_address}"' ) } } } } } } stage('Add config') { when { expression { return params.config_add } } steps { script { withCredentials([ sshUserPrivateKey(credentialsId: 'JENKINS_DEPLOYER_KEY', keyFileVariable: 'SSH_KEY'), usernamePassword(credentialsId:'JENKINS_DEPLOYER_PASS', usernameVariable: 'username', passwordVariable: 'password') ]) { wrap([$class: 'MaskPasswordsBuildWrapper', varPasswordPairs: [[password: env.password]]]) { wrap([$class: 'AnsiColorBuildWrapper', colorMapName: "xterm"]) { ansiblePlaybook( playbook: 'rproxy.yml', inventory: 'hosts.ini', tags: 'add_config', colorized: true, extras: '--private-key ${SSH_KEY} -e "ansible_user=${username} ansible_password=${password} rproxy_service_name=${rproxy_service_name} rproxy_service_port=${rproxy_service_port} rproxy_service_address=${rproxy_service_address}"' ) } } } } } } } post { always { cleanWs(patterns: [ [pattern: 'hosts.ini', type: 'INCLUDE'] ]) } } }