rproxy/Jenkinsfile

pipeline {
    agent any
    options {
        buildDiscarder logRotator (
            numToKeepStr: '5',
            daysToKeepStr: '7',
            artifactNumToKeepStr: '10',
            artifactDaysToKeepStr: '7'
        )
        ansiColor('xterm')
        timestamps()
    }
    parameters {
        string(name: "target_host", defaultValue: "", trim: true, description: "Target host")
        booleanParam(name: "rproxy_install", defaultValue: true, description: "Install Rproxy")
        booleanParam(name: "config_add", defaultValue: true, description: "Add config")
        string(name: "rproxy_service_name", defaultValue: "", trim: true, description: "Service name (for 'Add config' job only)")
        string(name: "rproxy_service_port", defaultValue: "", trim: true, description: "Service port (for 'Add config' job only)")
        string(name: "rproxy_service_address", defaultValue: "", trim: true, description: "Service address (for 'Add config' job only)")
        booleanParam(name: 'update_job', defaultValue: false, description: 'Update job, free run, no changes')
    }
    stages {
        stage('Update Job') {
            when {
                expression {
                    return params.update_job
                }
            }
            steps {
                script {
                    currentBuild.getRawBuild().getExecutor().interrupt(Result.SUCCESS)
                    sleep(1)
                }
            }
        }
        stage('Save certs') {
            when {
                expression {
                    return params.rproxy_install
                }
            }
            steps {
                script {
                    withCredentials([
                            file(credentialsId: "ROOTCA_CERT", variable: "rootca"),
                            file(credentialsId: "ROOTCA_KEY", variable: "rootca_key")
                        ]) {
                        sh(script: "cp ${rootca} roles/gitlab/files/RootCA.crt", returnStdout: false)
                        sh(script: "cp ${rootca_key} roles/gitlab/files/RootCA.key", returnStdout: false)
                    } 
                }
            }
        }
        stage('Prepare inventory') {
            steps {
                script {
                    def hostsFile = new File("${WORKSPACE}/hosts.ini")
                    hostsFile.append('[all]')
                    hostsFile.append('\n' + params.target_host)
                    println hostsFile.getText('UTF-8')
                }
            }
        }
        stage('Install Rproxy') {
            when {
                expression {
                    return params.rproxy_install
                }
            }
            steps {
                script {
                    withCredentials([
                        sshUserPrivateKey(credentialsId: 'JENKINS_DEPLOYER_KEY', keyFileVariable: 'SSH_KEY'), 
                        usernamePassword(credentialsId:'JENKINS_DEPLOYER_PASS', usernameVariable: 'username', passwordVariable: 'password')
                        ]) {
                        wrap([$class: 'MaskPasswordsBuildWrapper', varPasswordPairs: [[password: env.password]]]) {
                            wrap([$class: 'AnsiColorBuildWrapper', colorMapName: "xterm"]) {
                                ansiblePlaybook(
                                    playbook: 'rproxy.yml',
                                    inventory: 'hosts.ini',
                                    tags: 'install',
                                    colorized: true,
                                    extras: '--private-key ${SSH_KEY} -e "ansible_user=${username} ansible_password=${password} rproxy_service_name=${rproxy_service_name} rproxy_service_port=${rproxy_service_port} rproxy_service_address=${rproxy_service_address}"'
                                )
                            }                            
                        }
                    }
                }
            }
        }
        stage('Add config') {
            when {
                expression {
                    return params.config_add
                }
            }
            steps {
                script {
                    withCredentials([
                        sshUserPrivateKey(credentialsId: 'JENKINS_DEPLOYER_KEY', keyFileVariable: 'SSH_KEY'), 
                        usernamePassword(credentialsId:'JENKINS_DEPLOYER_PASS', usernameVariable: 'username', passwordVariable: 'password')
                        ]) {
                        wrap([$class: 'MaskPasswordsBuildWrapper', varPasswordPairs: [[password: env.password]]]) {
                            wrap([$class: 'AnsiColorBuildWrapper', colorMapName: "xterm"]) {
                                ansiblePlaybook(
                                    playbook: 'rproxy.yml',
                                    inventory: 'hosts.ini',
                                    tags: 'add_config',
                                    colorized: true,
                                    extras: '--private-key ${SSH_KEY} -e "ansible_user=${username} ansible_password=${password} rproxy_service_name=${rproxy_service_name} rproxy_service_port=${rproxy_service_port} rproxy_service_address=${rproxy_service_address}"'
                                )
                            }  
                        }
                    }
                }
            }
        }
    }
    post {
        always {
            cleanWs(patterns: [
                [pattern: 'hosts.ini', type: 'INCLUDE']
            ])
        }
    }
}