pipeline { agent any tools { ansible 'Ansible' } environment { PSQL_PASSWORD = credentials('PSQL_pass') VAULT_PASSWORD = credentials('ansible_vault_password') } parameters { string(name: 'DB_USER', defaultValue: 'postgres', description: 'Имя пользователя базы данных') string(name: 'DB_NAME', defaultValue: 'mydb', description: 'Имя базы данных') string(name: 'BACKUP_DIR', defaultValue: '/var/backups/postgresql', description: 'Директория для бэкапа') } stages { stage('Clone repository') { steps { git branch: 'dev', url: 'http://192.168.0.70:3000/coursework/courseworkrep.git' } } stage('Decrypt SSH Key') { steps { script { def tempDir = '/tmp/' + UUID.randomUUID().toString() env.TEMP_DIR = tempDir sh "mkdir -p ${tempDir}" def decryptedKeyFile = "${tempDir}/id_ed25519" def vaultPassFile = "${tempDir}/vault_pass" writeFile file: vaultPassFile, text: VAULT_PASSWORD sh """ ansible-vault decrypt ./id_ed25519_vault --vault-password-file=${vaultPassFile} --output=${decryptedKeyFile} """ env.DECRYPTED_KEY_FILE = decryptedKeyFile } } } stage('Install PostgreSQL') { steps { ansiblePlaybook( playbook: 'install_postgresql.yml', inventory: "inventory.yml", extraVars: [ postgres_user: params.DB_USER, postgres_password: PSQL_PASSWORD, postgres_db: params.DB_NAME, backup_dir: params.BACKUP_DIR, ansible_ssh_private_key_file: env.DECRYPTED_KEY_FILE ] ) } } } post { always { script { if (env.TEMP_DIR) { sh "rm -rf ${env.TEMP_DIR}" } } } } }