pipeline { agent any tools { ansible 'Ansible' } environment { PSQL_PASSWORD = credentials('PSQL_pass') VAULT_PASSWORD = credentials('ansible_vault_password') } parameters { string(name: 'DB_USER', defaultValue: 'postgres', description: 'Имя пользователя базы данных') string(name: 'DB_NAME', defaultValue: 'mydb', description: 'Имя базы данных') string(name: 'BACKUP_DIR', defaultValue: '/var/backups/postgresql', description: 'Директория для бэкапа') string(name: 'TASKS', defaultValue: '', description: 'Список тегов задач для выполнения (setup,firewall,init,configure,database,user,backup)') } stages { stage('Clone repository') { steps { git branch: 'dev', url: 'http://192.168.0.70:3000/coursework/courseworkrep.git' } } stage('Decrypt SSH Key') { steps { script { def tempDir = '/tmp/' + UUID.randomUUID().toString() env.TEMP_DIR = tempDir sh "mkdir -p ${tempDir}" def decryptedKeyFile = "${tempDir}/id_ed25519" def vaultPassFile = "${tempDir}/vault_pass" writeFile file: vaultPassFile, text: VAULT_PASSWORD sh """ ansible-vault decrypt ./id_ed25519_vault --vault-password-file=${vaultPassFile} --output=${decryptedKeyFile} """ env.DECRYPTED_KEY_FILE = decryptedKeyFile } } } stage('Run PostgreSQL Playbook') { steps { script { def tagsString = params.TASKS ? params.TASKS.split(',').join(',') : '' ansiblePlaybook( playbook: 'playbooks/install_postgresql.yml', inventory: "inventory.yml", extraVars: [ postgres_user: params.DB_USER, postgres_password: PSQL_PASSWORD, postgres_db: params.DB_NAME, backup_dir: params.BACKUP_DIR, ansible_ssh_private_key_file: env.DECRYPTED_KEY_FILE ], tags: tagsString ) } } } } post { always { script { if (env.TEMP_DIR) { sh "rm -rf ${env.TEMP_DIR}" } } } } }