95 lines
4.0 KiB
Groovy
95 lines
4.0 KiB
Groovy
pipeline {
|
|
agent any
|
|
options {
|
|
ansiColor('xterm')
|
|
}
|
|
tools {
|
|
ansible 'Ansible'
|
|
}
|
|
environment {
|
|
PSQL_PASSWORD = "${params.DB_PASSWORD}"
|
|
VAULT_PASSWORD = credentials('ansible_vault_password')
|
|
}
|
|
parameters {
|
|
string(name: 'DB_USER', defaultValue: 'postgres', description: 'Имя пользователя базы данных')
|
|
password(name: 'DB_PASSWORD', defaultValue: '', description: 'Пароль для базы данных')
|
|
string(name: 'DB_NAME', defaultValue: 'mydb', description: 'Имя базы данных')
|
|
string(name: 'BACKUP_DIR', defaultValue: '/var/backups/postgresql', description: 'Директория для бэкапа')
|
|
|
|
booleanParam(name: 'TASK_SETUP', defaultValue: false, description: 'Setup')
|
|
booleanParam(name: 'TASK_INIT', defaultValue: false, description: 'Init')
|
|
booleanParam(name: 'TASK_CONFIGURE', defaultValue: false, description: 'Configure')
|
|
booleanParam(name: 'TASK_USERS', defaultValue: false, description: 'Users')
|
|
booleanParam(name: 'TASK_DATABASE', defaultValue: false, description: 'Database')
|
|
booleanParam(name: 'TASK_INSERT', defaultValue: false, description: 'Insert')
|
|
booleanParam(name: 'TASK_FIREWALL', defaultValue: false, description: 'Firewall')
|
|
booleanParam(name: 'TASK_BACKUP', defaultValue: false, description: 'Backup')
|
|
}
|
|
stages {
|
|
stage('Clone Repository') {
|
|
steps {
|
|
git branch: 'dev', url: 'http://192.168.0.70:3000/coursework/courseworkrep.git'
|
|
}
|
|
}
|
|
stage('Decrypt SSH Key') {
|
|
steps {
|
|
script {
|
|
def tempDir = '/tmp/' + UUID.randomUUID().toString()
|
|
env.TEMP_DIR = tempDir
|
|
sh "mkdir -p ${tempDir}"
|
|
|
|
def decryptedKeyFile = "${tempDir}/id_ed25519"
|
|
def vaultPassFile = "${tempDir}/vault_pass"
|
|
|
|
writeFile file: vaultPassFile, text: VAULT_PASSWORD
|
|
|
|
sh """
|
|
ansible-vault decrypt ./id_ed25519_vault --vault-password-file=${vaultPassFile} --output=${decryptedKeyFile}
|
|
"""
|
|
env.DECRYPTED_KEY_FILE = decryptedKeyFile
|
|
}
|
|
}
|
|
}
|
|
stage('Run Ansible Playbook') {
|
|
steps {
|
|
script {
|
|
def selectedTags = []
|
|
|
|
if (params.TASK_SETUP) selectedTags << 'setup'
|
|
if (params.TASK_INIT) selectedTags << 'init'
|
|
if (params.TASK_CONFIGURE) selectedTags << 'configure'
|
|
if (params.TASK_USERS) selectedTags << 'users'
|
|
if (params.TASK_DATABASE) selectedTags << 'database'
|
|
if (params.TASK_INSERT) selectedTags << 'insert'
|
|
if (params.TASK_FIREWALL) selectedTags << 'firewall'
|
|
if (params.TASK_BACKUP) selectedTags << 'backup'
|
|
|
|
def tagsString = selectedTags.join(',')
|
|
|
|
ansiblePlaybook(
|
|
playbook: 'playbooks/install_postgresql.yml',
|
|
inventory: "inventory.yml",
|
|
extraVars: [
|
|
postgres_user: params.DB_USER,
|
|
postgres_password: env.PSQL_PASSWORD,
|
|
postgres_db: params.DB_NAME,
|
|
backup_dir: params.BACKUP_DIR,
|
|
ansible_ssh_private_key_file: env.DECRYPTED_KEY_FILE
|
|
],
|
|
tags: tagsString
|
|
)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
post {
|
|
always {
|
|
script {
|
|
if (env.TEMP_DIR) {
|
|
sh "rm -rf ${env.TEMP_DIR}"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|