example db

1. pipeline {
2. agent any
3. options {
4. disableConcurrentBuilds()
5. buildDiscarder(logRotator(numToKeepStr: '20'))
6. skipDefaultCheckout()
7. skipStagesAfterUnstable()
8. }
9. parameters {
10. booleanParam(name: 'DRY_RUN', defaultValue: false, description: 'only make a dry run, no real deploy')
11. choice(name: 'MODE', choices: ['create','revoke'], description: 'Select the mode the Deploy should run in')
12. string(name: 'BRANCH', defaultValue: 'master', description: 'Which Branch should be deployed')
13. string(name: 'SERVER', defaultValue: 'radius', description: '(optional) to which server deploy to')
14. string(name: 'USER', defaultValue: '', description: 'The user account name of the employee')
15. string(name: 'COMMENT', defaultValue: '', description: 'Why running the deploy')
16. }
17. stages {
18. stage('Preparation') {
19. steps {
20. dir("ansible") {
21. checkout([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: '19b8bee6-eab5-4aa7-bddd-bb60949ee603', url: 'git@git.pixum.net:pixum-devops/ansible-provisioning.git']]])
22. }
23. dir("${WORKSPACE}/radius-auth") {
24. checkout([$class: 'GitSCM', branches: [[name: '*/master']], doGenerateSubmoduleConfigurations: false, extensions: [], submoduleCfg: [], userRemoteConfigs: [[credentialsId: '19b8bee6-eab5-4aa7-bddd-bb60949ee603', url: 'git@git.pixum.net:pixum-internalit/radius-auth.git']]])
25. }
26. }
27.  
28. }
29. stage('Build') {
30. agent {
31. docker {
32. image 'webdevops/ansible:debian-8'
33. reuseNode true
34. args "-u root:sudo -e HOME=${WORKSPACE} -v /etc/passwd:/etc/passwd -v ${WORKSPACE}/ansible:/usr/ansible -v ${WORKSPACE}/radius-auth:/usr/radius"
35. }
36. }
37. steps {
38. script {
39. if (params.MODE == "create") {
40. sh "cd /usr/ansible && ansible-playbook -i inventories/office freeradius.yml --limit 'radius*' -u freeradius --private-key 'roles/freeradius/files/freeradius_priv_key' --skip-tags 'common,sensu' --tags='certCreate' -e '{'global_pixum_employees': ['${params.USER}']}'"
41. sh "scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -r -i /usr/ansible/roles/freeradius/files/freeradius_priv_key freeradius@${params.SERVER}.pixum.net:/etc/freeradius/3.0/certs/clients/${params.USER}.p12 /usr/radius/certificates/${params.USER}.p12"
42. sh "scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -r -i /usr/ansible/roles/freeradius/files/freeradius_priv_key freeradius@${params.SERVER}.pixum.net:/etc/freeradius/3.0/certs/clients/secrets /usr/radius/certificates/000PW.txt"
43. } else {
44. sh "cd /usr/ansible && ansible-playbook -i inventories/office freeradius.yml --limit 'radius*' -u freeradius --private-key 'roles/freeradius/files/freeradius_priv_key' --skip-tags 'common,sensu' --tags='certRevoke' -e '{'global_pixum_remove_employees': ['${params.USER}']}'"
45. }
46. }
47.  
48. }
49. }
50. stage('Update') {
51. steps {
52. dir("${WORKSPACE}/radius-auth") {
53. sshagent (credentials: ['jenkins-ssh-key']) {
54. script {
55. if (params.MODE == "create") {
56. sh """#!/bin/bash
57. git config --global user.email "jenkins@pixum.com"
58. git config --global user.name "Jenkins"
59. git add .
60. git commit -m "Automatically generated certificate for \"${params.USER}\""
61. git push -u origin HEAD:master
62. """
63. }
64. }
65.  
66. }
67. }
68. }
69. }
70. }
71. post {
72. always {
73. logJob()
74. notifyUnstable()
75. }
76. }
77. }