diff --git a/inventory/inventory.sh b/inventory/inventory.sh new file mode 100644 index 0000000..2dce69f --- /dev/null +++ b/inventory/inventory.sh @@ -0,0 +1,144 @@ +#!/bin/bash + +# Dynamic inventory generation script ansible windows + +# Function to display usage +usage() { + echo "Windows Ansible Dynamic Inventory File Generation Script" + echo "Usage: $0 -i IP_LIST -u JENKINS_USER -g JENKINS_GROUP -w WINDOWS_USER -p ANSIBLE_PASSWORD [-a SERVER_SUBNET_GROUP] [-s] [-v] [-e]" + echo "Options:" + echo " -i IP_LIST Comma-separated list of IPs" + echo " -u JENKINS_USER Jenkins user" + echo " -g JENKINS_GROUP Jenkins primary group" + echo " -a SERVER_SUBNET_GROUP Jenkins group for SSH access, need to pass something when called" + echo " -w WINDOWS_USER Windows user" + echo " -p ANSIBLE_PASSWORD Password for the service account (Windows user)" + echo " -q Be quieter" + echo " -s Set variable to true if more than one IP is passed" + echo " -v Display Ansible Version" + exit 1 +} + +# Initialize variables with default values +skip=false +more_than_one=false +display_version=false +allsubnet_group=missing +be_quiet=false + +# Parse command line options +while getopts ":i:u:w:p:g:a:svq" opt; do + case ${opt} in + i ) # process option i + IP_LIST=$OPTARG + ;; + u ) # process option u + JENKINS_USER=$OPTARG + ;; + w ) # process option w + WINDOWS_USER=$OPTARG + ;; + p ) # process option p + ANSIBLE_PASSWORD=$OPTARG + ;; + g ) # process option g + JENKINS_GROUP=$OPTARG + ;; + s ) # process option s + skip=true + ;; + v ) # process option v + display_version=true + ;; + q ) # process option q + be_quiet=true + ;; + a ) # process option a + allsubnet_group=$OPTARG + ;; + \? ) usage + ;; + esac +done +shift $((OPTIND -1)) +# Check if all required options are provided +if [ -z "$IP_LIST" ] || [ -z "$JENKINS_USER" ] || [ -z "$JENKINS_GROUP" ] || [ -z "$WINDOWS_USER" ] || [ -z "$ANSIBLE_PASSWORD" ]; then + usage +fi + +if $display_version; then + if ! $be_quiet; then + echo "Showing ansible version" + ansible --version + fi +fi + +# Generate an 8-character hash from the IP list +hash=$(echo -n "$IP_LIST" | md5sum | cut -c 1-8) + +if ! $be_quiet; then + echo "IP List:" + echo $IP_LIST + echo $hash +fi + + +# Define the inventory file path with the hash +inventory_file="/var/jenkins_home/ansible-windows/.inv/inventory-$hash.yml" + +if $skip; then + IFS=',' read -ra IPS <<< "$IP_LIST" + if [ ${#IPS[@]} -gt 1 ]; then + more_than_one=true + fi +fi + +if $skip; then + if ! $be_quiet; then + echo "Single host option set" + fi + if $more_than_one; then + if ! $be_quiet; then + echo "IP list provided, inventory will be emptied" + fi + IP_LIST="" + fi +fi + +# Initialize the YAML inventory content +inventory_content="--- +all: + hosts: +" + +# Loop through each IP in the comma-separated list +IFS=',' read -ra IPS <<< "$IP_LIST" +for IP in "${IPS[@]}"; do + inventory_content+=" ${IP}: + ansible_user: ${WINDOWS_USER} + ansible_password: '${ANSIBLE_PASSWORD}' + ansible_host: ${IP} + ansible_connection: winrm + ansible_winrm_server_cert_validation: ignore +" +done + +inventory_content+=" vars: + ansible_connection: ssh + ansible_ssh_private_key_file: /var/jenkins_home/jenkins_key + ansible_python_interpreter: /usr/bin/python3 + jenkins_user: '${JENKINS_USER}' + jenkins_group: '${JENKINS_GROUP}' + subnet_group_check: '${allsubnet_group}' + SERVER_SUBNET_GROUP: '${SERVER_SUBNET_GROUP}' +" + +# Write the inventory content to the file +echo "$inventory_content" > $inventory_file + +# echo inventory +if ! $be_quiet; then + echo "Inventory file created at $inventory_file with the following content:" + cat $inventory_file +fi + diff --git a/jenkins/Jenkinsfile.test b/jenkins/Jenkinsfile.test index 877da6f..3bc5b70 100644 --- a/jenkins/Jenkinsfile.test +++ b/jenkins/Jenkinsfile.test @@ -13,19 +13,7 @@ pipeline { environment { ANSIBLE_FORCE_COLOR = '1' - SATURN_BEHEMOTH = credentials('SATURN_BEHEMOTH') - pxe_proxy_password = credentials('pxe_proxy_password') - PXE_API_KEY = credentials('PXE_API_KEY') - LINUX_LDAP_PWD = credentials('LINUX_LDAP') - AUTHORIZED_KEY = credentials('AUTH_SSH_KEY') - TERRA_BEHEMOTH_SMB = credentials('TERRA_BEHEMOTH_SMB') - MATT_PASSWORD = credentials('MATT_PASSWORD') - matt_public_key = credentials('matt_public_key') - matt_private_key = credentials('matt_private_key') - cosmos_password = credentials('cosmos_password') - cosmos_root_password = credentials('cosmos_root_password') - vm_party_username_password = credentials('cosmos_root_password') - is_admin = '0' + ansible_service_windows = credentials(' ansible-service-windows') } options { @@ -38,6 +26,7 @@ pipeline { steps { // Generate the dynamic inventory file + // Usage: $0 -i IP_LIST -u JENKINS_USER -g JENKINS_GROUP -w WINDOWS_USER -p ANSIBLE_PASSWORD [-a SERVER_SUBNET_GROUP] [-s] [-v] [-e]" sh """ jenkins_group=\$(echo ${env.BUILD_USER_GROUPS} | sed 's/,/\\n/g' | grep -v \$SERVER_SUBNET_GROUP | grep Jenkins | head -n 1) @@ -45,7 +34,8 @@ pipeline { jenkins_user=\$(echo ${env.BUILD_USER}) cd /var/jenkins_home/ansible chmod +x /var/jenkins_home/ansible/inventory/inventory.sh - /var/jenkins_home/ansible/inventory/inventory.sh -v -s -a \$jenkins_subnet_group -g \$jenkins_group -u \$jenkins_user -i ${params.host_ip} + /var/jenkins_home/ansible/inventory/inventory.sh -v -s -a \$jenkins_subnet_group -g \$jenkins_group -u \$jenkins_user \ + -w ${env.ansible_service_windows_USR} -p ${env.ansible_service_windows_PSW} -i ${params.host_ip} """ } @@ -56,20 +46,12 @@ pipeline { sh """ echo ${params.host_ip} hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8) - inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml" + inventory_file="/var/jenkins_home/ansible-windows/.inv/inventory-\$hash.yml" - cd /var/jenkins_home/ansible + cd /var/jenkins_home/ansible-windows - echo ansible-playbook -i \$inventory_file /var/jenkins_home/ansible/playbooks/test.yaml \ - --ssh-common-args='-o StrictHostKeyChecking=no'\ - --extra-vars "saturn_behemoth=${SATURN_BEHEMOTH} linux_ldap_pwd=${LINUX_LDAP_PWD} \ - pxe_proxy_password=${pxe_proxy_password} PXE_API_KEY=${PXE_API_KEY} \ - AUTHORIZED_KEY=${AUTHORIZED_KEY} TERRA_BEHEMOTH_SMB=${TERRA_BEHEMOTH_SMB} \ - CIFS_USERNAME=${env.TERRA_BEHEMOTH_SMB_USR} CIFS_PASSWORD=${env.TERRA_BEHEMOTH_SMB_PSW} \ - MATT_PASSWORD=${env.MATT_PASSWORD} host_ip=${params.host_ip} \ - matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \ - cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \ - vm_party_username_password=${env.vm_party_username_password} }" + echo ansible-playbook -i \$inventory_file /var/jenkins_home/ansible-windows/playbooks/test.yaml \ + --ssh-common-args='-o StrictHostKeyChecking=no' " """ } } diff --git a/playbooks/test.yaml b/playbooks/test.yaml new file mode 100644 index 0000000..75841e3 --- /dev/null +++ b/playbooks/test.yaml @@ -0,0 +1,14 @@ +--- +# https://us.fanntik.top/product/fanttik-e1-max-precision-electric-screwdriver-5/ +- name: Ansible Test + hosts: all + become: yes + + + roles: + + - show_user_vars + + - display_hostname + +... \ No newline at end of file diff --git a/roles/display_hostname/tasks/main.yaml b/roles/display_hostname/tasks/main.yaml new file mode 100644 index 0000000..b3ff005 --- /dev/null +++ b/roles/display_hostname/tasks/main.yaml @@ -0,0 +1,15 @@ +--- + + +tasks: + +- name: Show some information + become: true + ansible.windows.win_command: | + hostname + whoami + gpresult /v | find "DC=cosmos" + + + +... \ No newline at end of file diff --git a/roles/show_user_vars/tasks/main.yaml b/roles/show_user_vars/tasks/main.yaml new file mode 100644 index 0000000..cc99a71 --- /dev/null +++ b/roles/show_user_vars/tasks/main.yaml @@ -0,0 +1,19 @@ +--- + + +- name: show user vars + debug: + msg: + - "User email:" + - "{{ jenkins_user}}" + - "Jenkins Group:" + - "{{ jenkins_group}}" + - "SERVER_SUBNET_GROUP:" + - "{{ SERVER_SUBNET_GROUP }}" + - "subnet_group_check:" + - "{{ subnet_group_check }}" + - "Host IP:" + - "{{ ansible_ssh_host }}" + + +... \ No newline at end of file