diff --git a/inventory/inventory.sh b/inventory/inventory.sh index cfbdd1a..6705afa 100755 --- a/inventory/inventory.sh +++ b/inventory/inventory.sh @@ -116,25 +116,30 @@ all: IFS=',' read -ra IPS <<< "$IP_LIST" for IP in "${IPS[@]}"; do ip_check=$(curl -s http://172.25.100.15:15010/ip_check?ip=${IP} | jq .in_subnets) - echo $ip_check - echo $allsubnet_group - echo $SERVER_SUBNET_GROUP # if this is a restricted subnet, then check the group if $ip_check; then - echo "Subnet restricted, checking group membership" - if [ "$allsubnet_group" == "$SERVER_SUBNET_GROUP" ]; then - echo "IP Check Passed, adding endpoint ${IP} to inventory" + if ! $be_quiet; then + echo "Subnet restricted, checking group membership" + fi + if [ "$allsubnet_group" == "$SERVER_SUBNET_GROUP" ]; then + if ! $be_quiet; then + echo "IP Check Passed, adding endpoint ${IP} to inventory" + fi inventory_content+=" ${IP}: ansible_host: ${IP} " else - echo "Warning: User ${JENKINS_USER} not member of ${SERVER_SUBNET_GROUP}!" - echo "Auth Check Failed for endpoint ${IP}, not adding to inventory" + if ! $be_quiet; then + echo "Warning: User ${JENKINS_USER} not member of ${SERVER_SUBNET_GROUP}!" + echo "Auth Check Failed for endpoint ${IP}, not adding to inventory" + fi fi # if the subnet is not restricted, just add the endpoint to the inventory else - echo "Unrestricted subnet, adding endpoint ${IP} to inventory" + if ! $be_quiet; then + echo "Unrestricted subnet, adding endpoint ${IP} to inventory" + fi inventory_content+=" ${IP}: ansible_host: ${IP} " diff --git a/jenkins/Jenkinsfile.disk_service b/jenkins/Jenkinsfile.disk_service new file mode 100644 index 0000000..53e3c49 --- /dev/null +++ b/jenkins/Jenkinsfile.disk_service @@ -0,0 +1,74 @@ +pipeline { + agent any + + // Define parameters + parameters { + string(name: 'host_ip', description: 'Target System Address') + // string(name: 'new_hostname', description: 'Update Hostname') + // reference for later + // choice(name: 'DEPLOY_ENV', choices: ['dev', 'staging', 'prod'], description: 'Environment to deploy to') + // booleanParam(name: 'rename_host', defaultValue: true, description: 'When checked hostname will be renamed') + // booleanParam(name: 'config_matt', defaultValue: true, description: 'config matt profile') + } + + environment { + ANSIBLE_FORCE_COLOR = '1' + ansible_service_windows = credentials(' ansible-service-windows') + } + + options { + ansiColor('xterm') + } + + stages { + + stage('Generate Inventory File') { + steps { + + // Generate the dynamic inventory file + // Usage: $0 -i IP_LIST -u JENKINS_USER -g JENKINS_GROUP -w WINDOWS_USER -p ANSIBLE_PASSWORD [-a SERVER_SUBNET_GROUP] [-s] [-v] [-e]" + sh """ + + jenkins_group=\$(echo ${env.BUILD_USER_GROUPS} | sed 's/,/\\n/g' | grep -v \$SERVER_SUBNET_GROUP | grep Jenkins | head -n 1) + jenkins_subnet_group=\$(echo ${env.BUILD_USER_GROUPS} | sed 's/,/\\n/g' | grep -e authenticated -e \$SERVER_SUBNET_GROUP | sort -rf | head -n 1) + jenkins_user=\$(echo ${env.BUILD_USER}) + cd /var/jenkins_home/ansible-windows + chmod +x /var/jenkins_home/ansible-windows/inventory/inventory.sh + /var/jenkins_home/ansible-windows/inventory/inventory.sh -v -s -a \$jenkins_subnet_group -g \$jenkins_group -u \$jenkins_user -w ${env.ansible_service_windows_USR} -p ${env.ansible_service_windows_PSW} -i ${params.host_ip} + + """ + } + } + + stage('Ansible Playbook') { + steps { + sh """ + echo Generate Hash + echo ${params.host_ip} + hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8) + + inventory_file="/var/jenkins_home/ansible-windows/.inv/inventory-\$hash.yml" + playbook_file="/var/jenkins_home/ansible-windows/playbooks/disk_service.yaml" + + cd /var/jenkins_home/ansible-windows + + ansible-playbook -i \$inventory_file \$playbook_file \ + --ssh-common-args='-o StrictHostKeyChecking=no' + """ + } + } + } + + post { + always { + // Remove dynamic Inventory file + sh """ + hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8) + inventory_file="/var/jenkins_home/ansible-windows/.inv/inventory-\$hash.yml" + rm \$inventory_file + + """ + } + } + +} diff --git a/playbooks/disk_service.yaml b/playbooks/disk_service.yaml new file mode 100644 index 0000000..0e43a2a --- /dev/null +++ b/playbooks/disk_service.yaml @@ -0,0 +1,13 @@ +--- +- name: Set up disk inventory service + hosts: all + become: yes + become_method: runas + + roles: + + - show_user_vars + + - storage_api + +... \ No newline at end of file diff --git a/playbooks/test.yaml b/playbooks/test.yaml index 8cc68f6..bdc09fa 100644 --- a/playbooks/test.yaml +++ b/playbooks/test.yaml @@ -1,6 +1,5 @@ --- -# https://us.fanntik.top/product/fanttik-e1-max-precision-electric-screwdriver-5/ -- name: Ansible Test +- name: Ansible Windows Test hosts: all become: yes become_method: runas diff --git a/roles/storage_api/defaults/main.yaml b/roles/storage_api/defaults/main.yaml new file mode 100644 index 0000000..1377b20 --- /dev/null +++ b/roles/storage_api/defaults/main.yaml @@ -0,0 +1,13 @@ +--- + +#python_venv: "C:\Python39\Scripts" + +cosmos_root_folder: "C:\programdata\cosmos" + +python_service_root: "{{ cosmos_root_folder }}\python" + +python_venv: "{{python_service_root}}\disk_api" + +nssm_folder: "{{ cosmos_root_folder }}\nssm" + +... \ No newline at end of file diff --git a/roles/storage_api/files/requirements.txt b/roles/storage_api/files/requirements.txt new file mode 100644 index 0000000..ed6ebb0 --- /dev/null +++ b/roles/storage_api/files/requirements.txt @@ -0,0 +1,2 @@ +Flask +psutil \ No newline at end of file diff --git a/roles/storage_api/tasks/build_py_bin.yaml b/roles/storage_api/tasks/build_py_bin.yaml new file mode 100644 index 0000000..3eb759b --- /dev/null +++ b/roles/storage_api/tasks/build_py_bin.yaml @@ -0,0 +1,15 @@ +--- + +- name: Create directory structure + ansible.windows.win_file: + path: "{{ python_service_root }}" + state: directory + +- name: Copy disk_service.py + ansible.windows.win_copy: + src: disk_service.py + dest: "{{ python_service_root }}\disk_service.py" + + + +... \ No newline at end of file diff --git a/roles/storage_api/tasks/main.yaml b/roles/storage_api/tasks/main.yaml new file mode 100644 index 0000000..c27072e --- /dev/null +++ b/roles/storage_api/tasks/main.yaml @@ -0,0 +1,17 @@ +--- + +############################################### +# Disk API Windows Service +############################################### + +- name: set up python venv + include_tasks: python_venv.yaml + +- name: build python exe + include_tasks: build_py_bin.yaml + +#- name: set up nssm service +# include_tasks: nssm.yaml + + +... \ No newline at end of file diff --git a/roles/storage_api/tasks/nssm.yaml b/roles/storage_api/tasks/nssm.yaml new file mode 100644 index 0000000..ff4a537 --- /dev/null +++ b/roles/storage_api/tasks/nssm.yaml @@ -0,0 +1,13 @@ +--- + +- name: Install nssm + win_chocolatey: + name: nssm + state: present + +- name: Install the foo service + community.windows.win_nssm: + name: foo + application: C:\windows\foo.exe + +... \ No newline at end of file diff --git a/roles/storage_api/tasks/python_venv.yaml b/roles/storage_api/tasks/python_venv.yaml new file mode 100644 index 0000000..95f8aa6 --- /dev/null +++ b/roles/storage_api/tasks/python_venv.yaml @@ -0,0 +1,31 @@ +--- + +- name: Ensure Python is installed + win_chocolatey: + name: python + state: present + +- name: Create venv folder + ansible.windows.win_file: + path: "{{ python_venv }}" + state: directory + +- name: Copy requirements.txt + ansible.windows.win_copy: + src: requirements.txt + dest: "{{ python_venv }}\requirements.txt" + +- name: Create virtual environment + win_shell: "py -m venv {{ python_venv }}" + +- name: Upgrade pip in the virtual environment + win_shell: "{{ python_venv }}\pip install --upgrade pip" + args: + chdir: "{{ python_venv }}" + +- name: Install Python dependencies from requirements.txt + win_shell: "{{ python_venv }}\pip install -r {{ python_venv }}\requirements.txt" + args: + chdir: "{{ python_venv }}" + +... \ No newline at end of file