matt/jenkinsfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cosmos kiosk jenkinsfile

Browse Source
This commit is contained in:
Matt
2025-09-28 11:24:53 -07:00
parent ed077e7ba0
commit 7739896611
6 changed files with 315 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

161
Jenkinsfile.cosmos-kiosk Normal file
View File

@ -0,0 +1,161 @@
pipeline {
agent any
// Define parameters
parameters {
string(name: 'host_ip', description: 'Target System Address')
text(name: 'kiosk_variable', defaultValue: '- chrome_website: "http://localhost:8081"\n service_name: user_stream_control\n service_description: "VCR Capture User Stream Control"\n extra_service_configs: ""\n user_data_dir: "/opt/chrome/one"\n extra_chrome_configs: |\n --window-size="470,1080" \\\n --user-data-dir=/opt/chrome/one \\\n- chrome_website: "http://localhost:8888/stream"\n service_name: stream_preview\n service_description: "VCR Capture Preview Stream"\n extra_service_configs: ""\n user_data_dir: "/opt/chrome/two"\n extra_chrome_configs: |\n --window-size="1440,1080" \\\n --user-data-dir=/opt/chrome/two \\\n --window-position="480,0" \\\n', description: 'Kiosk variables to deploy, default example should show everything you might need. It is processed as an ansible variable')
string(name: 'new_hostname', defaultValue: 'MC-Kiosk', description: 'Update Hostname')
booleanParam(name: 'rename_endpoint', defaultValue: true, description: 'Uncheck to skip renaming of endpoint')
booleanParam(name: 'add_domain', defaultValue: true, description: 'When checked hostname will have home.cosmos appended')
booleanParam(name: 'install_docker', defaultValue: true, description: 'When checked docker packages are installed and portainer started on 9100')
booleanParam(name: 'public_deploy', defaultValue: true, description: 'Uncheck this option to deploy private SSH key')
booleanParam(name: 'onboard_pi', defaultValue: false, description: 'Check this option to onboard a new FriendlyElec Device')
booleanParam(name: 'install_python', defaultValue: false, description: 'Check this option to install python packages')
booleanParam(name: 'refresh_special', defaultValue: false, description: 'When checked the autologin account and kiosk are refreshed only')
booleanParam(name: 'force_x11', defaultValue: false, description: 'Check this option to force X11 Display Manager')
}
environment {
ANSIBLE_FORCE_COLOR = '1'
matt_public_key = credentials('matt_public_key')
matt_private_key = credentials('matt_private_key')
cosmos_password = credentials('cosmos_password')
cosmos_root_password = credentials('cosmos_root_password')
jenkins_public_key = credentials('jenkins_public_key')
}
options {
ansiColor('xterm')
}
stages {
stage('Inject Auth Key') {
when {
expression { params.onboard_pi }
}
steps {
script{
// clear ssh keys
echo "Target IP: ${params.host_ip}"
sh """
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
"""
}
script{
sh """
echo Copy public key to pi home dir
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys"
"""
}
script{
sh """
echo Make sure /root/.ssh exists
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/"
"""
}
script{
sh """
echo Move public key to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys"
"""
}
script{
sh """
echo Restrict permissions on file
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/"
"""
}
script{
sh """
echo Set owner to root
sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/"
"""
}
}
}
stage('Generate Inventory File') {
steps {
// Generate the dynamic inventory file
// Also overwrite the kiosk variabl yaml
sh """
cd /var/jenkins_home/ansible
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
kiosk_yaml=/var/jenkins_home/ansible/roles/chrome_kiosk/files/kiosk-\$hash.yaml
echo --- > \$kiosk_yaml
echo kiosk_service_templates: >> \$kiosk_yaml
echo '${params.kiosk_variable}' >> \$kiosk_yaml
echo ... >> \$kiosk_yaml
ls -lah /var/jenkins_home/ansible/roles/chrome_kiosk/files/*.yaml
cat \$kiosk_yaml
"""
}
}
stage('Ansible Playbook') {
steps {
//Run the cosmos-base ansible playbook
// /workspace/ansible/playbooks/cosmos-base.yaml
sh """
echo ${params.host_ip}
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
kiosk_yaml=/var/jenkins_home/ansible/roles/chrome_kiosk/files/kiosk-\$hash.yaml
cd /var/jenkins_home/ansible
ansible-playbook -i \$inventory_file \
/var/jenkins_home/ansible/playbooks/cosmos-kiosk.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
--extra-vars "docker_full=false no_vpn=true \
matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
new_hostname=${params.new_hostname} public_deploy=${params.public_deploy} \
rename_host=${params.rename_endpoint} onboard_pi=${params.onboard_pi} \
add_domain=${params.add_domain} install_docker=${params.install_docker} \
install_python=${params.install_python} refresh_special=${params.refresh_special} \
force_x11=${params.force_x11} kiosk_yaml='\$kiosk_yaml'"
"""
}
}
}
post {
always {
// Remove dynamic Inventory file
// Remove group_vars file
sh """
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
kiosk_yaml=/var/jenkins_home/ansible/roles/chrome_kiosk/files/kiosk-\$hash.yaml
rm \$inventory_file
rm \$kiosk_yaml
"""
}
}
}