init commit
This commit is contained in:
158
Jenkinsfile.pi-top
Normal file
158
Jenkinsfile.pi-top
Normal file
@ -0,0 +1,158 @@
|
||||
pipeline {
|
||||
agent any
|
||||
|
||||
// Define parameters
|
||||
parameters {
|
||||
string(name: 'host_ip', description: 'Target System Address, single IP Only')
|
||||
choice(name: 'function', choices: ['lldp', 'purge-defaults', 'none'], description: 'Choose Pi-Top Function')
|
||||
booleanParam(name: 'inject_ssh', defaultValue: true, description: 'Inject Jenkins SSH key')
|
||||
string(name: 'admin_username', defaultValue: 'pi', description: 'Admin Username')
|
||||
password(name: 'admin_password', defaultValue: 'pi-top', description: 'Admin Password')
|
||||
|
||||
}
|
||||
|
||||
environment {
|
||||
ANSIBLE_FORCE_COLOR = '1'
|
||||
jenkins_public_key = credentials('jenkins_public_key')
|
||||
}
|
||||
|
||||
options {
|
||||
ansiColor('xterm')
|
||||
}
|
||||
|
||||
stages {
|
||||
|
||||
stage('Purge SSH Keys') {
|
||||
steps {
|
||||
script{
|
||||
sh """
|
||||
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
|
||||
"""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('Inject Auth Key') {
|
||||
when {
|
||||
expression {
|
||||
return params.function != 'none' && params.inject_ssh
|
||||
}
|
||||
}
|
||||
steps {
|
||||
script{
|
||||
// clear ssh keys
|
||||
echo "Target IP: ${params.host_ip}"
|
||||
|
||||
sh """
|
||||
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
|
||||
"""
|
||||
|
||||
}
|
||||
|
||||
script{
|
||||
admin_password = params.admin_password
|
||||
wrap([$class: 'MaskPasswordsBuildWrapper',
|
||||
varPasswordPairs: [[password: admin_password]]]) {
|
||||
sh """
|
||||
echo Copy public key to pi home dir
|
||||
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${env.jenkins_public_key} > /home/${params.admin_username}/authorized_keys"
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
script{
|
||||
admin_password = params.admin_password
|
||||
wrap([$class: 'MaskPasswordsBuildWrapper',
|
||||
varPasswordPairs: [[password: admin_password]]]) {
|
||||
sh """
|
||||
echo Make sure /root/.ssh exists
|
||||
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mkdir -p /root/.ssh/"
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
script{
|
||||
admin_password = params.admin_password
|
||||
wrap([$class: 'MaskPasswordsBuildWrapper',
|
||||
varPasswordPairs: [[password: admin_password]]]) {
|
||||
sh """
|
||||
echo Move public key to root
|
||||
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mv /home/${params.admin_username}/authorized_keys /root/.ssh/authorized_keys"
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
script{
|
||||
admin_password = params.admin_password
|
||||
wrap([$class: 'MaskPasswordsBuildWrapper',
|
||||
varPasswordPairs: [[password: admin_password]]]) {
|
||||
sh """
|
||||
echo Restrict permissions on file
|
||||
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chmod -R 600 /root/.ssh/"
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
script{
|
||||
admin_password = params.admin_password
|
||||
wrap([$class: 'MaskPasswordsBuildWrapper',
|
||||
varPasswordPairs: [[password: admin_password]]]) {
|
||||
sh """
|
||||
echo Set owner to root
|
||||
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chown -R root:root /root/.ssh/"
|
||||
"""
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage('Generate Inventory File') {
|
||||
steps {
|
||||
// Generate the dynamic inventory file
|
||||
sh """
|
||||
cd /var/jenkins_home/ansible
|
||||
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
|
||||
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
|
||||
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
stage('Ansible Playbook') {
|
||||
when {
|
||||
expression {
|
||||
return params.function != 'none'
|
||||
}
|
||||
}
|
||||
steps {
|
||||
sh """
|
||||
echo ${params.host_ip}
|
||||
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
|
||||
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
|
||||
|
||||
cd /var/jenkins_home/ansible
|
||||
|
||||
ansible-playbook -i \$inventory_file \
|
||||
/var/jenkins_home/ansible/playbooks/pi-top.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
|
||||
--extra-vars " function=${params.function} admin_username='${params.admin_username}' "
|
||||
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
post {
|
||||
always {
|
||||
// Remove dynamic Inventory file
|
||||
sh """
|
||||
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
|
||||
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
|
||||
rm \$inventory_file
|
||||
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user