jenkinsfiles/Jenkinsfile.VCR-capture

pipeline {
    agent any
    // Define parameters
    parameters {
        string(name: 'host_ip', description: 'Target System Address')
        string(name: 'new_hostname', defaultValue:"MCVCR", description: 'Update Hostname')
        booleanParam(name: 'rename_endpoint', defaultValue: true, description: 'Uncheck to skip renaming of endpoint')
        booleanParam(name: 'refresh_special', defaultValue: false, description: 'When checked perform a faster run that just updates the capture stack')
        booleanParam(name: 'public_deploy', defaultValue: true, description: 'Uncheck this option to deploy private SSH key')
        booleanParam(name: 'onboard_pi', defaultValue: false, description: 'Check this option to onboard a new FriendlyElec Device')
        booleanParam(name: 'GUI_deploy', defaultValue: false, description: 'Check this option to set up GUI if possible')
        booleanParam(name: 'jellyfin_deploy', defaultValue: false, description: 'Check this option to install Jellyfin')
        booleanParam(name: 'extra_storage', defaultValue: false, description: 'Check this option to automatically configure the secondary storage. Be careful.')        
    }

    environment {
        ANSIBLE_FORCE_COLOR = '1'
        PXE_API_KEY = credentials('PXE_API_KEY')
        matt_public_key = credentials('matt_public_key')
        matt_private_key = credentials('matt_private_key')
        cosmos_password = credentials('cosmos_password')
        cosmos_root_password = credentials('cosmos_root_password')
        jenkins_public_key = credentials('jenkins_public_key') 
    }

    options {
        ansiColor('xterm')
    }

    stages {

        stage('Inject Auth Key') {
            when {
              expression { params.onboard_pi }
            }            
            steps {
                script{
                    // clear ssh keys
                    echo "Target IP: ${params.host_ip}"
                    
                    sh """
                    ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
                    """
                    
                }
                
                script{
                    sh """
                    echo Copy public key to pi home dir
                    sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo ${env.jenkins_public_key} > /home/pi/authorized_keys"

                    """
                }
                
                script{
                    sh """
                    echo Make sure /root/.ssh exists
                    sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mkdir -p /root/.ssh/"
                                        """
                }
                
                script{
                    sh """
                    echo Move public key to root
                    sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S mv /home/pi/authorized_keys /root/.ssh/authorized_keys"

                    """
                }
                
                script{
                    sh """
                    echo Restrict permissions on file
                    sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chmod -R 600 /root/.ssh/"

                    """
                }

                script{
                    sh """
                    echo Set owner to root
                    sshpass -p 'pi' ssh -o StrictHostKeyChecking=no pi@${params.host_ip} "echo pi | sudo -S chown -R root:root /root/.ssh/"

                    """
                }
            }
        }


        stage('Generate Inventory File') {
            steps {
                // Generate the dynamic inventory file
                sh """
                cd /var/jenkins_home/ansible
                chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
                /var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}

                """
            }
        }

        stage('Ansible Playbook') {
            steps {
                //Run the VCR-captute ansible playbook
                // /workspace/ansible/playbooks/cosmos-base.yaml
                sh """
                echo ${params.host_ip}
                hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
                inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"

                cd /var/jenkins_home/ansible

                ansible-playbook -i \$inventory_file \
                    /var/jenkins_home/ansible/playbooks/VCR-capture.yaml --ssh-common-args='-o StrictHostKeyChecking=no' \
                    --extra-vars "docker_full=false no_vpn=true add_domain=false \
                                  matt_public_key='${env.matt_public_key}' matt_private_key='${env.matt_private_key}' \
                                  cosmos_password='${env.cosmos_password}' cosmos_root_password='${env.cosmos_root_password}' \
                                  new_hostname=${params.new_hostname} refresh_special=${params.refresh_special}  \
                                  rename_host=${params.rename_endpoint} onboard_pi=${params.onboard_pi} \
                                  public_deploy=${params.public_deploy} jellyfin_deploy=${params.jellyfin_deploy} \
                                  GUI_deploy=${params.GUI_deploy} extra_storage=${params.extra_storage} "
                
                """
            }
        }
    }

    post {
        always {
            // Remove dynamic Inventory file
            sh """
            hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
            inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
            rm \$inventory_file
            
            """
        }
    }

}