133 lines
5.1 KiB
Plaintext
133 lines
5.1 KiB
Plaintext
pipeline {
|
|
agent any
|
|
|
|
// Define parameters
|
|
parameters {
|
|
string(name: 'host_ip', description: 'Target System Address')
|
|
string(name: 'admin_username', defaultValue: 'pi', description: 'Admin Username')
|
|
password(name: 'admin_password', defaultValue: 'pi', description: 'Admin Password')
|
|
}
|
|
|
|
environment {
|
|
ANSIBLE_FORCE_COLOR = '1'
|
|
jenkins_public_key = credentials('jenkins_public_key')
|
|
}
|
|
|
|
options {
|
|
ansiColor('xterm')
|
|
}
|
|
|
|
stages {
|
|
|
|
stage('Inject Auth Key') {
|
|
steps {
|
|
script{
|
|
// clear ssh keys
|
|
echo "Target IP: ${params.host_ip}"
|
|
|
|
sh """
|
|
ssh-keygen -f "/root/.ssh/known_hosts" -R "${params.host_ip}"
|
|
"""
|
|
|
|
}
|
|
script{
|
|
admin_password = params.admin_password
|
|
wrap([$class: 'MaskPasswordsBuildWrapper',
|
|
varPasswordPairs: [[password: admin_password]]]) {
|
|
sh """
|
|
echo Copy public key to pi home dir
|
|
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${env.jenkins_public_key} > /home/${params.admin_username}/authorized_keys"
|
|
"""
|
|
}
|
|
}
|
|
|
|
script{
|
|
admin_password = params.admin_password
|
|
wrap([$class: 'MaskPasswordsBuildWrapper',
|
|
varPasswordPairs: [[password: admin_password]]]) {
|
|
sh """
|
|
echo Make sure /root/.ssh exists
|
|
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mkdir -p /root/.ssh/"
|
|
"""
|
|
}
|
|
}
|
|
|
|
script{
|
|
admin_password = params.admin_password
|
|
wrap([$class: 'MaskPasswordsBuildWrapper',
|
|
varPasswordPairs: [[password: admin_password]]]) {
|
|
sh """
|
|
echo Move public key to root
|
|
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S mv /home/${params.admin_username}/authorized_keys /root/.ssh/authorized_keys"
|
|
"""
|
|
}
|
|
}
|
|
|
|
script{
|
|
admin_password = params.admin_password
|
|
wrap([$class: 'MaskPasswordsBuildWrapper',
|
|
varPasswordPairs: [[password: admin_password]]]) {
|
|
sh """
|
|
echo Restrict permissions on file
|
|
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chmod -R 600 /root/.ssh/"
|
|
"""
|
|
}
|
|
}
|
|
|
|
script{
|
|
admin_password = params.admin_password
|
|
wrap([$class: 'MaskPasswordsBuildWrapper',
|
|
varPasswordPairs: [[password: admin_password]]]) {
|
|
sh """
|
|
echo Set owner to root
|
|
sshpass -p '${params.admin_password}' ssh -o StrictHostKeyChecking=no ${params.admin_username}@${params.host_ip} "echo ${params.admin_password} | sudo -S chown -R root:root /root/.ssh/"
|
|
"""
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Generate Inventory File') {
|
|
steps {
|
|
// Generate the dynamic inventory file
|
|
sh """
|
|
cd /var/jenkins_home/ansible
|
|
chmod +x /var/jenkins_home/ansible/inventory/inventory.sh
|
|
/var/jenkins_home/ansible/inventory/inventory.sh ${params.host_ip}
|
|
|
|
"""
|
|
}
|
|
}
|
|
|
|
stage('Ansible Check') {
|
|
steps {
|
|
sh """
|
|
echo ${params.host_ip}
|
|
hash=\$(echo -n ${params.host_ip} | md5sum | cut -c 1-8)
|
|
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
|
|
|
|
cd /var/jenkins_home/ansible
|
|
|
|
ansible-playbook -i \$inventory_file \
|
|
/var/jenkins_home/ansible/playbooks/pi-init.yaml --ssh-common-args='-o StrictHostKeyChecking=no'
|
|
|
|
"""
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
|
|
post {
|
|
always {
|
|
// Remove dynamic Inventory file
|
|
sh """
|
|
hash=\$(echo -n "${params.host_ip}" | md5sum | cut -c 1-8)
|
|
inventory_file="/var/jenkins_home/ansible/.inv/inventory-\$hash.yml"
|
|
rm \$inventory_file
|
|
|
|
"""
|
|
}
|
|
}
|
|
|
|
} |