dustin
/
configpolicy
1
1
Fork 0
Code Issues Releases Activity

ci: Add pipeline for Gitea

jenkins-master
Dustin 2020-02-22 16:27:18 -06:00
parent cd1cf38774
commit 29e713f862
1 changed files with 92 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
ci/gitea.jenkinsfile Normal file
View File

@ -0,0 +1,92 @@
// vim: set ft=groovy sw=4 ts=4 sts=4 et :
pipeline {
agent {
dockerfile {
dir 'ci'
args '''\
-v /etc/ssh/ssh_known_hosts:/etc/ssh/ssh_known_hosts:ro
'''
}
}
options {
lock 'cfgpol'
timeout(time: 1, unit: 'HOURS')
}
triggers {
cron 'H H * * *'
}
environment {
KRB5CCNAME = "${WORKSPACE}/.krb5cc"
}
stages {
stage('kinit') {
steps {
withCredentials([file(
credentialsId: 'keytab-jenkins@pyrocufflink.blue',
variable: 'KEYTAB')]) {
sh 'kinit -kt "${KEYTAB}" jenkins@PYROCUFFLINK.BLUE'
}
withCredentials([file(
credentialsId: 'vault-jenkins@pyrocufflink.blue',
variable: 'SUDO_PASS_FILE'
)]) {
sh 'cp "${SUDO_PASS_FILE}" group_vars/pyrocufflink/sudo-pass'
}
}
}
stage('Remount R/W') {
steps {
ansiblePlaybook \
playbook: 'remount.yml',
limit: 'gitea',
become: true,
vaultCredentialsId: 'ansible-vault',
extraVars: [
remount_state: 'rw',
]
}
}
stage('Gitea') {
steps {
ansiblePlaybook \
playbook: 'gitea.yml',
become: true,
vaultCredentialsId: 'ansible-vault',
extras: '--diff'
}
}
stage('Remount R/O') {
steps {
ansiblePlaybook \
playbook: 'remount.yml',
limit: 'gitea',
become: true,
vaultCredentialsId: 'ansible-vault',
extras: '--diff'
}
}
}
post {
always {
sh 'kdestroy'
sh 'find . -name sudo-pass -delete'
}
failure {
emailext \
to: 'gyrfalcon@ebonfire.com',
subject: '$DEFAULT_SUBJECT',
body: '$DEFAULT_CONTENT'
}
}
}