// vim: set ft=groovy sw=4 ts=4 sts=4 et : pipeline { agent { label 'ansible' } triggers { cron 'H H * * *' } stages { stage('Prepare') { steps { withCredentials([file( credentialsId: 'vault-jenkins@gw0', variable: 'SUDO_PASS_FILE')]) { sh 'cp -f "${SUDO_PASS_FILE}" host_vars/gw0/sudo-pass' } } } stage('Remount R/W') { steps { ansiblePlaybook \ playbook: 'remount.yml', limit: 'dch-gw', become: true, credentialsId: 'jenkins-ssh', vaultCredentialsId: 'ansible-vault', extraVars: [ remount_state: 'rw', ] } } stage('Services') { steps { ansiblePlaybook \ playbook: 'dhcpcd.yml', limit: 'dch-gw', become: true, credentialsId: 'jenkins-ssh', vaultCredentialsId: 'ansible-vault', extras: '--diff' ansiblePlaybook \ playbook: 'radvd.yml', become: true, credentialsId: 'jenkins-ssh', vaultCredentialsId: 'ansible-vault', extras: '--diff' } } stage('Firewall') { steps { ansiblePlaybook \ playbook: 'dch-gw.yml', become: true, credentialsId: 'jenkins-ssh', vaultCredentialsId: 'ansible-vault', extras: '--diff' } } stage('Remount R/O') { steps { ansiblePlaybook \ playbook: 'remount.yml', limit: 'dch-gw', become: true, credentialsId: 'jenkins-ssh', vaultCredentialsId: 'ansible-vault' } } } post { failure { emailext \ to: 'gyrfalcon@ebonfire.com', subject: '$DEFAULT_SUBJECT', body: '$DEFAULT_CONTENT' } } }