// vim: set ft=groovy sw=4 ts=4 sts=4 et :

pipeline {
    agent {
        label 'ansible'
    }

    triggers {
        pollSCM ''
    }

    stages {
        stage('Prepare') {
            steps {
                withCredentials([file(
                        credentialsId: 'vault-jenkins@pyrocufflink.blue',
                        variable: 'SUDO_PASS_FILE')]) {
                    sh 'cp -f "${SUDO_PASS_FILE}" sudo-pass'
                }
            }
        }

        stage('Domain Controller') {
            steps {
                withCredentials([file(
                        credentialsId: 'ansible-vault',
                        variable: 'ANSIBLE_VAULT_PASSWORD_FILE')]) {
                    sshagent(['jenkins-ssh']) {
                        sh 'ansible-playbook --check --diff -b domain-controller.yml -e @sudo-pass'
                    }
                }
            }
        }

    }
}