CREDS GO IN
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good

This commit is contained in:
adam 2024-12-03 00:21:42 -05:00
parent 8c34cc29de
commit ac0675df94

View File

@ -12,7 +12,7 @@ pipeline {
//pw_developmentdatabase="" //pw_developmentdatabase=""
//SUDOER=credentials('') //going to be set based on target host //SUDOER=credentials('') //going to be set based on target host
SUDOERSSH=credentials('2c48e1a9-22b2-455c-9959-6b29e86d3fb5') SUDOERSSH=credentials('2c48e1a9-22b2-455c-9959-6b29e86d3fb5')
JENKINS=credentials('f1192e74-dfe0-402f-a189-703482d914fe') JENKINS=credentials('68391381-e095-4b47-b956-d23055b0808e')
GITEATOKEN = credentials('d0e86441-2157-405f-8539-a9a9010c6ecf') GITEATOKEN = credentials('d0e86441-2157-405f-8539-a9a9010c6ecf')
} }
stages { stages {
@ -36,11 +36,11 @@ pipeline {
error("target host not recognized. btw: yes .lan, all lowercase.") error("target host not recognized. btw: yes .lan, all lowercase.")
} }
env.pw_linuxserviceaccount=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX") env.pw_linuxserviceaccount=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").trim()
echo env.pw_linuxserviceaccount echo env.pw_linuxserviceaccount
env.pw_productiondatabase=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX") env.pw_productiondatabase=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").trim()
echo env.pw_productiondatabase echo env.pw_productiondatabase
env.pw_developmentdatabase=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX") env.pw_developmentdatabase=sh(returnStdout: true, script: "mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").trim()
echo env.pw_developmentdatabase echo env.pw_developmentdatabase
} }
} }
@ -83,8 +83,9 @@ pipeline {
while [ -z "\$strRes" ]; while [ -z "\$strRes" ];
do do
sleep 5; sleep 5;
curl -X GET -s -u ${env.JENKINS_USR}:'${env.JENKINS_PSW}' \ #curl -X GET ${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/api/json
alloces.lan:8080/job/gitea.arg.rip/api/json > f.json curl -X GET -s ${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/api/json > f.json
strRes=\$(jq '.jobs' f.json | jq '.[] | select(.name==\"${env.servicename}\")') strRes=\$(jq '.jobs' f.json | jq '.[] | select(.name==\"${env.servicename}\")')
rm f.json rm f.json
done done
@ -107,33 +108,29 @@ pipeline {
pushd ${servicename} pushd ${servicename}
dbstartline=\$(sed -n '/---dbstart---/=' Jenkinsfile) dbstartline=\$(sed -n '/---dbstart---/=' Jenkinsfile)
dbendline=\$(sed -n '/---dbend---/=' Jenkinsfile) dbendline=\$(sed -n '/---dbend---/=' Jenkinsfile)
echo \"yes db. \${dbstartline} and \${dbendline}\" echo \"yes db.\"
sed -ie \"\${dbstartline}d;\${dbendline}d\" Jenkinsfile sed -i \"\${dbstartline}d;\${dbendline}d\" Jenkinsfile
databasecredsid=\$(uuidgen) databasecredsid=\$(uuidgen)
urlGetData=\"crumbIssuer/api/xml?xpath=concat\\(//crumbRequestField,\\":\\",//crumb\\)\" httpBasicAuth=\"http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/\"
echo "116" echo \"\${httpBasicAuth}\"
echo \"\${urlGetData}\" urlGetData=\"crumbIssuer/api/xml?xpath=concat(//crumbRequestField,\\":\\",//crumb)\"
echo "118"
echo \'curl -s \"http://${env.JENKINS_USR}:\\\'${env.JENKINS_PSW}\\\'@alloces.lan:8080/\${urlGetData}\"\'
echo "122"
curl -s \"http://${env.JENKINS_USR}:\\\'${env.JENKINS_PSW}\\\'@alloces.lan:8080/\${urlGetData}\"
CRUMB=\$(curl -s \"http://${env.JENKINS_USR}:\\\'${env.JENKINS_PSW}\\\'@alloces.lan:8080/\${urlGetData}\") CRUMB=\$(curl -s -c cookies.txt \"\${httpBasicAuth}\${urlGetData}\")
echo \$CRUMB echo "crumb anyway. \$CRUMB"
curl -H \$CRUMB -X POST \"http://${env.JENKINS_USR}:'${env.JENKINS_PSW}'@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/greyn%20services/createCredentials\" \ curl -H \$CRUMB -X POST \"http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/_/createCredentials\" \
--data-urlencode 'json={ --data-urlencode 'json={
"": "0", "": "0",
"credentials": { "credentials": {
"scope": "GLOBAL", "scope": "GLOBAL",
"id": "\$databasecredsid", "id": "'"\$databasecredsid"'",
"secret": "\"Host=${targetHost};Database=${servicename};Username=${servicename};Password=${env.pw_productiondatabase};IncludeErrorDetail=true;\"", "secret": "Host=${targetHost};Database=${servicename};Username=${servicename};Password=${env.pw_productiondatabase};IncludeErrorDetail=true;",
"description": "database connection string", "description": "database connection string",
"\$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl" "\$class": "com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl"
} }
}' }'
sed -ie 's/productiondatabase_connectionString=creds/productiondatabase_connectionString=credentials('\$databasecredsid')/\' Jenkinsfile sed -i 's/productiondatabase_connectionString=creds/productiondatabase_connectionString=credentials('\$databasecredsid')/\' Jenkinsfile
git add . git add .
git commit -m \"set up for database\" git commit -m \"set up for database\"
@ -153,9 +150,9 @@ pipeline {
usernameCredsId=\$(uuidgen) usernameCredsId=\$(uuidgen)
CRUMB=\$(curl 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)') #CRUMB=\$(curl -c cookies.txt 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
echo \$CRUMB #echo \$CRUMB
curl -H \$CRUMB -X POST 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/greyn%20services/createCredentials' \ curl -X POST 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/_/createCredentials' \
--data-urlencode 'json={ --data-urlencode 'json={
"": "0", "": "0",
"credentials": { "credentials": {
@ -174,9 +171,9 @@ pipeline {
ssh-keygen -t ed25519 -f "${servicename}" -N "" ssh-keygen -t ed25519 -f "${servicename}" -N ""
privatekeycontent=\$(cat ${servicename})) privatekeycontent=\$(cat ${servicename}))
pubkeycontent=\$(cat ${servicename}.pub)) pubkeycontent=\$(cat ${servicename}.pub))
CRUMB=\$(url -s 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)') #CRUMB=\$(curl -s -c cookies.txt 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)')
echo \$CRUMB #echo \$CRUMB
curl -H \$CRUMB -X POST 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/greyn%20services/createCredentials' \ curl -X POST 'http://${env.JENKINS_USR}:${env.JENKINS_PSW}@alloces.lan:8080/job/gitea.arg.rip/job/${servicename}/credentials/store/folder/domain/_/createCredentials' \
--data-urlencode 'json={ --data-urlencode 'json={
"": "0", "": "0",
"credentials": { "credentials": {