Compare commits

...

3 Commits

Author SHA1 Message Date
c8b9a5cf0f more elaboration, still full of TODO's
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good
2024-11-17 13:24:01 -05:00
563fae4908 Merge branch 'release' 2024-11-16 23:12:08 -05:00
3034e4ddd2 jenkinsfile from jenkins-playground
All checks were successful
gitea.arg.rip/deployment/pipeline/head This commit looks good
2024-11-11 00:34:57 -05:00
3 changed files with 107 additions and 1 deletions

View File

@ -1,7 +1,7 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net8.0</TargetFramework>
<TargetFramework>net7.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable>
<IsPackable>true</IsPackable>

78
Jenkinsfile vendored Normal file
View File

@ -0,0 +1,78 @@
pipeline {
agent any
stages {
stage('nuget pack'){
steps{
dotnetPack(outputDirectory: "./", project: "Deployment/Deployment.csproj")
}
}
stage('build numberify'){
steps{
//sed -i 's/<Version>\\([0-9]\\+\\.[0-9]\\)\\.[0-9]\\+<\\/Version>/<Version>\\1.$BUILD_NUMBER<\\/Version>/' nugettest/nugettest.csproj
sh """
filename=\$(ls ./*.nupkg | head -1)
fullfilename=\$(basename -- \$filename)
noext=\${fullfilename%.*}
mv "\$filename" \$noext-\$BUILD_NUMBER.nupkg
filename=null
fullfilename=null
noext=null
"""
}
}
stage('release'){
when {
branch "release"
}
environment {
GITEA = credentials('0bd7c8f5-046c-44b9-9c77-7a28a219ae31')
}
steps{
sh """
filename=\$(ls ./*.nupkg | head -1)
fullfilename=\$(basename -- \$filename)
noext=\${fullfilename%.*}
curl -X 'POST' \
-o release.json \
'https://gitea.arg.rip/api/v1/repos/greyn/deployment/releases' \
-H 'accept: application/json' \
-H 'Authorization: token $GITEA_PSW' \
-H 'Content-Type: application/json' \
-d '{
"body": "automatic build at '"\$(date)"'",
"draft": false,
"name": "$BUILD_NUMBER",
"prerelease": false,
"tag_name": "$BUILD_NUMBER",
"target_commitish": "$GIT_COMMIT"
}'
cat release.json
releaseid=\$(cat release.json | jq .id)
postURL="https://gitea.arg.rip/api/v1/repos/greyn/deployment/releases/\$releaseid/assets?name=\$noext"
curl -X 'POST' \
\$postURL \
-H 'accept: application/json' \
-H 'Authorization: token $GITEA_PSW' \
-H 'Content-Type: multipart/form-data' \
-F "attachment=@\$fullfilename;type=application/nupkg"
releaseid=null
filename=null
fullfilename=null
noext=null
postURL=null
"""
dotnetNuGetPush(root: "./*.nupkg", source:"greyngitea", skipDuplicate:true)
}
}
}
post {
always {
cleanWs()
}
}
}

View File

@ -3,6 +3,7 @@ pipeline {
parameters {
string(name: 'svcname', description: "service name")
string(name: 'svcdesc', description: "service description")
boolean(name: 'database', description: "service has a database", defaultValue: false)
}
stages {
stage("type strengthening") {
@ -12,18 +13,24 @@ pipeline {
error("svcname mandatory")
}
}
//TODO: generate password for the service account
//TODO: generate password for prod DB
//TODO: generate password for dev DB
//TODO: save them somewhere. probably better to not lock myself out of these accounts from moment 0
}
}
stage("gitea project"){
steps{
script {
//TODO: clone _template-service
//TODO: if not database version, strip out database stuff
}
}
}
stage("service account"){
steps{
script {
//jenkins, the user trying to SSH, must be able to ssh in and sudo
ssh user@host username=$svcname svcpw=$ARG2 'echo "rootpass" | sudo -Sv && bash -s' << 'ENDSSH'
#commands to run on remote host
useradd -m -s /bin/bash $username
@ -32,6 +39,27 @@ pipeline {
}
}
}
stage("db init"){
when { expression { return params.database } }
steps {
//i'm pretty sure "update" with nothing will init?
//meaning we don't have to init, first update will init
script {
ssh user@host username=$svcname svcpw=$ARG2 'echo "rootpass" | sudo -Sv && bash -s' << 'ENDSSH'
sudo -u postgres psql
postgres=# create database mydb;
postgres=# create user myuser with encrypted password 'mypass';
postgres=# grant all privileges on database mydb to myuser;
postgres=# create database mydb_dev;
postgres=# create user myuser_dev with encrypted password 'myotherpass';
postgres=# grant all privileges on database mydb_dev to myuser_dev;
ENDSSH
}
}
}
stage("initial service setup"){
steps{
script {