greyn/deployment
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Compare commits

base: greyn:main
Branches Tags
greyn:main
greyn:service
greyn:release
greyn:predev
greyn:1
..
compare: greyn:predev
Branches Tags
greyn:service
greyn:main
greyn:release
greyn:predev
greyn:1

No commits in common. "main" and "predev" have entirely different histories.
main ... predev

6 changed files with 2 additions and 174 deletions
Show Stats Expand all files Collapse all files

5
Deployment/Deployment.csproj
View File

@ -1,11 +1,9 @@
<Project Sdk="Microsoft.NET.Sdk"> <Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup> <PropertyGroup>
<TargetFramework>net7.0</TargetFramework> <TargetFramework>net8.0</TargetFramework>
<ImplicitUsings>enable</ImplicitUsings> <ImplicitUsings>enable</ImplicitUsings>
<Nullable>enable</Nullable> <Nullable>enable</Nullable>
<IsPackable>true</IsPackable>
<Version>0.0.1</Version>
</PropertyGroup> </PropertyGroup>
<ItemGroup> <ItemGroup>
@ -15,4 +13,5 @@
<InternalsVisibleTo Include="deployment.tests" /> <InternalsVisibleTo Include="deployment.tests" />
</ItemGroup> </ItemGroup>
</Project> </Project>

78
Jenkinsfile vendored
View File

@ -1,78 +0,0 @@
pipeline {
agent any
stages {
stage('nuget pack'){
steps{
dotnetPack(outputDirectory: "./", project: "Deployment/Deployment.csproj")
}
}
stage('build numberify'){
steps{
//sed -i 's/<Version>\\([0-9]\\+\\.[0-9]\\)\\.[0-9]\\+<\\/Version>/<Version>\\1.$BUILD_NUMBER<\\/Version>/' nugettest/nugettest.csproj
sh """
filename=\$(ls ./*.nupkg | head -1)
fullfilename=\$(basename -- \$filename)
noext=\${fullfilename%.*}
mv "\$filename" \$noext-\$BUILD_NUMBER.nupkg
filename=null
fullfilename=null
noext=null
"""
}
}
stage('release'){
when {
branch "release"
}
environment {
GITEA = credentials('0bd7c8f5-046c-44b9-9c77-7a28a219ae31')
}
steps{
sh """
filename=\$(ls ./*.nupkg | head -1)
fullfilename=\$(basename -- \$filename)
noext=\${fullfilename%.*}
curl -X 'POST' \
-o release.json \
'https://gitea.arg.rip/api/v1/repos/greyn/deployment/releases' \
-H 'accept: application/json' \
-H 'Authorization: token $GITEA_PSW' \
-H 'Content-Type: application/json' \
-d '{
"body": "automatic build at '"\$(date)"'",
"draft": false,
"name": "$BUILD_NUMBER",
"prerelease": false,
"tag_name": "$BUILD_NUMBER",
"target_commitish": "$GIT_COMMIT"
}'
cat release.json
releaseid=\$(cat release.json | jq .id)
postURL="https://gitea.arg.rip/api/v1/repos/greyn/deployment/releases/\$releaseid/assets?name=\$noext"
curl -X 'POST' \
\$postURL \
-H 'accept: application/json' \
-H 'Authorization: token $GITEA_PSW' \
-H 'Content-Type: multipart/form-data' \
-F "attachment=@\$fullfilename;type=application/nupkg"
releaseid=null
filename=null
fullfilename=null
noext=null
postURL=null
"""
dotnetNuGetPush(root: "./*.nupkg", source:"greyngitea", skipDuplicate:true)
}
}
}
post {
always {
cleanWs()
}
}
}

90
scripts/1clickservice.groovy
View File

@ -1,90 +0,0 @@
pipeline {
agent any
parameters {
string(name: 'servicename', description: "service name")
string(name: 'svcdesc', description: "service description")
boolean(name: 'database', description: "service has a database", defaultValue: true)
}
environment {
pw_linuxserviceaccount=""
pw_productiondatabase=""
pw_developmentdatabase=""
ALLOCES = credentials('//TODO: its usually a uuid')
}
stages {
stage("type strengthening") {
steps {
script {
if (servicename.isEmpty()) {
error("servicename mandatory")
}
if (servicename.contains(' ')) {
error("servicename cannot have spaces. try dashes.")
}
sh env.pw_linuxserviceaccount=$(mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
sh env.pw_productiondatabase=$(mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
sh env.pw_developmentdatabase=$(mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
//TODO: save them somewhere. probably better to not lock myself out of these accounts from moment 0
}
}
}
stage("gitea project"){
steps{
//TODO: clone _template-service. Must be under greyn.
//TODO: if not database version, strip out database stuff
}
}
stage("jenkins pipeline"){
steps{
//TODO: tell jenkins to scan greyn pipeline
//TODO: find this new service in jenkins
//TODO: add the shared secrets to jenkins
}
}
stage("service account"){
steps{
script {
//jenkins, the user trying to SSH, must be able to ssh in and sudo
ssh user@host username=$servicename password=${env.pw_linuxserviceaccount} 'echo "$ALLOCES_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
useradd -m -s /bin/bash $username
echo "$username:$password" | chpasswd
loginctl enable-linger $username
ENDSSH
}
}
}
stage("db init"){
when { expression { return params.database } }
steps {
//i'm pretty sure "update" with nothing will init?
//meaning we don't have to init, first update will init
script {
ssh user@host servicename=$servicename pw_productiondatabase=${env.pw_productiondatabase} pw_developmentdatabase=${env.pw_developmentdatabase} 'echo "$ALLOCES_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
sudo -u postgres psql && bash -s << 'ENDPSQL'
create database $servicename;
create user $servicename with encrypted password '$pw_productiondatabase';
grant all privileges on database $servicename to $servicename;
ENDPSQL
service_dev="${servicename}_dev"
sudo -u postgres psql && bash -s << 'ENDPSQL'
create database $service_dev;
create user $service_dev with encrypted password '$pw_developmentdatabase';
grant all privileges on database $service_dev to $service_dev;
ENDPSQL
ENDSSH
}
}
}
stage("initial service setup"){
steps{
sh 'scp $servicename.service user@server:~/.config/systemd/user/$servicename.service'
ssh user@host servicename=$servicename svcpw=$ARG2 'echo "$ALLOCES_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
systemctl --user daemon-reload
systemctl --user enable $servicename.service
ENDSSH
}
}
}
}

1
scripts/beefhaving_video.groovy
View File

@ -1 +0,0 @@
//TODO

1
scripts/dotnet_binary.groovy
View File

@ -1 +0,0 @@
//TODO

1
scripts/nupkg.groovy
View File

@ -1 +0,0 @@
//TODO