future scripts

i think I have it mostly figured out, still TODOs
more elaboration, still full of TODO's
2024-11-17 15:02:19 -05:00 · 2024-11-17 15:01:57 -05:00 · 2024-11-17 13:24:01 -05:00 · 2024-11-16 23:12:08 -05:00 · 2024-11-16 22:50:41 -05:00
4 changed files with 93 additions and 0 deletions
--- a/scripts/1clickservice.groovy
+++ b/scripts/1clickservice.groovy
@ -0,0 +1,90 @@
 pipeline {
    agent any 
    parameters { 
        string(name: 'servicename', description: "service name")
        string(name: 'svcdesc', description: "service description")
        boolean(name: 'database', description: "service has a database", defaultValue: true)
    }
    environment {
        pw_linuxserviceaccount=""
        pw_productiondatabase=""
        pw_developmentdatabase=""
        ALLOCES = credentials('//TODO: its usually a uuid')
    }
    stages {
        stage("type strengthening") {
            steps {
                script {
                    if (servicename.isEmpty()) {
                        error("servicename mandatory")
                    }
                    if (servicename.contains(' ')) {
                        error("servicename cannot have spaces. try dashes.")
                    }
                    sh env.pw_linuxserviceaccount=$(mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
                    sh env.pw_productiondatabase=$(mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
                    sh env.pw_developmentdatabase=$(mktemp -u XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX)
                    //TODO: save them somewhere. probably better to not lock myself out of these accounts from moment 0 
                }
            }
        }
        stage("gitea project"){
            steps{
                //TODO: clone _template-service. Must be under greyn.
                //TODO: if not database version, strip out database stuff
            }
        }
        stage("jenkins pipeline"){
            steps{
                //TODO: tell jenkins to scan greyn pipeline
                //TODO: find this new service in jenkins
                //TODO: add the shared secrets to jenkins
            }
        }
        stage("service account"){
            steps{
                script {
                    //jenkins, the user trying to SSH, must be able to ssh in and sudo
                    ssh user@host username=$servicename password=${env.pw_linuxserviceaccount} 'echo "$ALLOCES_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
                        useradd -m -s /bin/bash $username
                        echo "$username:$password" | chpasswd
                        loginctl enable-linger $username
                    ENDSSH
                }
            }
        }
        stage("db init"){
            when { expression { return params.database } }
            steps {
                //i'm pretty sure "update" with nothing will init? 
                //meaning we don't have to init, first update will init
                script {
                    ssh user@host servicename=$servicename pw_productiondatabase=${env.pw_productiondatabase} pw_developmentdatabase=${env.pw_developmentdatabase} 'echo "$ALLOCES_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
                        sudo -u postgres psql && bash -s << 'ENDPSQL'
                            create database $servicename;
                            create user $servicename with encrypted password '$pw_productiondatabase';
                            grant all privileges on database $servicename to $servicename;
                        ENDPSQL
                        service_dev="${servicename}_dev"
                        sudo -u postgres psql && bash -s << 'ENDPSQL'
                            create database $service_dev;
                            create user $service_dev with encrypted password '$pw_developmentdatabase';
                            grant all privileges on database $service_dev to $service_dev;
                        ENDPSQL
                    ENDSSH
                }
            }
        }
        stage("initial service setup"){
            steps{
                sh 'scp $servicename.service user@server:~/.config/systemd/user/$servicename.service'
                ssh user@host servicename=$servicename svcpw=$ARG2 'echo "$ALLOCES_PSW" | sudo -Sv && bash -s' << 'ENDSSH'
                    systemctl --user daemon-reload
                    systemctl --user enable $servicename.service
                ENDSSH
            }
        }
    }
 }
--- a/scripts/beefhaving_video.groovy
+++ b/scripts/beefhaving_video.groovy
@ -0,0 +1 @@
 //TODO
--- a/scripts/dotnet_binary.groovy
+++ b/scripts/dotnet_binary.groovy
@ -0,0 +1 @@
 //TODO
--- a/scripts/nupkg.groovy
+++ b/scripts/nupkg.groovy
@ -0,0 +1 @@
 //TODO
Author	SHA1	Message	Date
adam	25a2dc093e	future scripts All checks were successful gitea.arg.rip/deployment/pipeline/head This commit looks good Details	2024-11-17 15:02:19 -05:00
adam	b297a2345a	i think I have it mostly figured out, still TODOs	2024-11-17 15:01:57 -05:00
adam	c8b9a5cf0f	more elaboration, still full of TODO's All checks were successful gitea.arg.rip/deployment/pipeline/head This commit looks good Details	2024-11-17 13:24:01 -05:00
adam	563fae4908	Merge branch 'release'	2024-11-16 23:12:08 -05:00
adam	3b618d07d5	project 1click service is approaching	2024-11-16 22:50:41 -05:00