nhyatt/build-containers
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

attempt to simplify

Browse Source
This commit is contained in:
Hyatt 2022-03-15 16:42:40 -05:00
parent bb8764e0b7
commit 9efb546e55
Signed by: nhyatt
GPG Key ID: C50D0BBB5BC40BEA
1 changed files with 86 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

164
nordvpn-autoconfigure.jenkins
View File

@ -1,13 +1,16 @@
def label = "jenkins-${UUID.randomUUID().toString()}" #!groovy
def registry = "registry.c.test-chamber-13.lan" // repository configuration
def repository = "registry.c.test-chamber-13.lan"
def alpineImage = "${registry}/library/alpine" // jenkins secrets
def alpineTag = "latest"
def kubectlCreds = "k8s-dl-automation-access"
def nordCreds = "nordvpn-login-creds" def nordCreds = "nordvpn-login-creds"
// kubernetes configuration
def kubeNamespace = "dl-automation"
def kubeSecret = "openvpn"
// list of urls that return different nordVPN servers
def nordURLs = [ def nordURLs = [
// canada // canada
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
@ -26,95 +29,100 @@ def nordURLs = [
// united kingdom // united kingdom
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
] ]
// randomly select one from the list
def nordURL = nordURLs[Math.abs(new Random().nextInt() % [8])] def nordURL = nordURLs[Math.abs(new Random().nextInt() % [8])]
def kubeNamespace = "dl-automation" // script used to retrieve a nordVPN OpenVPN configuration from NordVPN
def kubeSecret = "openvpn" def openVPNConfigScript = """# Get OpenVPN Config
curl \
--silent \
--location \
--fail \
"https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/\$(
curl \
--silent \
--location \
--fail \
'""" + nordURL + """' \
| jq \
--raw-output \
'[.[] | select(.technologies[] | .identifier == "openvpn_tcp")][0] | .hostname' \
).tcp.ovpn" \
| sed \
--regexp-extended \
--expression='s/auth-user-pass/auth-user-pass \\/etc\\/openvpn\\/client\\/openvpn-credentials.txt/' \
| base64 -w 0
"""
def label = "kubernetes-${UUID.randomUUID().toString()}"
def templateName = "pipeline-worker"
podTemplate( podTemplate(
label: label, label: label,
name: "pipeline-worker", name: templateName,
yaml: """--- yaml: functions.podYaml(
apiVersion: v1 repo: repository,
kind: Pod templateName: templateName,
metadata: alpine: true
name: pipeline-worker )
spec:
containers:
- name: alpine
imagePullPolicy: Always
image: ${alpineImage}:${alpineTag}
tty: true
command:
- /bin/sh
""",
) { ) {
node (label) { node (label) {
def workspace = pwd() def workspace = pwd()
def openVPNConfig
stage ("Update Secret") { stage ("Prepare Container") {
container ("alpine") { container ("alpine") {
sh """ sh """
apk add --no-cache curl jq sed apk add --no-cache curl jq sed
KUBE_VERSION="\$(curl --location --silent https://dl.k8s.io/release/stable.txt)" KUBE_VERSION="\$(curl --location --silent https://dl.k8s.io/release/stable.txt)"
curl \ curl \
--location \ --location \
--silent \ --silent \
--output /usr/local/bin/kubectl \ --output /usr/local/bin/kubectl \
"https://dl.k8s.io/release/\${KUBE_VERSION}/bin/linux/amd64/kubectl" "https://dl.k8s.io/release/\${KUBE_VERSION}/bin/linux/amd64/kubectl"
chmod +x /usr/local/bin/kubectl chmod +x /usr/local/bin/kubectl
""" """
withCredentials([string(
credentialsId: nordCreds,
variable: "NORD_CREDS",
)]) {
withKubeConfig([
credentialsId: kubectlCreds,
serverUrl: "https://kubernetes.test-chamber-13.lan:6443",
namespace: kubeNamespace
]) {
sh """
# Get OpenVPN Config
OPENVPN_CONFIG="\$(
curl \
--silent \
--location \
--fail \
"https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/\$(
curl \
--silent \
--location \
--fail \
'""" + nordURL + """' \
| jq \
--raw-output \
'[.[] | select(.technologies[] | .identifier == "openvpn_tcp")][0] | .hostname' \
).tcp.ovpn" \
| sed \
--regexp-extended \
--expression='s/auth-user-pass/auth-user-pass \\/etc\\/openvpn\\/client\\/openvpn-credentials.txt/' \
| base64 -w 0
)"
printf '%s\n' \
"apiVersion: v1" \
"kind: Secret" \
"metadata:" \
" name: """ + kubeSecret + """" \
" namespace: """ + kubeNamespace + """" \
"data:" \
" openvpn-credentials.txt: \${NORD_CREDS}" \
" us5766.nordvpn.com.tcp.ovpn: \${OPENVPN_CONFIG}" > /tmp/openvpn-secret.kubectl
kubectl apply --namespace """ + kubeNamespace + """ -f /tmp/openvpn-secret.kubectl
for i in \$(kubectl get pods --namespace """ + kubeNamespace + """ --selector app="deluge" -o name); do
kubectl delete --namespace """ + kubeNamespace + """ \${i}
done
"""
}
}
} }
} }
stage ("Get Remote OpenVPN Config") {
container ("alpine") {
openVPNConfig = sh(
returnStdout: true,
script: openVPNConfigScript
)
}
}
stage ("Compile Secret") {
def k8sSecret
withCredentials([string(
credentialsId: nordCreds,
variable: "NORD_CREDS",
)]) {
k8sSecret = """apiVersion: v1
kind: Secret
metadata:
name: """ + kubeSecret + """
namespace: """ + kubeNamespace + """
data:
openvpn-credentials.txt: """ + NORD_CREDS + """
nordvpn.com.tcp.ovpn: """ + openVPNConfig + """
"""
}
}
functions.createSecret(
kubeAuth: "k8s-dl-automation-access",
kubeURL: "https://kubernetes.test-chamber-13.lan:6443",
namespace: "dl-automation",
secret: k8sSecret
)
functions.deletePod(
kubeAuth: "k8s-dl-automation-access",
kubeURL: "https://kubernetes.test-chamber-13.lan:6443",
namespace: "dl-automation",
selector: "app=deluge"
)
} }
} }