attempt to simplify
This commit is contained in:
parent
bb8764e0b7
commit
9efb546e55
GPG Key ID:
C50D0BBB5BC40BEA
@ -1,13 +1,16 @@
|
||||
def label = "jenkins-${UUID.randomUUID().toString()}"
|
||||
#!groovy
|
||||
|
||||
def registry = "registry.c.test-chamber-13.lan"
|
||||
// repository configuration
|
||||
def repository = "registry.c.test-chamber-13.lan"
|
||||
|
||||
def alpineImage = "${registry}/library/alpine"
|
||||
def alpineTag = "latest"
|
||||
|
||||
def kubectlCreds = "k8s-dl-automation-access"
|
||||
// jenkins secrets
|
||||
def nordCreds = "nordvpn-login-creds"
|
||||
|
||||
// kubernetes configuration
|
||||
def kubeNamespace = "dl-automation"
|
||||
def kubeSecret = "openvpn"
|
||||
|
||||
// list of urls that return different nordVPN servers
|
||||
def nordURLs = [
|
||||
// canada
|
||||
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
|
||||
@ -26,59 +29,12 @@ def nordURLs = [
|
||||
// united kingdom
|
||||
"https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}",
|
||||
]
|
||||
// randomly select one from the list
|
||||
def nordURL = nordURLs[Math.abs(new Random().nextInt() % [8])]
|
||||
|
||||
def kubeNamespace = "dl-automation"
|
||||
def kubeSecret = "openvpn"
|
||||
|
||||
podTemplate(
|
||||
label: label,
|
||||
name: "pipeline-worker",
|
||||
yaml: """---
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: pipeline-worker
|
||||
spec:
|
||||
containers:
|
||||
- name: alpine
|
||||
imagePullPolicy: Always
|
||||
image: ${alpineImage}:${alpineTag}
|
||||
tty: true
|
||||
command:
|
||||
- /bin/sh
|
||||
""",
|
||||
) {
|
||||
node (label) {
|
||||
def workspace = pwd()
|
||||
|
||||
stage ("Update Secret") {
|
||||
container ("alpine") {
|
||||
sh """
|
||||
apk add --no-cache curl jq sed
|
||||
KUBE_VERSION="\$(curl --location --silent https://dl.k8s.io/release/stable.txt)"
|
||||
curl \
|
||||
--location \
|
||||
--silent \
|
||||
--output /usr/local/bin/kubectl \
|
||||
"https://dl.k8s.io/release/\${KUBE_VERSION}/bin/linux/amd64/kubectl"
|
||||
chmod +x /usr/local/bin/kubectl
|
||||
"""
|
||||
|
||||
withCredentials([string(
|
||||
credentialsId: nordCreds,
|
||||
variable: "NORD_CREDS",
|
||||
)]) {
|
||||
|
||||
withKubeConfig([
|
||||
credentialsId: kubectlCreds,
|
||||
serverUrl: "https://kubernetes.test-chamber-13.lan:6443",
|
||||
namespace: kubeNamespace
|
||||
]) {
|
||||
sh """
|
||||
# Get OpenVPN Config
|
||||
OPENVPN_CONFIG="\$(
|
||||
curl \
|
||||
// script used to retrieve a nordVPN OpenVPN configuration from NordVPN
|
||||
def openVPNConfigScript = """# Get OpenVPN Config
|
||||
curl \
|
||||
--silent \
|
||||
--location \
|
||||
--fail \
|
||||
@ -96,25 +52,77 @@ spec:
|
||||
--regexp-extended \
|
||||
--expression='s/auth-user-pass/auth-user-pass \\/etc\\/openvpn\\/client\\/openvpn-credentials.txt/' \
|
||||
| base64 -w 0
|
||||
)"
|
||||
printf '%s\n' \
|
||||
"apiVersion: v1" \
|
||||
"kind: Secret" \
|
||||
"metadata:" \
|
||||
" name: """ + kubeSecret + """" \
|
||||
" namespace: """ + kubeNamespace + """" \
|
||||
"data:" \
|
||||
" openvpn-credentials.txt: \${NORD_CREDS}" \
|
||||
" us5766.nordvpn.com.tcp.ovpn: \${OPENVPN_CONFIG}" > /tmp/openvpn-secret.kubectl
|
||||
"""
|
||||
|
||||
kubectl apply --namespace """ + kubeNamespace + """ -f /tmp/openvpn-secret.kubectl
|
||||
for i in \$(kubectl get pods --namespace """ + kubeNamespace + """ --selector app="deluge" -o name); do
|
||||
kubectl delete --namespace """ + kubeNamespace + """ \${i}
|
||||
done
|
||||
def label = "kubernetes-${UUID.randomUUID().toString()}"
|
||||
def templateName = "pipeline-worker"
|
||||
podTemplate(
|
||||
label: label,
|
||||
name: templateName,
|
||||
yaml: functions.podYaml(
|
||||
repo: repository,
|
||||
templateName: templateName,
|
||||
alpine: true
|
||||
)
|
||||
) {
|
||||
node (label) {
|
||||
def workspace = pwd()
|
||||
def openVPNConfig
|
||||
|
||||
stage ("Prepare Container") {
|
||||
container ("alpine") {
|
||||
sh """
|
||||
apk add --no-cache curl jq sed
|
||||
KUBE_VERSION="\$(curl --location --silent https://dl.k8s.io/release/stable.txt)"
|
||||
curl \
|
||||
--location \
|
||||
--silent \
|
||||
--output /usr/local/bin/kubectl \
|
||||
"https://dl.k8s.io/release/\${KUBE_VERSION}/bin/linux/amd64/kubectl"
|
||||
chmod +x /usr/local/bin/kubectl
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
stage ("Get Remote OpenVPN Config") {
|
||||
container ("alpine") {
|
||||
openVPNConfig = sh(
|
||||
returnStdout: true,
|
||||
script: openVPNConfigScript
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
stage ("Compile Secret") {
|
||||
def k8sSecret
|
||||
withCredentials([string(
|
||||
credentialsId: nordCreds,
|
||||
variable: "NORD_CREDS",
|
||||
)]) {
|
||||
k8sSecret = """apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: """ + kubeSecret + """
|
||||
namespace: """ + kubeNamespace + """
|
||||
data:
|
||||
openvpn-credentials.txt: """ + NORD_CREDS + """
|
||||
nordvpn.com.tcp.ovpn: """ + openVPNConfig + """
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
functions.createSecret(
|
||||
kubeAuth: "k8s-dl-automation-access",
|
||||
kubeURL: "https://kubernetes.test-chamber-13.lan:6443",
|
||||
namespace: "dl-automation",
|
||||
secret: k8sSecret
|
||||
)
|
||||
|
||||
functions.deletePod(
|
||||
kubeAuth: "k8s-dl-automation-access",
|
||||
kubeURL: "https://kubernetes.test-chamber-13.lan:6443",
|
||||
namespace: "dl-automation",
|
||||
selector: "app=deluge"
|
||||
)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user