def label = "jenkins-${UUID.randomUUID().toString()}" def registry = "registry.c.test-chamber-13.lan" def alpineImage = "${registry}/library/alpine" def alpineTag = "latest" def kubectlCreds = "rancher-admin-token" def nordCreds = "nordvpn-login-creds" def nordURLs = [ // canada "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // france "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:74,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // gremany "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:81,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // japan "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:108,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // sweden "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:208,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // switzerland "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:209,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // netherlands "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:153,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", // united kingdom "https://nordvpn.com/wp-admin/admin-ajax.php?action=servers_recommendations&filters=\\{%22country_id%22:38,%22servers_groups%22:\\[15\\],%22servers_technologies%22:\\[5\\]\\}", ] def nordURL = nordURLs[Math.abs(new Random().nextInt() % [8])] def kubeNamespace = "dl-automation" def kubeSecret = "openvpn" podTemplate( label: label, name: "pipeline-worker", yaml: """--- apiVersion: v1 kind: Pod metadata: name: pipeline-worker spec: containers: - name: alpine imagePullPolicy: Always image: ${alpineImage}:${alpineTag} tty: true command: - /bin/sh """, ) { node (label) { def workspace = pwd() stage ("Update Secret") { container ("alpine") { sh """ apk add --no-cache curl jq sed KUBE_VERSION="\$(curl --location --silent https://dl.k8s.io/release/stable.txt)" curl \ --location \ --silent \ --output /usr/local/bin/kubectl \ "https://dl.k8s.io/release/\${KUBE_VERSION}/bin/linux/amd64/kubectl" chmod +x /usr/local/bin/kubectl """ withCredentials([string( credentialsId: nordCreds, variable: "NORD_CREDS", )]) { withKubeConfig([ credentialsId: kubectlCreds, serverUrl: "https://rancher.test-chamber-13.lan/k8s/clusters/c-mc9cq", namespace: "webservers" ]) { sh """ # Get OpenVPN Config OPENVPN_CONFIG="\$( curl \ --silent \ --location \ --fail \ "https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/\$( curl \ --silent \ --location \ --fail \ '""" + nordURL + """' \ | jq \ --raw-output \ '[.[] | select(.technologies[] | .identifier == "openvpn_tcp")][0] | .hostname' \ ).tcp.ovpn" \ | sed \ --regexp-extended \ --expression='s/auth-user-pass/auth-user-pass \\/etc\\/openvpn\\/client\\/openvpn-credentials.txt/' \ | base64 -w 0 )" printf '%s\n' \ "apiVersion: v1" \ "kind: Secret" \ "metadata:" \ " name: """ + kubeSecret + """" \ " namespace: """ + kubeNamespace + """" \ "data:" \ " openvpn-credentials.txt: \${NORD_CREDS}" \ " us5766.nordvpn.com.tcp.ovpn: \${OPENVPN_CONFIG}" > /tmp/openvpn-secret.kubectl kubectl apply --namespace """ + kubeNamespace + """ -f /tmp/openvpn-secret.kubectl for i in \$(kubectl get pods --namespace """ + kubeNamespace + """ --selector app="deluge" -o name); do kubectl delete --namespace """ + kubeNamespace + """ \${i} done """ } } } } } }