nhyatt/build-containers
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2025-03-20. You can view files and clone it, but cannot push or open issues or pull requests.
build-containers/nordvpn-autoconfigure.jenkins
nhyatt 3f9914c2b3
adds missing comma
2025-01-02 20:20:10 -06:00

201 lines
9.2 KiB
Groovy
Raw Permalink Blame History

#!groovy
def repository = "registry.c.test-chamber-13.lan"
def repositoryCreds = "harbor-repository-creds"
def workspace
def dockerFile
def nordCreds
def kubeNamespace
def kubeSecret
def nordURL
def openVPNConfig
def k8sSecret
def label = "kubernetes-${UUID.randomUUID().toString()}"
def templateName = "pipeline-worker"
pipeline {
agent {
kubernetes {
yaml functions.podYaml(
repo: repository,
templateName: templateName,
alpine: true
)
}
}
stages {
stage ('Initalize Jenkins') {
steps {
script {
workspace = pwd()
// jenkins secrets
nordCreds = "nordvpn-login-creds"
// kubernetes configuration
kubeNamespace = "dl-automation"
kubeSecret = "openvpn"
}
}
}
stage ('Prepare Values') {
steps {
container ('alpine') {
script {
retry(3) {
try {
// list of urls that return different nordVPN servers
def nordURLs = [
// canada
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=38&filters\\[servers_technologies\\]=5",
// denmark
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=58&filters\\[servers_technologies\\]=5",
// france
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=74&filters\\[servers_technologies\\]=5",
// germany
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=81&filters\\[servers_technologies\\]=5",
// ireland
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=10&filters\\[servers_technologies\\]=5",
// japan
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=108&filters\\[servers_technologies\\]=5",
// sweden
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=208&filters\\[servers_technologies\\]=5",
// switzerland
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=209&filters\\[servers_technologies\\]=5",
// mexico
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=140&filters\\[servers_technologies\\]=5",
// netherlands
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=153&filters\\[servers_technologies\\]=5",
// united kingdom
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=38&filters\\[servers_technologies\\]=5",
// united states
"https://api.nordvpn.com/v2/servers?limit=5&filters\\[country_id\\]=228&filters\\[servers_technologies\\]=5",
]
// randomly select one from the list
nordURL = nordURLs[Math.abs(new Random().nextInt() % [8])]
// install required components
script {
sh """
if [ ! -f "/usr/bin/curl" ] || [ ! -x "/usr/bin/curl" ]; then
apk add --no-cache curl
fi
if [ ! -f "/usr/bin/jq" ] || [ ! -x "/usr/bin/jq" ]; then
apk add --no-cache jq
fi
if [ ! -f "/bin/sed" ] || [ ! -x "/bin/sed" ]; then
apk add --no-cache sed
fi
"""
}
// get OpenVPN Configuration from NordVPN
openVPNConfig = sh(
returnStdout: true,
script: """# Get OpenVPN Config
curl \
--silent \
--location \
--fail \
"https://downloads.nordcdn.com/configs/files/ovpn_tcp/servers/\$(
curl \
--silent \
--location \
--fail \
'""" + nordURL + """' \
| jq \
--raw-output \
'.servers | ([ .[].load ] | min) as \$m | first(.[] | select(.load == \$m)) | .hostname' \
).tcp.ovpn" \
| sed \
--regexp-extended \
--expression='s/auth-user-pass/auth-user-pass \\/etc\\/openvpn\\/client\\/openvpn-credentials.txt/' \
| base64 -w 0
"""
)
// check for error
if (openVPNConfig.length() == 0 || openVPNConfig == "") {
throw new Exception(nordURL)
}
} catch(e) {
println(sprintf("Bad nordURL: %s", nordURL))
throw e
}
}
// Create K8S Secret
withCredentials(
[
string(
credentialsId: nordCreds,
variable: "NORD_CREDS",
)
]
) {
k8sSecret = """apiVersion: v1
kind: Secret
metadata:
name: """ + kubeSecret + """
namespace: """ + kubeNamespace + """
data:
openvpn-credentials.txt: """ + NORD_CREDS + """
nordvpn.com.tcp.ovpn: """ + openVPNConfig + """
"""
}
}
}
}
}
stage ('Update Secret') {
steps {
container ('alpine') {
script {
declarativeFunctions.createSecret(
kubeAuth: "k8s-dl-automation-access",
kubeURL: "https://k8s.test-chamber-13.lan:8043",
namespace: "dl-automation",
secret: k8sSecret
)
}
}
}
}
stage ('Read Secret') {
steps {
container ('alpine') {
script {
def result = declarativeFunctions.readSecret(
kubeAuth: "k8s-dl-automation-access",
kubeURL: "https://k8s.test-chamber-13.lan:8043",
namespace: "dl-automation",
secretName: "openvpn",
secretID: "nordvpn.com.tcp.ovpn"
)
if (result.length() == 0) {
throw new Exception("Secret is empty.")
}
}
}
}
}
stage ('Restart Pod') {
steps {
container ('alpine') {
script {
declarativeFunctions.deletePod(
kubeAuth: "k8s-dl-automation-access",
kubeURL: "https://k8s.test-chamber-13.lan:8043",
namespace: "dl-automation",
selector: "app=deluge"
)
}
}
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink