Skip to content
Permalink
Browse files

Merge branch 'grouper-refactor' into grouper-production

  • Loading branch information
Jim Van Fleet
Jim Van Fleet committed Sep 6, 2016
2 parents b716982 + ff47790 commit 4ff5742260c299f4948d19d917f15ad53acb5773
Showing with 135 additions and 118 deletions.
  1. +69 −111 Jenkinsfile
  2. +26 −0 bin/perms.sh
  3. +6 −4 grouper-appliance.json
  4. +29 −0 shibboleth-appliance-aws.json
  5. +5 −3 shibboleth-appliance.json
@@ -1,131 +1,81 @@
#!groovy
// pipeline file for building appliances

echo "My Branch is: ${env.BRANCH_NAME}"

BRANCH_TEST = "${env.BRANCH_NAME}"

if (BRANCH_TEST=="shibboleth-production"){
node('packer') {
currentBuild.result = "SUCCESS"

try {
stage 'Cleanup & Setup'
sh 'rm -rf output-shibboleth-*'
sh 'rm -rf "/Users/levvel/VirtualBox VMs/shibboleth-appliance-*"'
sh 'rm -rf builds'
sh 'mkdir -p builds'

withCredentials([[$class: 'FileBinding', credentialsId: 'tier-aws-config', variable: 'FILE']]) {
ws {
sh 'mkdir -p ~/.aws'
sh 'cp $FILE ~/.aws/config'
}
}

withCredentials([[$class: 'FileBinding', credentialsId: 'tier-aws-credentials', variable: 'FILE']]) {
ws {
sh 'mkdir -p ~/.aws'
sh 'cp $FILE ~/.aws/credentials'
}
}

stage 'Checkout'

checkout scm

stage 'Acquire ansible-playbooks'

sh 'mkdir -p ansible-playbooks'
dir('ansible-playbooks'){
git([ url: "https://github.internet2.edu/docker/ansible-playbooks.git",
branch: "shibboleth-production", credentialsId: "jenkins-github-access-token" ])
}

stage 'Validate'

sh '/usr/local/bin/packer validate shibboleth-appliance.json'

stage 'Build Appliance - Shibboleth'

sh '/usr/local/bin/packer build shibboleth-appliance.json'

stage 'Sync appliances to S3 bucket'

sh 'aws s3 sync builds s3://internet2-tier-appliance-us-west-1'

slackSend color: 'good', message: "BUILD SUCCESS: Shibboleth Appliance build success. ${env.JOB_NAME} ${env.BUILD_NUMBER} (<${env.BUILD_URL} |Open>)"
node('packer') {
currentBuild.result = "SUCCESS"

stage 'Appliance build'
echo "My Branch is: ${env.BRANCH_NAME}"

BRANCH_TEST = "${env.BRANCH_NAME}"

if (BRANCH_TEST=="shibboleth-production"){
performBuild("shibboleth")
} else if (BRANCH_TEST=="grouper-production"){
performBuild("grouper")
} else if (BRANCH_TEST=="comanage-production"){
performBuild("comanage")
}

}

def performBuild(String project){
try {
stage 'Cleanup & Setup'
sh "rm -rf output-${project}-*"
sh "rm -rf \"/Users/levvel/VirtualBox VMs/${project}-appliance-*\""
sh 'rm -rf builds'
sh 'mkdir -p builds'

withCredentials([[$class: 'FileBinding', credentialsId: 'tier-aws-config', variable: 'FILE']]) {
ws {
sh 'mkdir -p ~/.aws'
sh 'cp $FILE ~/.aws/config'
}
}

catch (err) {
currentBuild.result = "FAILURE"

slackSend color: 'danger', message: "BUILD ERROR: There was a problem with Shibboleth Appliance. ${env.JOB_NAME} ${env.BUILD_NUMBER} (<${env.BUILD_URL} |Open>) \n\n ${err}"

throw err
withCredentials([[$class: 'FileBinding', credentialsId: 'tier-aws-credentials', variable: 'FILE']]) {
ws {
sh 'mkdir -p ~/.aws'
sh 'cp $FILE ~/.aws/credentials'
}
}
}
} else if (BRANCH_TEST=="comanage-production"){
node('packer') {
currentBuild.result = "SUCCESS"

try {
stage 'Cleanup & Setup '
sh 'rm -rf output-comanage-*'
sh 'rm -rf "/Users/levvel/VirtualBox VMs/comange-appliance-*"'
sh 'rm -rf builds'
sh 'mkdir -p builds'

withCredentials([[$class: 'FileBinding', credentialsId: 'tier-aws-config', variable: 'FILE']]) {
ws {
sh 'mkdir -p ~/.aws'
sh 'cp $FILE ~/.aws/config'
}
}
stage 'Checkout'

withCredentials([[$class: 'FileBinding', credentialsId: 'tier-aws-credentials', variable: 'FILE']]) {
ws {
sh 'mkdir -p ~/.aws'
sh 'cp $FILE ~/.aws/credentials'
}
}
checkout scm

stage 'Checkout'
stage 'Acquire ansible-playbooks'

checkout scm

stage 'Acquire ansible-playbooks'

sh 'mkdir -p ansible-playbooks'
dir('ansible-playbooks'){
git([ url: "https://github.internet2.edu/docker/ansible-playbooks.git",
branch: "comanage-production", credentialsId: "jenkins-github-access-token" ])
}
sh 'mkdir -p ansible-playbooks'
dir('ansible-playbooks'){
git([ url: "https://github.internet2.edu/docker/ansible-playbooks.git",
branch: "{{project}}-production", credentialsId: "jenkins-github-access-token" ])
}

stage 'Validate'
stage 'Validate'

sh '/usr/local/bin/packer validate comange-appliance.json'
sh "/usr/local/bin/packer validate {{project}}-appliance.json"

stage 'Build Appliance - Comanage'
stage 'Build Appliance'

sh '/usr/local/bin/packer build comanage-appliance.json'
sh "/usr/local/bin/packer build {{project}}-appliance.json"

stage 'Sync appliances to S3 bucket'
stage 'Sync appliances to S3 bucket'

sh 'aws s3 sync builds s3://internet2-tier-appliance-us-west-1'
sh "aws s3 sync builds s3://internet2-tier-appliance-us-west-1"

stage 'Publish results'

sh "bin/perms.sh > results.txt"

slackSend color: 'good', message: "BUILD SUCCESS: Comanage Appliance build success. ${env.JOB_NAME} ${env.BUILD_NUMBER} (<${env.BUILD_URL} |Open>)"
slackSend color: 'good', message: "BUILD SUCCESS: Shibboleth Appliance build success. ${env.JOB_NAME} ${env.BUILD_NUMBER} (<${env.BUILD_URL} |Open>)"

slackSend color: 'good', message: readFile('./results.txt')

sh "rm results.txt"

}

catch (err) {
currentBuild.result = "FAILURE"

slackSend color: 'danger', message: "BUILD ERROR: There was a problem with Comanage Appliance. ${env.JOB_NAME} ${env.BUILD_NUMBER} (<${env.BUILD_URL} |Open>) \n\n ${err}"
}

throw err
}
catch (err) {
handleError("BUILD ERROR: There was a problem with ${project} Appliance. ${env.JOB_NAME} ${env.BUILD_NUMBER} (<${env.BUILD_URL} |Open>) \n\n ${err}")
}
} else if (BRANCH_TEST=="grouper-production") {
node('packer') {
@@ -189,3 +139,11 @@ if (BRANCH_TEST=="shibboleth-production"){
}
}
}

def handleError(String message){
echo "${message}"
currentBuild.setResult("FAILED")
slackSend color: 'danger', message: "${message}"
//step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: 'chris.bynum@levvel.io', sendToIndividuals: true])
sh 'exit 1'
}
@@ -0,0 +1,26 @@
#!/bin/bash

aws_acct_id="823003027569"
bucket="internet2-tier-appliance-us-west-1"
vagrant_key=$(aws s3api list-objects-v2 --bucket $bucket --query 'reverse(sort_by(Contents[?contains(Key, `vagrant`)], &LastModified))[0].[Key]' --output text | tr -d '\n' )
ova_key=$(aws s3api list-objects-v2 --bucket $bucket --query 'reverse(sort_by(Contents[?contains(Key, `ova`)], &LastModified))[0].[Key]' --output text | tr -d '\n' )

echo "Found $vagrant_key"
aws s3api put-object-acl --bucket $bucket --key $vagrant_key --acl public-read

echo "(https://s3-us-west-1.amazonaws.com/$bucket/$vagrant_key)"

echo $(md5 builds/$vagrant_key)

echo "Found $ova_key"
aws s3api put-object-acl --bucket $bucket --key $ova_key --acl public-read

echo "(https://s3-us-west-1.amazonaws.com/$bucket/$ova_key)"

echo $(md5 builds/$ova_key)

ami_id=$(aws ec2 describe-images --owners $aws_acct_id --query 'reverse(sort_by(Images[?starts_with(Name, `import-ami`)], &CreationDate))[0].[ImageId]' --output text | tr -d '\n' )
echo "Publishing $ami_id to $aws_acct_id"

aws ec2 modify-image-attribute --image-id $ami_id --launch-permission "{\"Add\":[{\"UserId\":\"$aws_acct_id\"}]}"

@@ -4,8 +4,9 @@
"variables": {
"profile": "xfs",
"disk_size": "8192",
"memory": "6122",
"cpus": "2",
"memory": "2048",
"cpus": "1",
"guest_os_type": "RedHat_64",
"ssh_username": "centos",
"ssh_password": "centos",
"region": "us-west-1",
@@ -39,7 +40,8 @@
"disk_size": "{{user `disk_size`}}",
"vboxmanage": [
["modifyvm", "{{.Name}}", "--memory", "{{user `memory`}}"],
["modifyvm", "{{.Name}}", "--cpus", "{{user `cpus`}}"]
["modifyvm", "{{.Name}}", "--cpus", "{{user `cpus`}}"],
["modifyvm", "{{.Name}}", "--ostype", "{{user `guest_os_type`}}"]
],
"iso_url": "http://mirror.vcu.edu/pub/gnu+linux/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1511.iso",
"iso_checksum": "f90e4d28fa377669b2db16cbcb451fcb9a89d2460e3645993e30e137ac37d284",
@@ -73,7 +75,7 @@
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "{{user `region`}}",
"s3_bucket_name": "internet2-ami-import-us-west-1",
"s3_bucket_name": "internet2-tier-ami-import-us-west-1",
"tags": {
"Description": "packer amazon-import-grouper-appliance {{user `timestamper`}}"
}
@@ -0,0 +1,29 @@
{
"min_packer_version": "0.8.6",
"description": "Shibboleth appliance ",
"variables": {
"region": "us-west-1",
"timestamper": "{{timestamp}}"
},
"provisioners": [
{
"type": "ansible",
"playbook_file": "ansible-playbooks/shibboleth-appliance-vbox.yml",
"sftp_command": "/usr/libexec/sftp-server -e",
"ansible_env_vars": [ "ANSIBLE_HOST_KEY_CHECKING=False" ],
"user": "centos"
}
],
"builders": [
{
"type": "amazon-ebs",
"access_key": "AKIAJGTQSCEQTDCIUU6A",
"secret_key": "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",
"region": "us-west-1",
"source_ami": "ami-af4333cf",
"instance_type": "t2.large",
"ssh_username": "centos",
"ami_name": "shibboleth-idp {{timestamp}}"
}
]
}
@@ -4,8 +4,9 @@
"variables": {
"profile": "xfs",
"disk_size": "8192",
"memory": "6122",
"cpus": "2",
"memory": "2048",
"cpus": "1",
"guest_os_type": "RedHat_64",
"ssh_username": "centos",
"ssh_password": "centos",
"region": "us-west-1",
@@ -39,7 +40,8 @@
"disk_size": "{{user `disk_size`}}",
"vboxmanage": [
["modifyvm", "{{.Name}}", "--memory", "{{user `memory`}}"],
["modifyvm", "{{.Name}}", "--cpus", "{{user `cpus`}}"]
["modifyvm", "{{.Name}}", "--cpus", "{{user `cpus`}}"],
["modifyvm", "{{.Name}}", "--ostype", "{{user `guest_os_type`}}"]
],
"iso_url": "http://mirror.vcu.edu/pub/gnu+linux/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1511.iso",
"iso_checksum": "f90e4d28fa377669b2db16cbcb451fcb9a89d2460e3645993e30e137ac37d284",

0 comments on commit 4ff5742

Please sign in to comment.
You can’t perform that action at this time.