LM
/
nwl-ci
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nwl-ci/playbooks/getting_started/setup-nwl-jenkins.yaml

82 lines
4.1 KiB
YAML
Raw Blame History

- name: Setup Jenkins Instance
hosts: "{{ target }}"
gather_facts: false
vars:
root_path: "~/nwl-ci"
git_ssh_keyname: "testvm_ed25519"
git_ssh_pw: !vault |
$ANSIBLE_VAULT;1.1;AES256
61323235356163363166663139613464303262333231656236313335313133373330316431333139
3135643639363966653938663666653831393132633765340a306665393864343466376637386661
39353535616366393631333161613065356666626266396138633866346462316365663339613263
6564643935326565630a386266376230613230336564363066373730363239303763663666363462
35353634626464656436633165316336323839616463333064633363306337353534
nexus_pw: !vault |
$ANSIBLE_VAULT;1.1;AES256
31383362376639616336323766366261303531366434343435626333306337393237396339656133
6432323230653332653939633964636537353434643931650a313335313962313264643239613466
37393737316636646237653333316231373430366134623237323634366164363234626464613831
3438616463633162630a343631363762616531396535333465363539353831646234623464666265
6136
jk_admin_pw: !vault |
$ANSIBLE_VAULT;1.1;AES256
34353166656466343735353337303439353964393932376166636564396132653763663030666563
6634316263636461396435313232313063393132626462350a333231383662633639376462353032
64356565626261653430306564373533663463386531636337343666373634313139393339336563
3337353435643261380a313533663332646634653363343233663564666235626137346563353433
33313763353739616531303764393135363733633637653935366661623230643238
jk_dev_pw: !vault |
$ANSIBLE_VAULT;1.1;AES256
62613264353836383332333761333962343737336162653730353463363535303566323063313437
3131343036383763353639336532383232626364333366330a646563363466393031613839656565
36323934633132353464613862326634313266663366346634323837396163666234346431393065
6166363132333835310a613838326263363762616231656532633530393565396137356435343761
6262
tasks:
- name: Setup the Base Directories for the Jenkins docker environment
ansible.builtin.shell: |
mkdir -p jenkins_home
mkdir -p secrets/pw
mkdir -p secrets/.cacerts
mkdir -p secrets/.ssh
mkdir -p yocto-downloads
args:
chdir: "{{root_path}}"
executable: /bin/bash
- name: Prepare the Jenkins docker environment content
ansible.builtin.shell: |
echo -n "{{git_ssh_pw}}" > ./pw/gitSsh
echo -n "{{nexus_pw}}" > ./pw/nexusUser
echo -n "{{jk_admin_pw}}" > ./pw/jenkinsUserAdmin
echo -n "{{jk_dev_pw}}" > ./pw/jenkinsUserDeveloper
cat ~/.ssh/{{git_ssh_keyname}} > ./.ssh/{{git_ssh_keyname}}
cat ~/.ssh/{{git_ssh_keyname}}.pub > ./.ssh/{{git_ssh_keyname}}.pub
cat .ssh/testvm_ed25519.pub > ./.ssh/authorized_keys
ssh-keyscan -p 7999 -t rsa bitbucket.gad.local > ./.ssh/known_hosts 2>/dev/null
args:
chdir: "{{root_path}}/secrets"
executable: /bin/bash
- name: Get a java truststore
ansible.builtin.shell: |
containerId=$(docker create jenkins:nwl-0.0.3)
docker cp "$containerId":/opt/java/openjdk/lib/security/cacerts ../secrets/.cacerts/
docker rm "$containerId"
args:
chdir: "{{root_path}}/docker"
executable: /bin/bash
- name: Setup trust store containing Belden root CA in Jenkins
ansible.builtin.shell: |
curl -sSL https://platform-nas.gad.local/K-Stufen/cert/Belden-Global-Root-CA.crt -o secrets/.cacerts/rootCA_Belden.crt
docker-compose up --build -d
sleep 30s
docker-compose logs | grep "Jenkins is fully up and running"
if [[ $? != 0 ]]; then
echo "FAILED to bring Jenkins up --> check docker-compose logs"
else
docker exec -it $(docker ps | grep jenkins:nwl | cut -d' ' -f1) /bin/bash -c 'keytool -keystore /var/jenkins_home/.cacerts/cacerts -import -alias "Belden Root CA" -file /var/jenkins_home/.cacerts/rootCA_Belden.crt -noprompt -storepass changeit'
fi
docker-compose down
args:
chdir: "{{root_path}}"
executable: /bin/bash
Reference in New Issue View Git Blame Copy Permalink