From efc569e47fc73004c3d6f98b03ffefaadc80d725 Mon Sep 17 00:00:00 2001 From: Sylvain Gibier Date: Fri, 16 Jun 2023 11:45:25 +0200 Subject: [PATCH] wip - refactoring --- Jenkinsfile | 159 --------------------- environments/aws/eu-west-1/int/Jenkinsfile | 152 ++++++++++++++++++++ 2 files changed, 152 insertions(+), 159 deletions(-) delete mode 100644 Jenkinsfile create mode 100644 environments/aws/eu-west-1/int/Jenkinsfile diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index 7e8b243..0000000 --- a/Jenkinsfile +++ /dev/null @@ -1,159 +0,0 @@ -// Get the build name using the directory structure in Jenkins -String[] buildElements = env.JOB_NAME.split('/') -String buildName = buildElements[buildElements.length - 2] -String release = "${env.RELEASE_VERSION ?: "SNAPSHOT"}" -String tag = "packages-$release" -String repository = "ssh://git@collaboration.msi.audi.com:4444/vsdsinf/${buildName}.git" - -def modules_paths = [ - "modules/aws/dynatrace", - "packages/eu-west-1/int", - "packages/eu-west-1/prelive", - "packages/us-east-1/prelive", -] - -def terraform_check(paths) { - paths.each { path -> - sh("terraform -chdir=${path} init -backend=false") - sh("terraform -chdir=${path} fmt -recursive --check") - } -} - - -pipeline { - agent { - node { - label 'vsds-terraform' - } - } - - parameters { - choice choices: ['none', 'eu-west-1/int', 'eu-west-1/prelive', 'us-east-1/prelive'], description: 'Please choose the environment for this deployment', name: 'TARGET' - } - - environment { - GIT_SSH_COMMAND = "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" - } - - options { - timestamps() - ansiColor('xterm') - disableConcurrentBuilds(abortPrevious: true) - timeout(time: 1, unit: 'HOURS') - } - - stages { - stage("Check Tag") { - when { expression { !release.equals("SNAPSHOT") } } - steps { - sshagent(credentials: ['sofa-user-automation']) { - script { - env.PLAN_STATUS = sh(script: """ - | if [[ "\$(git ls-remote origin 2>/dev/null | grep 'refs/tags/$tag\$')" ]]; then - | echo "Release $tag exists" - | exit 1 - | fi - """.stripMargin('| '), returnStatus: true) - - if (env.PLAN_STATUS == "1") { - currentBuild.result = "FAILURE" - error('Aborting the build.') - return - } - } - } - } - } - stage('Terraform validate') { - steps { - container('terraform') { - sshagent(credentials: ['sofa-user-automation']) { - script { - terraform_check(modules_paths) - } - } - } - } - } - - stage('Terraform plan') { - when { expression { params.TARGET != "none"} } - steps { - container('terraform') { - sshagent(credentials: ['sofa-user-automation']) { - script { - if ( params.TARGET == 'eu-west-1/int' ) { - withCredentials([string(credentialsId: 'APIURL_DYNATRACE_EU_INT', variable: 'DYNATRACE_ENV_URL'), string(credentialsId: 'APITOKEN_DYNATRACE_EU_INT', variable: 'DYNATRACE_API_TOKEN'), string(credentialsId: 'packer_dynatrace_aws_access_key_id', variable: 'AWS_ACCESS_KEY_ID'), string(credentialsId: 'packer_dynatrace_aws_secret_access_key', variable: 'AWS_SECRET_ACCESS_KEY')]) { - sh "terraform -chdir=packages/${params.TARGET} init" - statusCode = sh(script: "terraform -chdir=packages/${TARGET} plan -detailed-exitcode", returnStatus: true) as String - } - } else if ( params.TARGET == 'eu-west-1/prelive' ) { - withCredentials([string(credentialsId: 'APIURL_DYNATRACE_EU_PRELIVE', variable: 'DYNATRACE_ENV_URL'), string(credentialsId: 'APITOKEN_DYNATRACE_EU_PRELIVE', variable: 'DYNATRACE_API_TOKEN'), string(credentialsId: 'packer_dynatrace_aws_access_key_id', variable: 'AWS_ACCESS_KEY_ID'), string(credentialsId: 'packer_dynatrace_aws_secret_access_key', variable: 'AWS_SECRET_ACCESS_KEY')]) { - sh "terraform -chdir=packages/${params.TARGET} init" - statusCode = sh(script: "terraform -chdir=packages/${TARGET} plan -detailed-exitcode", returnStatus: true) as String - } - } else if ( params.TARGET == 'us-east-1/prelive' ) { - withCredentials([string(credentialsId: 'APIURL_DYNATRACE_US_PRELIVE', variable: 'DYNATRACE_ENV_URL'), string(credentialsId: 'APITOKEN_DYNATRACE_US_PRELIVE', variable: 'DYNATRACE_API_TOKEN'), string(credentialsId: 'packer_dynatrace_aws_access_key_id', variable: 'AWS_ACCESS_KEY_ID'), string(credentialsId: 'packer_dynatrace_aws_secret_access_key', variable: 'AWS_SECRET_ACCESS_KEY')]) { - sh "terraform -chdir=packages/${params.TARGET} init" - statusCode = sh(script: "terraform -chdir=packages/${TARGET} plan -detailed-exitcode", returnStatus: true) as String - } - } - } - } - } - } - } - - stage('Terraform apply') { - when { beforeInput true; expression { params.TARGET != "none" }; expression { statusCode == "2" } } - input { - message "Applying terraform code ?" - submitter "cicd_ACDC_administrators" - } - steps { - container('terraform') { - sshagent(credentials: ['sofa-user-automation']) { - script { - if ( params.TARGET == 'eu-west-1/int' ) { - withCredentials([string(credentialsId: 'APIURL_DYNATRACE_EU_INT', variable: 'DYNATRACE_ENV_URL'), string(credentialsId: 'APITOKEN_DYNATRACE_EU_INT', variable: 'DYNATRACE_API_TOKEN'), string(credentialsId: 'packer_dynatrace_aws_access_key_id', variable: 'AWS_ACCESS_KEY_ID'), string(credentialsId: 'packer_dynatrace_aws_secret_access_key', variable: 'AWS_SECRET_ACCESS_KEY')]) { - sh "terraform -chdir=packages/${params.TARGET} apply" - } - if ( params.TARGET == 'eu-west-1/prelive' ) { - withCredentials([string(credentialsId: 'APIURL_DYNATRACE_EU_PRELIVE', variable: 'DYNATRACE_ENV_URL'), string(credentialsId: 'APITOKEN_DYNATRACE_EU_PRELIVE', variable: 'DYNATRACE_API_TOKEN'), string(credentialsId: 'packer_dynatrace_aws_access_key_id', variable: 'AWS_ACCESS_KEY_ID'), string(credentialsId: 'packer_dynatrace_aws_secret_access_key', variable: 'AWS_SECRET_ACCESS_KEY')]) { - sh "terraform -chdir=packages/${params.TARGET} apply" - } - } else if ( params.TARGET == 'us-east-1/prelive' ) { - withCredentials([string(credentialsId: 'APIURL_DYNATRACE_US_PRELIVE', variable: 'DYNATRACE_ENV_URL'), string(credentialsId: 'APITOKEN_DYNATRACE_US_PRELIVE', variable: 'DYNATRACE_API_TOKEN'), string(credentialsId: 'packer_dynatrace_aws_access_key_id', variable: 'AWS_ACCESS_KEY_ID'), string(credentialsId: 'packer_dynatrace_aws_secret_access_key', variable: 'AWS_SECRET_ACCESS_KEY')]) { - sh "terraform -chdir=packages/${params.TARGET} apply" - } - } - } - } - } - } - } - } - - stage('Create tag') { - when { expression { !release.equals("SNAPSHOT") } } - steps { - sshagent(credentials: ['sofa-user-automation']) { - sh """ - | git tag $tag - | git push origin $tag - """.stripMargin('| ') - } - } - } - } - - post { - always { - cleanWs() - script { - currentBuild.result = currentBuild.result ?: 'SUCCESS' - notifyBitbucket(projectKey: 'packages') - } - } - } -} \ No newline at end of file diff --git a/environments/aws/eu-west-1/int/Jenkinsfile b/environments/aws/eu-west-1/int/Jenkinsfile new file mode 100644 index 0000000..50cfde2 --- /dev/null +++ b/environments/aws/eu-west-1/int/Jenkinsfile @@ -0,0 +1,152 @@ +String cloud_provider = "aws" +String aws_region = "eu-west-1" +String stage = "int" +String aws_access_credentials = "fdc_${aws_region}_${stage}_infrastructure.automation.user" +String dynatrace_api_toke_credentials = "api_token_dynatrace_${aws_region}_${stage}" + + +pipeline { + agent { + node { + label 'vsds-terraform' + } + } + + parameters { + + gitParam('BRANCH_TAG') { + description('Git tag or branch to use for this Terraform build') + type('BRANCH_TAG') + sortMode('ASCENDING') + defaultValue('origin/master') + tagFilter('*') + } + + } + + environment { + GIT_SSH_COMMAND = "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" + + AWS_ID = credentials("${aws_access_credentials}") + AWS_ACCESS_KEY_ID = "${env.AWS_ID_USR}" + AWS_SECRET_ACCESS_KEY = "${env.AWS_ID_PSW}" + + AWS_REGION = "${aws_region}" + STAGE = "${stage}" + CLOUD_PROVIDER = "${cloud_provider}" + + API_TOKEN = credentials("${dynatrace_api_toke_credentials}") + TF_VAR_dt_api_token = "${env.API_TOKEN}" + } + + options { + timestamps() + ansiColor('xterm') + disableConcurrentBuilds(abortPrevious: true) + timeout(time: 1, unit: 'HOURS') + } + + + stages { + + stage("check branch/tag") { + steps { + sshagent(credentials: ['sofa-user-automation']) { + script { + env.PLAN_STATUS = sh(script: """ + | if [[ "\$(git ls-remote origin 2>/dev/null | grep 'refs/tags/$tag\$')" ]]; then + | echo "Release $tag exists" + | exit 1 + | fi + """.stripMargin('| '), returnStatus: true) + + if (env.PLAN_STATUS == "1") { + currentBuild.result = "FAILURE" + error('Aborting the build.') + return + } + } + } + } + } + + stage('terraform init') { + steps { + container('terraform') { + sshagent(credentials: ['sofa-user-automation']) { + script { + + sh "cd environments/${CLOUD_PROVIDER}/${AWS_REGION}/${stage} " + sh "terraform init" + sh "terraform fmt" + + } + } + } + } + } + + stage('Terraform plan') { + steps { + container('terraform') { + sshagent(credentials: ['sofa-user-automation']) { + script { + + sh "cd environments/${cloud_provider}/${aws_region}/${STAGE} " + env.PLAN_STATUS = sh(script: "terraform plan -out=.terraform/plan.out -input=false -detailed-exitcode", returnStatus: true) + if (env.PLAN_STATUS == "1") { + currentBuild.result = "FAILURE" + error('Aborting the build.') + return + } + + } + } + } + } + } + + stage('Interactive') { + when { + allOf { + expression { env.PLAN_STATUS == "2" } + } + } + steps { + timeout(time: 15, unit: "MINUTES") { + input "Is this plan acceptable?" + milestone 1 + } + } + } + + stage("terraform apply") { + when { + allOf { + expression { env.PLAN_STATUS == "2" } + } + } + steps { + container('terraform') { + sshagent(credentials: ['sofa-user-automation']) { + script { + sh "cd environments/${cloud_provider}/${aws_region}/${STAGE} " + sh("terraform apply -input=false .terraform/plan.out") + } + } + } + } + } + + } + + post { + always { + cleanWs() + script { + currentBuild.result = currentBuild.result ?: 'SUCCESS' + notifyBitbucket(projectKey: 'packages') + } + } + } +}