govno

2024-11-04 19:58:01 +03:00
parent 4244debf72
commit 015d96995e
4 changed files with 222 additions and 0 deletions
--- a/65
+++ b/65
@ -0,0 +1,65 @@
+pipeline {
+    agent any
+    tools {
+        ansible 'Ansible'
+    }
+    environment {
+        PSQL_PASSWORD = credentials('PSQL_pass')
+        VAULT_PASSWORD = credentials('ansible_vault_password')
+    }
+    parameters {
+        string(name: 'DB_USER', defaultValue: 'postgres', description: 'Имя пользователя базы данных')
+        string(name: 'DB_NAME', defaultValue: 'mydb', description: 'Имя базы данных')
+        string(name: 'BACKUP_DIR', defaultValue: '/var/backups/postgresql', description: 'Директория для бэкапа')
+    }
+    stages {
+        stage('Clone repository') {
+            steps {
+                git branch: 'dev', url: 'http://192.168.0.70:3000/coursework/courseworkrep.git'
+            }
+        }
+        stage('Decrypt SSH Key') {
+            steps {
+                script {
+                    def tempDir = '/tmp/' + UUID.randomUUID().toString()
+                    env.TEMP_DIR = tempDir
+                    sh "mkdir -p ${tempDir}"
+
+                    def decryptedKeyFile = "${tempDir}/id_ed25519"
+                    def vaultPassFile = "${tempDir}/vault_pass"
+
+                    writeFile file: vaultPassFile, text: VAULT_PASSWORD
+                    
+                    sh """
+                        ansible-vault decrypt ./id_ed25519_vault --vault-password-file=${vaultPassFile} --output=${decryptedKeyFile}
+                    """
+                    env.DECRYPTED_KEY_FILE = decryptedKeyFile
+                }
+            }
+        }
+        stage('Install PostgreSQL') {
+            steps {
+                ansiblePlaybook(
+                    playbook: 'install_postgresql.yml',
+                    inventory: "inventory.yml",
+                    extraVars: [
+                        postgres_user: params.DB_USER,
+                        postgres_password: PSQL_PASSWORD,  
+                        postgres_db: params.DB_NAME,
+                        backup_dir: params.BACKUP_DIR,
+                        ansible_ssh_private_key_file: env.DECRYPTED_KEY_FILE
+                    ]
+                )
+            }
+        }
+    }
+    post {
+        always {
+            script {
+                if (env.TEMP_DIR) {
+                    sh "rm -rf ${env.TEMP_DIR}"
+                }
+            }
+        }
+    }
+}