-
Notifications
You must be signed in to change notification settings - Fork 0
/
Jenkinsfile
84 lines (74 loc) · 3.54 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
pipeline {
agent {
node {
label 'docker-host'
}
}
environment {
TF_WORKSPACE = 'Development'
PRIVKEY_PATH_DEV = credentials('TERRAFORM_PRIV_KEY_DEV')
PUBKEY_PATH_DEV = credentials('TERRAFORM_PUB_KEY_DEV')
}
stages {
stage('Checkout') {
steps {
git branch: 'main',
url: 'https://github.com/jzarzycki/WordpressTerraformAnsible.git'
}
}
stage('Provision') {
steps {
dir('terraform') {
withCredentials([
string(credentialsId: 'TERRAFORM__CLOUD_TOKEN', variable: 'TF_TOKEN'),
string(credentialsId: 'DO_TOKEN', variable: 'DO_TOKEN')
]) {
// Inject secrets into build environment
sh 'envsubst < .credentials.tfrc.json.tpl > ~/.terraform.d/credentials.tfrc.json'
sh 'envsubst < terraform.tfvars.example > terraform.tfvars'
// Provision the infrastructure
sh 'terraform init -no-color -input=false'
sh 'terraform import module.networking.digitalocean_domain.default "jzarzycki.com"'
sh 'terraform plan -no-color -input=false -out=tfplan'
sh 'terraform apply -no-color -input=false tfplan'
}
}
}
}
stage('Configure') {
steps {
dir('ansible') {
withCredentials([
string(credentialsId: 'MYSQL_ROOT_PASSWORD', variable: 'MYSQL_ROOT_PASSWORD'),
string(credentialsId: 'MYSQL_DATABASE', variable: 'MYSQL_DATABASE'),
string(credentialsId: 'MYSQL_USER', variable: 'MYSQL_USER'),
string(credentialsId: 'MYSQL_PASSWORD', variable: 'MYSQL_PASSWORD')
]) {
// Inject secrets into build environment
sh 'envsubst < roles/webserver/files/.env.example > roles/webserver/files/.env'
// Configure the infrastructure
sh 'ansible-playbook -i inventory main.yml --extra-vars \"login_user=root common_ssh_pubkey_path=$PUBKEY_PATH_DEV volume_mount_name=wordpress-data-dev webserver_website_url=dev.jzarzycki.com webserver_cert_type=self_signed\"'
}
}
}
}
}
post {
cleanup {
dir('terraform') {
withCredentials([
string(credentialsId: 'TERRAFORM__CLOUD_TOKEN', variable: 'TF_TOKEN'),
string(credentialsId: 'DO_TOKEN', variable: 'DO_TOKEN')
]) {
// Inject secrets into build environment
sh 'envsubst < .credentials.tfrc.json.tpl > ~/.terraform.d/credentials.tfrc.json'
sh 'envsubst < terraform.tfvars.example > terraform.tfvars'
sh 'terraform init -no-color -input=false'
sh 'terraform state rm module.networking.digitalocean_domain.default'
sh 'terraform plan -destroy -no-color -input=false -out=tfplan'
sh 'terraform apply -no-color -input=false tfplan'
}
}
}
}
}