· 5 years ago · Nov 13, 2019, 10:30 AM
1/**
2 * pipeline for cleanup KaaS clusters based on AWS provider
3 * CREDENTIALS_ID - gerrit credentials id
4 * GERRIT_HOST - Gerrit host
5 * KAAS_PIPELINE_REFSPEC - Refspec for kaas related pipelines, for testing additional pipeline changes, generally using GERRIT_REFSPEC
6 * GERRIT_REFSPEC - Parameter also used for fetching groovy pipeline from kaas repo [KAAS_PIPELINE_REFSPEC],
7 * default value used in case of non-triggered run, otherwise gerrit trigger will overwrite it
8 *
9 * KAAS_AWS_ACCOUNT_ID - AWS Service account id
10 * KAAS_AWS_CREDENTIALS - AWSAccessKeyId/AWSSecretKey credentials
11 * KAAS_AWS_REGIONS - Comma-separated list of AWS regions where cleanup needed
12
13 * DRY_RUN - ensure only w/o cleanup procedures
14 *
15**/
16
17common = new com.mirantis.mk.Common()
18gerrit = new com.mirantis.mk.Gerrit()
19jUtils = new com.mirantis.mk.JenkinsUtils()
20jobCatchedErrors = 'No build errors'
21
22def regionList = KAAS_AWS_REGIONS.tokenize(',').collect { it.trim() }
23// TODO make cleanup preset configurable
24def cleanupTypeList = ['general_cleanup']
25def accountPreset = [
26 presets: cleanupTypeList
27 ]
28
29def nukeImage = 'quay.io/rebuy/aws-nuke:v2.12.0'
30def nukeArgs = DRY_RUN.toBoolean() ? '--force' : '--force --no-dry-run'
31
32node('docker') {
33
34 // Define Jenkins user id's for docker operations
35 def jenkinsUID = common.getJenkinsUid()
36 def jenkinsGID = common.getJenkinsGid()
37 jenkinsUser = "${jenkinsUID}:${jenkinsGID}"
38
39 def workspace = common.getWorkspace()
40 def nukeConfigPath = "${workspace}/nuke-config.yaml"
41
42 //avoid root-owned docker artifacts before kaasLibrary scm
43 sh(script: """\
44 docker run --rm \
45 -v ${workspace}:/code \
46 busybox sh -c 'chown -R ${jenkinsUser} /code'
47 """
48 )
49
50 // Check if dependency jobs passed successfully
51 depsResult = jUtils.checkDependencyJobs()
52 if (!depsResult.status){
53 return
54 }
55
56 try {
57 timeout(time: 1, unit: 'HOURS') {
58
59 stage('Checkout') {
60 gerrit.gerritPatchsetCheckout('ssh://mcp-jenkins@gerrit.mcp.mirantis.net:29418/kaas/cluster-api-provider-openstack', 'mirantis', 'HEAD', CREDENTIALS_ID)
61 }
62
63 stage('Configure aws cleanup nuke template') {
64 def nukeTemplate = readYaml file: "${workspace}/hack/tools/aws/nuke-config-kaas.yaml"
65 nukeTemplate['regions'] = regionList
66 nukeTemplate['accounts'][KAAS_AWS_ACCOUNT_ID] = accountPreset
67
68 writeYaml file: nukeConfigPath, data: nukeTemplate
69 common.infoMsg('AWS Nuke config generated successfully')
70 sh("cat ${nukeConfigPath}")
71 }
72
73
74 stage('Start Cleanup procedure') {
75 withCredentials([
76 [$class: 'UsernamePasswordMultiBinding',
77 credentialsId: KAAS_AWS_CREDENTIALS,
78 passwordVariable: 'SECRET_KEY',
79 usernameVariable: 'SECRET_ID'],
80 ],) {
81 sh(script: """make DEST=${workspace} \
82 GOOS=linux \
83 AWS_ACCESS_KEY_ID=${SECRET_ID} \
84 AWS_ACCESS_KEY_SECRET=${SECRET_KEY} \
85 AWS_NUKE_IMAGE=${nukeImage} \
86 AWS_NUKE_ARGS=${nukeArgs} \
87 kaasgc-aws""")
88 }
89 }
90 }
91
92 currentBuild.result = 'SUCCESS'
93 } catch (e) {
94 // If there was an error or exception thrown, the build failed
95 currentBuild.result = 'FAILURE'
96 jobCatchedErrors = e.message ?: 'Failed to get error msg'
97 throw e
98 } finally {
99 currentBuild.description = """
100 <p>
101 <b>Errors</b>: ${jobCatchedErrors}<br/>
102 </p>
103 """
104
105 stage('Cleanup'){
106 // cleanup workspace
107 deleteDir()
108 }
109
110 }
111}