You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9.0 KiB
9.0 KiB
Sample Scripts
-
-
-
Wallet-API Shell script
sudo apt update sudo apt install jq yajl-tools cp config/uat.json.default config/dev.json cd config/ RedisOldHost=`cat dev.json | jq .redis.host` RedisHost=\"`aws ssm get-parameter --name "/rpp-dev/redis/rpp-dev-redis/endpoint" --region ap-east-1 --with-decryption --query 'Parameter.[Value]' --output text`\" sed -i "s/$RedisOldHost/$RedisHost/" dev.json jq 'del(.redis.password, .redis.topupLimitCheck)' dev.json > development.json cat development.json > dev.json rm -f development.json DBOldHost=`cat dev.json | jq .database.host` DBHost=\"`aws ssm get-parameter --name "/rpp-dev/database/database-url" --region ap-east-1 --with-decryption --query 'Parameter.[Value]' --output text | sed 's/:3306//'`\" sed -i "s/$DBOldHost/$DBHost/" dev.json DBOldUsername=`cat dev.json | jq .database.username` DBUsername=\"`aws ssm get-parameter --name "/rpp-dev/database/database-username" --region ap-east-1 --with-decryption --query 'Parameter.[Value]' --output text`\" sed -i "s/$DBOldUsername/$DBUsername/" dev.json DBOldPassword=`cat dev.json | jq .database.password` DBPassword=\"`aws ssm get-parameter --name "/rpp-dev/database/database-password" --region ap-east-1 --with-decryption --query 'Parameter.[Value]' --output text`\" sed -i "s/$DBOldPassword/$DBPassword/" dev.json MQOldAddress=`cat dev.json | jq .mq.address` MQAddress=\"`aws ssm get-parameter --name "/rpp-dev/mq/private_ip" --region ap-east-1 --with-decryption --query 'Parameter.[Value]' --output text`\" sed -i "s/$MQOldAddress/$MQAddress/" dev.json ssh nodecon@$client_ip_addr 'sudo mkdir -p /opt/razer-pay-wallet-api && sudo chown -R nodecon:nodecon /opt/razer-pay-wallet-api' scp -r * nodecon@$client_ip_addr:/opt/razer-pay-wallet-api ssh nodecon@$client_ip_addr << EOF if [ -f /usr/bin/node ] ; then echo "Node is installed"; else curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash - && sudo apt-get install -y nodejs g++ gcc make; fi sudo chown -R nodecon:nodecon /opt/razer-pay-wallet-api sudo su - nodecon cd /opt/razer-pay-wallet-api/ sudo npm install pm2@latest -g sudo npm install pm2 startup sudo env PATH=$PATH:/usr/local/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -u nodecon --hp /home/nodecon cd /opt/razer-pay-wallet-api/ && NODE_ENV=dev pm2 start server.js pm2 save EOF -
pipeline wallet-api
pipeline { agent { label "RPP-DEV" } stages { stage('Pulling project from GIT') { steps { git credentialsId: 'Tudorskey', url: 'git@bitbucket.org:razersw/razer-pay-wallet-api.git' } } stage(' Creating new config file'){ steps{ sh '''sudo apt update sudo apt install jq cp config/uat.json.default config/dev.json cd config/ RedisOldHost=`cat dev.json | jq .redis.host` RedisHost=\\"`aws ssm get-parameter --name "/rpp-dev/redis/rpp-dev-redis/endpoint" --region ap-east-1 --with-decryption --query \'Parameter.[Value]\' --output text`\\" sed -i "s/$RedisOldHost/$RedisHost/" dev.json jq \'del(.redis.password, .redis.topupLimitCheck)\' dev.json > development.json cat development.json > dev.json rm -f development.json DBOldHost=`cat dev.json | jq .database.host` DBHost=\\"`aws ssm get-parameter --name "/rpp-dev/database/database-url" --region ap-east-1 --with-decryption --query \'Parameter.[Value]\' --output text | sed \'s/:3306//\'`\\" sed -i "s/$DBOldHost/$DBHost/" dev.json DBOldUsername=`cat dev.json | jq .database.username` DBUsername=\\"`aws ssm get-parameter --name "/rpp-dev/database/database-username" --region ap-east-1 --with-decryption --query \'Parameter.[Value]\' --output text`\\" sed -i "s/$DBOldUsername/$DBUsername/" dev.json DBOldPassword=`cat dev.json | jq .database.password` DBPassword=\\"`aws ssm get-parameter --name "/rpp-dev/database/database-password" --region ap-east-1 --with-decryption --query \'Parameter.[Value]\' --output text`\\" sed -i "s/$DBOldPassword/$DBPassword/" dev.json MQOldAddress=`cat dev.json | jq .mq.address` MQAddress=\\"`aws ssm get-parameter --name "/rpp-dev/mq/private_ip" --region ap-east-1 --with-decryption --query \'Parameter.[Value]\' --output text`\\" sed -i "s/$MQOldAddress/$MQAddress/" dev.json''' } } stage('Copying app to remote EC2') { steps { sh '''ssh nodecon@$client_ip_addr 'sudo mkdir -p /opt/razer-pay-wallet-api && sudo chown -R nodecon:nodecon /opt/razer-pay-wallet-api' scp -r * nodecon@$client_ip_addr:/opt/razer-pay-wallet-api''' } } stage('Deploy app') { steps { sh '''ssh nodecon@$client_ip_addr <<EOF if [ -f /usr/bin/node ] ; then echo "Node is installed"; else curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash - && sudo apt-get install -y nodejs g++ gcc make ; fi sudo chown -R nodecon:nodecon /opt/razer-pay-wallet-api sudo su - nodecon cd /opt/razer-pay-wallet-api/ sudo npm install pm2@latest -g sudo npm install pm2 startup sudo env PATH=$PATH:/usr/local/bin /usr/lib/node_modules/pm2/bin/pm2 startup systemd -u nodecon --hp /home/nodecon cd /opt/razer-pay-wallet-api/ && NODE_ENV=dev pm2 start server.js pm2 save EOF ''' } } } } -
pipeline aws
pipeline { agent { label "master" } stages { stage('Pulling GIT project') { steps { git branch: 'endava', credentialsId: 'Tudorskey', url: 'git@bitbucket.org:razersw/razer-pay-infrastructure.git' } } stage('Build terraform image') { steps { sh 'cd serverless/aws && sudo docker build --build-arg AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID --build-arg AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY --build-arg PROFILE=$PROFILE --build-arg REGION=$REGION -t terraform_aws .' } } stage('Validate terraform') { steps { sh 'sudo docker run -t terraform_aws bash -c "cd environments/dev && terraform validate"' sh "CONTAINER_ID=\$(sudo docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && sudo docker rm \${CONT}" } } stage('Generate plan') { steps { sh 'sudo docker run -t terraform_aws bash -c "cd environments/dev && terraform plan -out tfplan"' sh "CONTAINER_ID=\$(sudo docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && sudo docker rm \${CONT}" } } stage('Security testing') { steps { sh 'sudo docker run -t terraform_aws bash -c "cd environments/dev && terraform plan -out tfplan && terraform show -json tfplan > tfplan.json && terraform-compliance -p tfplan.json -f ../../security_testing/ > security_results.txt ; cat security_results.txt ; terraform-compliance -p tfplan.json -f ../../security_testing/ > security_results.txt"' sh "CONTAINER_ID=\$(sudo docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && sudo docker rm \${CONT}" } } stage('Approval step') { steps { script { env.APPROVED = input message: 'Approve this infrastructure deploy?', ok: 'Deploy!', parameters: [choice(name: 'Approving', choices: "YES\nNO\n", description: 'Proceed with deployment?')] } } } // stage('Deploy infrastructure') { // steps { // script { // sh 'sudo docker run -t terraform_aws bash -c "cd environments/dev && terraform apply -auto-approve"' // sh "CONTAINER_ID=\$(sudo docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && sudo docker rm \${CONT}" // } // } // } } }