automated terminal push
This commit is contained in:
lenape
147
infrastructure/foundation/Jenkinsfile
vendored
147
infrastructure/foundation/Jenkinsfile
vendored
@@ -128,104 +128,67 @@ pipeline {
|
||||
} // end stage
|
||||
|
||||
stage('🔧 Setup Tools') {
|
||||
steps {
|
||||
script {
|
||||
// Install Terraform if not available
|
||||
sh '''
|
||||
if ! command -v terraform &> /dev/null; then
|
||||
echo "Installing Terraform ${TF_VERSION}..."
|
||||
|
||||
# Check if wget is available
|
||||
if ! command -v wget &> /dev/null; then
|
||||
echo "❌ wget not available. Please install Terraform manually or use a different base image."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Download and install Terraform
|
||||
wget -q https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip || {
|
||||
echo "❌ Failed to download Terraform"
|
||||
exit 1
|
||||
}
|
||||
|
||||
unzip -o terraform_${TF_VERSION}_linux_amd64.zip || {
|
||||
echo "❌ Failed to unzip Terraform"
|
||||
exit 1
|
||||
}
|
||||
|
||||
chmod +x terraform
|
||||
|
||||
# Try to move to system path, fallback to local
|
||||
if sudo mv terraform /usr/local/bin/ 2>/dev/null; then
|
||||
echo "✅ Terraform installed to /usr/local/bin/"
|
||||
elif mv terraform /tmp/ 2>/dev/null; then
|
||||
export PATH="/tmp:$PATH"
|
||||
echo "✅ Terraform installed to /tmp/ (added to PATH)"
|
||||
else
|
||||
echo "⚠️ Could not install Terraform to system path. Using local copy."
|
||||
export PATH=".:$PATH"
|
||||
fi
|
||||
|
||||
# Cleanup
|
||||
rm -f terraform_${TF_VERSION}_linux_amd64.zip
|
||||
else
|
||||
echo "✅ Terraform is already installed"
|
||||
fi
|
||||
|
||||
echo "Terraform version:"
|
||||
terraform version || {
|
||||
echo "❌ Terraform installation failed or not accessible"
|
||||
exit 1
|
||||
}
|
||||
'''
|
||||
|
||||
// Verify AWS credentials and permissions via Jenkins credential store
|
||||
try {
|
||||
withCredentials([
|
||||
aws(credentialsId: "${params.AWS_CREDENTIALS_ID}"),
|
||||
string(credentialsId: "${params.AWS_REGION_ID}", variable: 'AWS_REGION')
|
||||
]) {
|
||||
steps {
|
||||
script {
|
||||
// Verify Terraform is available
|
||||
sh '''
|
||||
echo "AWS CLI version:"
|
||||
aws --version || {
|
||||
echo "❌ AWS CLI not available. Please install AWS CLI in Jenkins container."
|
||||
echo "✅ Checking for Terraform..."
|
||||
if ! command -v terraform &> /dev/null; then
|
||||
echo "❌ Terraform not found. Please install Terraform ${TF_VERSION}"
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
|
||||
echo "Verifying Jenkins stored AWS credentials..."
|
||||
echo "AWS Region: ${AWS_REGION}"
|
||||
|
||||
# Test AWS credentials
|
||||
aws sts get-caller-identity || {
|
||||
echo "❌ AWS credentials validation failed"
|
||||
echo "Check that credential IDs '${AWS_CREDENTIALS_ID}' and '${AWS_REGION_ID}' exist in Jenkins"
|
||||
exit 1
|
||||
}
|
||||
|
||||
echo "Testing AWS permissions..."
|
||||
aws ec2 describe-vpcs --max-items 1 --region ${AWS_REGION} > /dev/null && echo "✅ EC2 permissions OK" || echo "⚠️ EC2 permissions limited"
|
||||
aws s3 ls > /dev/null 2>&1 && echo "✅ S3 permissions OK" || echo "⚠️ S3 permissions limited"
|
||||
aws dynamodb list-tables --region ${AWS_REGION} > /dev/null 2>&1 && echo "✅ DynamoDB permissions OK" || echo "⚠️ DynamoDB permissions limited"
|
||||
|
||||
echo "✅ Jenkins credential store authentication verified"
|
||||
echo "✅ Terraform is already installed"
|
||||
terraform version
|
||||
'''
|
||||
|
||||
// Verify AWS credentials and permissions via Jenkins credential store
|
||||
try {
|
||||
withCredentials([
|
||||
aws(credentialsId: "${params.AWS_CREDENTIALS_ID}"),
|
||||
string(credentialsId: "${params.AWS_REGION_ID}", variable: 'AWS_REGION')
|
||||
]) {
|
||||
sh '''
|
||||
echo "AWS CLI version:"
|
||||
aws --version || {
|
||||
echo "❌ AWS CLI not available. Please install AWS CLI in Jenkins container."
|
||||
exit 1
|
||||
}
|
||||
|
||||
echo "Verifying Jenkins stored AWS credentials..."
|
||||
echo "AWS Region: ${AWS_REGION}"
|
||||
|
||||
# Test AWS credentials
|
||||
aws sts get-caller-identity || {
|
||||
echo "❌ AWS credentials validation failed"
|
||||
echo "Check that credential IDs '${AWS_CREDENTIALS_ID}' and '${AWS_REGION_ID}' exist in Jenkins"
|
||||
exit 1
|
||||
}
|
||||
|
||||
echo "Testing AWS permissions..."
|
||||
aws ec2 describe-vpcs --max-items 1 --region ${AWS_REGION} > /dev/null && echo "✅ EC2 permissions OK" || echo "⚠️ EC2 permissions limited"
|
||||
aws s3 ls > /dev/null 2>&1 && echo "✅ S3 permissions OK" || echo "⚠️ S3 permissions limited"
|
||||
aws dynamodb list-tables --region ${AWS_REGION} > /dev/null 2>&1 && echo "✅ DynamoDB permissions OK" || echo "⚠️ DynamoDB permissions limited"
|
||||
|
||||
echo "✅ Jenkins credential store authentication verified"
|
||||
'''
|
||||
}
|
||||
} catch (Exception e) {
|
||||
error """
|
||||
❌ AWS Credentials Setup Failed: ${e.getMessage()}
|
||||
|
||||
🔧 Check these in Jenkins:
|
||||
1. Manage Jenkins → Manage Credentials → Global
|
||||
2. Verify credential exists: '${params.AWS_CREDENTIALS_ID}' (Type: AWS Credentials)
|
||||
3. Verify credential exists: '${params.AWS_REGION_ID}' (Type: Secret text)
|
||||
4. Ensure AWS CLI is installed in Jenkins container
|
||||
|
||||
💡 Or run with different credential IDs if yours are named differently.
|
||||
"""
|
||||
}
|
||||
}
|
||||
} catch (Exception e) {
|
||||
error """
|
||||
❌ AWS Credentials Setup Failed: ${e.getMessage()}
|
||||
|
||||
🔧 Check these in Jenkins:
|
||||
1. Manage Jenkins → Manage Credentials → Global
|
||||
2. Verify credential exists: '${params.AWS_CREDENTIALS_ID}' (Type: AWS Credentials)
|
||||
3. Verify credential exists: '${params.AWS_REGION_ID}' (Type: Secret text)
|
||||
4. Ensure AWS CLI is installed in Jenkins container
|
||||
|
||||
💡 Or run with different credential IDs if yours are named differently.
|
||||
"""
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
stage('🔍 SonarQube Analysis') {
|
||||
when {
|
||||
allOf {
|
||||
|
||||
Reference in New Issue
Block a user