From 254b96d24bee29eff20dd94185af2ed65c87cb59 Mon Sep 17 00:00:00 2001 From: Yaroslav Bondarenko Date: Mon, 2 Sep 2024 16:11:57 +0300 Subject: [PATCH] [DO-597] imapsync-wrapper-pipeline (!32) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Подготовлен пайплайн для переноса почты между почтовыми ящиками. Co-authored-by: Denis Patrakeev Reviewed-on: https://git.avroid.tech/DevOps/jenkins-pipelines/pulls/32 Reviewed-by: Denis Patrakeev Co-authored-by: Yaroslav Bondarenko Co-committed-by: Yaroslav Bondarenko --- jobs-dsl/folders/Automation.groovy | 3 + .../Automation/DevOps/imapsync_wrapper.groovy | 3 + .../Automation/DevOps/imapsync_wrapper.groovy | 124 ++++++++++++++++++ 3 files changed, 130 insertions(+) create mode 100644 jobs-dsl/jobs/Automation/DevOps/imapsync_wrapper.groovy create mode 100644 pipelines/Automation/DevOps/imapsync_wrapper.groovy diff --git a/jobs-dsl/folders/Automation.groovy b/jobs-dsl/folders/Automation.groovy index 53884d8..f3df6b2 100644 --- a/jobs-dsl/folders/Automation.groovy +++ b/jobs-dsl/folders/Automation.groovy @@ -6,3 +6,6 @@ folder('Automation') { folder('Automation/Eisen') { description('Automation for Eisen team') } +folder('Automation/DevOps') { + description('Automation for DevOps team') +} diff --git a/jobs-dsl/jobs/Automation/DevOps/imapsync_wrapper.groovy b/jobs-dsl/jobs/Automation/DevOps/imapsync_wrapper.groovy new file mode 100644 index 0000000..3d8165a --- /dev/null +++ b/jobs-dsl/jobs/Automation/DevOps/imapsync_wrapper.groovy @@ -0,0 +1,3 @@ +// Нет возможности описать джобу DSL из-за бага в параметре 'password'. Ссылки: +// https://issues.jenkins.io/browse/JENKINS-64539 +// https://docs.cloudbees.com/docs/cloudbees-ci-kb/latest/client-and-managed-controllers/unable-to-set-a-default-value-for-passwords-in-declarative-pipeline-using-job-dsl-plugin diff --git a/pipelines/Automation/DevOps/imapsync_wrapper.groovy b/pipelines/Automation/DevOps/imapsync_wrapper.groovy new file mode 100644 index 0000000..db78d57 --- /dev/null +++ b/pipelines/Automation/DevOps/imapsync_wrapper.groovy @@ -0,0 +1,124 @@ +// Copyright Avroid, Ltd. 2023-2024 +// +// You can not use the contents of the file in any way without +// AVROID, Ltd. written permission. +// +// To obtain such a permit, you should contact AVROID, Ltd. +// at https://avroid.ru + +@Library('shared-lib') _ + +// Pod configuration +String buildThreads = '4' +String podMemoryLimits = '6' +String podMemoryRequests = '6' +String harborProject = 'devops' +String dockerImapSyncWrapperImageName = 'imapsync-wrapper' +String dockerImapSyncWrapperImageTag = '1.0-10' + +// imapsync-wrapper configuration +env.RUN_ID = currentBuild.number +env.SOURCE_HOST_ADDRESS = 'mail.avroid.tech' +env.DESTINATION_HOST_ADDRESS = 'mail.avroid.team' +env.MAXIMUM_ERRORS_ALLOW = '10' +env.MAX_BYTES_PER_SECOND = '5000000' +env.MAX_MESSAGES_PER_SECOND = '10' +env.PG_HOST = 'h-postgres-imapsync.avroid.tech' +env.PG_PORT = '5432' +env.PG_DBNAME = 'imapsync' +// Get PG configuration from HVault +def configuration = [ + vaultUrl: 'https://vault.avroid.tech', + vaultCredentialId: 'vault-role', + engineVersion: 2 +] + +def dbSecrets = [ + [path: 'team-devops/services/databases/postgres/h-postgres-imapsync.avroid.tech', engineVersion: 2, secretValues: + [ + [vaultKey: 'db_user_imapsync_login'], + [vaultKey: 'db_user_imapsync_password'], + ] + ] +] + +properties([ + buildDiscarder(logRotator(artifactNumToKeepStr: '1', numToKeepStr: '300')), + parameters([ + string(name: 'MAILBOX_NAME', + defaultValue: 'ivan.ivanov', + description: 'Укажите свою доменную учетную запись. Пример: ivan.ivanov'), + password(name: 'MAIL_PASSWORD', + description: 'Введите пароль от учетной записи.'), + ]) +]) +// Let the user to input mail without domain or with domain +env.SOURCE_HOST_USER = params.MAILBOX_NAME.split('@')[0].trim() + "@avroid.tech" +// Destination uses user's name without domain +env.DESTINATION_HOST_USER = params.MAILBOX_NAME.split('@')[0] + +podTemplate(yaml: """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: linux + image: $env.JENKINS_DOCKER_REGISTRY/${harborProject}/${dockerImapSyncWrapperImageName}:${dockerImapSyncWrapperImageTag} + command: + - sleep + args: + - 5d + resources: + limits: + cpu: ${buildThreads} + memory: ${podMemoryLimits}Gi + requests: + cpu: ${buildThreads} + memory: ${podMemoryRequests}Gi + imagePullSecrets: + - name: $env.JENKINS_K8S_HARBOR_SECRET +""" + ){ + node(POD_LABEL) { + timestamps { + timeout(time:3, unit:'HOURS') { + try { + container(name: 'linux') { + stage('Build') { + wrap([$class: "MaskPasswordsBuildWrapper", + varPasswordPairs: [[password: params.MAIL_PASSWORD]]]) { + withVault([configuration: configuration, vaultSecrets: dbSecrets]) { + sh ''' + python3 /app/main.py \ + --run_id $RUN_ID \ + --source_host_address $SOURCE_HOST_ADDRESS \ + --source_host_user $SOURCE_HOST_USER \ + --source_host_pass $MAIL_PASSWORD \ + --destination_host_address $DESTINATION_HOST_ADDRESS \ + --destination_host_user $DESTINATION_HOST_USER \ + --destination_pass $MAIL_PASSWORD \ + --maximum_errors_allow $MAXIMUM_ERRORS_ALLOW \ + --max_bytes_per_second $MAX_BYTES_PER_SECOND \ + --max_messages_per_second $MAX_MESSAGES_PER_SECOND \ + --pg_host $PG_HOST \ + --pg_port $PG_PORT \ + --pg_dbname $PG_DBNAME \ + --pg_username $db_user_imapsync_login \ + --pg_password $db_user_imapsync_password + ''' + } + } + } + } + } + catch (err) { + println 'ERROR: ' + err.getMessage() + currentBuild.result = 'FAILURE' + } + finally { + currentBuild.description = "${env.DESTINATION_HOST_USER}" + } + } + } + } + }