Created
September 11, 2023 07:49
-
-
Save bbratchiv/dab28cd5d6cb52599cd4328a353b1293 to your computer and use it in GitHub Desktop.
Jenkins pipeline to restart ECS service, use of AWS cli
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
properties([ | |
parameters([ | |
[$class: 'ChoiceParameter', | |
choiceType: 'PT_SINGLE_SELECT', | |
description: 'Select env from the Dropdown List', | |
filterable: false, | |
name: 'environment', | |
script: [ | |
$class: 'GroovyScript', | |
fallbackScript: [ | |
classpath: [], | |
sandbox: true, | |
script: | |
"return['Could not get envs']" | |
], | |
script: [ | |
classpath: [], | |
sandbox: true, | |
script: | |
"return ['qa','stage','prod']" | |
] | |
] | |
], | |
[$class: 'ChoiceParameter', | |
choiceType: 'PT_SINGLE_SELECT', | |
description: 'Select region from the Dropdown List', | |
filterable: false, | |
name: 'region', | |
script: [ | |
$class: 'GroovyScript', | |
fallbackScript: [ | |
classpath: [], | |
sandbox: false, | |
script: | |
"return['Could not get region']" | |
], | |
script: [ | |
classpath: [], | |
sandbox: true, | |
script: | |
"return['eu-central-1', 'eu-west-2', 'us-east-1']" | |
] | |
] | |
], | |
[$class: 'CascadeChoiceParameter', | |
choiceType: 'PT_SINGLE_SELECT', | |
description: 'Select cluster from the Dropdown List. Wait a couple of seconds', | |
filterable: false, | |
name: 'cluster', | |
referencedParameters: 'environment,region', | |
script: [ | |
$class: 'GroovyScript', | |
fallbackScript: [ | |
classpath: [], | |
sandbox: false, | |
script: | |
"return['Could not get cluster']" | |
], | |
script: [ | |
classpath: [], | |
sandbox: false, | |
script: | |
""" | |
import groovy.json.JsonSlurperClassic | |
def account_id="" | |
if (environment.equals("qa")){ | |
account_id = "123" | |
} | |
else if (environment.equals("stage")){ | |
account_id = "456" | |
} | |
else if (environment.equals("prod")){ | |
account_id = "789" | |
} | |
def cmd = "aws-auth --role-arn arn:aws:iam::\${account_id}:role/allow-auto-deploy-from-other-accounts --role-duration-seconds 900" | |
def comm = cmd.execute() | |
def sedExport = "sed s/export/env/g".execute() | |
def sedQuote = "sed s/'//g".execute() | |
def sedNewLine = ['tr', '\\'\\n\\'', '\\' \\''].execute() | |
def auth_string = comm | sedExport | sedQuote | sedNewLine | |
auth_string.waitFor() | |
def final_command = auth_string.text + " aws ecs list-clusters --region " + region | |
def res = final_command.execute() | |
res.waitFor() | |
//print res.text | |
// Parse JSON into Groovy object | |
def data = new JsonSlurperClassic().parseText(res.text) | |
def clusters = [] | |
data.clusterArns.each { | |
clusters.add(it.split('/')[1]) | |
} | |
return clusters.sort() | |
""" | |
] | |
] | |
], | |
[$class: 'CascadeChoiceParameter', | |
choiceType: 'PT_MULTI_SELECT', | |
description: 'Select service from the Dropdown List. Wait a couple of seconds. Supports multiple selection', | |
filterable: false, | |
name: 'service', | |
referencedParameters: 'environment,region,cluster', | |
script: [ | |
$class: 'GroovyScript', | |
fallbackScript: [ | |
classpath: [], | |
sandbox: false, | |
script: | |
"return['Could not get service']" | |
], | |
script: [ | |
classpath: [], | |
sandbox: false, | |
script: | |
""" | |
import groovy.json.JsonSlurperClassic | |
def account_id="" | |
if (environment.equals("qa")){ | |
account_id = "123" | |
} | |
else if (environment.equals("stage")){ | |
account_id = "3456" | |
} | |
else if (environment.equals("prod")){ | |
account_id = "678" | |
} | |
def cmd = "aws-auth --role-arn arn:aws:iam::\${account_id}:role/allow-auto-deploy-from-other-accounts --role-duration-seconds 900" | |
def comm = cmd.execute() | |
def sedExport = "sed s/export/env/g".execute() | |
def sedQuote = "sed s/'//g".execute() | |
def sedNewLine = ['tr', '\\'\\n\\'', '\\' \\''].execute() | |
def auth_string = comm | sedExport | sedQuote | sedNewLine | |
auth_string.waitFor() | |
def final_command = auth_string.text + " aws ecs list-services --cluster " + cluster + " --region " + region | |
def res = final_command.execute() | |
res.waitFor() | |
//print res.text | |
// Parse JSON into Groovy object | |
def data = new JsonSlurperClassic().parseText(res.text) | |
def services = [] | |
data.serviceArns.each { | |
services.add(it.split('/')[2]) | |
} | |
services -= "node-exporter" | |
services -= "fluent-bit" | |
services -= "cAdvisor" | |
return services.sort() | |
""" | |
] | |
] | |
] | |
]) | |
]) | |
pipeline { | |
agent { label 'master' } | |
stages { | |
stage('Restart service') { | |
steps { | |
script { | |
currentBuild.displayName = "#${BUILD_NUMBER} ${params.environment} ${params.region} ${params.service}" | |
} | |
println "Cluster Name: ${cluster}" | |
println "Service Name: ${service}" | |
sh ''' | |
set +x | |
case $environment in | |
"qa") | |
account_id="123" | |
;; | |
"stage") | |
account_id="456" | |
;; | |
"prod") | |
account_id="789" | |
;; | |
esac | |
# Assume deploy role from proper account | |
eval $(aws-auth --role-arn arn:aws:iam::$account_id:role/allow-auto-deploy-from-other-accounts --role-duration-seconds 900) | |
# Set Input Field Separator as comma | |
IFS="," | |
for i in $service; do | |
aws ecs update-service --region $region --service $i --cluster $cluster --force-new-deployment --query 'service.taskDefinition' | |
done | |
aws ecs wait services-stable --region $region --cluster $cluster --services $service | |
echo "Service $service has been restarted" | |
''' | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
aws-auth
is a script that assumes IAM role in AWS account and exports temporary AWS credentials into the terminal.