Run command on all agents
Note: Somehow people manage to break the Jenkins agents, likely by running docker commands with misconfigured mounts, you may not be able to access all agents and sudo will be broken on some of them. You can just delete these when no builds are running on them
Collecting agent IP addresses
First get a list of all agents from the Jenkins script console
$JENKINS_URL/script- https://build.platform.hmcts.net/script
- https://sandbox-build.platform.hmcts.net/script
- https://sds-build.platform.hmcts.net/script
- https://sds-sandbox-build.platform.hmcts.net/script
By running the script:
groovy
for (agent in jenkins.model.Jenkins.instance.slaves) {
println agent.privateIP
}
Store the result of this in a file called /tmp/ips
Get agent password
Then get the Jenkins agent password from the vault for the corresponding Jenkins:
# sds prod
az keyvault secret show --vault-name ptl --name jenkins-agent-password --query value -o tsv
# sds sandbox
az keyvault secret show --vault-name ptl --name jenkins-agent-password --query value -o tsv
# cft prod
az keyvault secret show --vault-name cftptl-intsvc --name mgmt-bastion-creds-password --query value -o tsv
# cft sbox
az keyvault secret show --vault-name cftsbox-intsvc --name mgmt-bastion-creds-password --query value -o tsv
Export it in your shell:
bash
export JENKINS_AGENT_PASSWORD=$(az keyvault ...)
Run command
First make sure you have connected to the VPN.
Copy this to a file on your machine and edit the command and then run script
#!/bin/bash
SHELL_COMMAND="tfcmt --version; sonar-scanner --version"
while IFS= read -u 10 -r host; do
echo $host
sshpass -p "${JENKINS_AGENT_PASSWORD}" ssh jenkinsssh@"$host" -o "UserKnownHostsFile=/dev/null" -o StrictHostKeyChecking=no "${SHELL_COMMAND}"
done 10< /tmp/ips
IP to agent name
If you need to tie and agent name back to an IP address you can run this in the Jenkins script console:
for (agent in jenkins.model.Jenkins.instance.slaves) {
println agent.name + ' ' + agent.privateIP
}