/*
* Copyright (C) 2024 Das Land Schleswig-Holstein vertreten durch den
* Ministerpräsidenten des Landes Schleswig-Holstein
* Staatskanzlei
* Abteilung Digitalisierung und zentrales IT-Management der Landesregierung
*
* Lizenziert unter der EUPL, Version 1.2 oder - sobald
* diese von der Europäischen Kommission genehmigt wurden -
* Folgeversionen der EUPL ("Lizenz");
* Sie dürfen dieses Werk ausschließlich gemäß
* dieser Lizenz nutzen.
* Eine Kopie der Lizenz finden Sie hier:
*
* https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
*
* Sofern nicht durch anwendbare Rechtsvorschriften
* gefordert oder in schriftlicher Form vereinbart, wird
* die unter der Lizenz verbreitete Software "so wie sie
* ist", OHNE JEGLICHE GEWÄHRLEISTUNG ODER BEDINGUNGEN -
* ausdrücklich oder stillschweigend - verbreitet.
* Die sprachspezifischen Genehmigungen und Beschränkungen
* unter der Lizenz sind dem Lizenztext zu entnehmen.
*/
pipeline {
agent {
node {
label 'ozgcloud-jenkins-build-agent-jdk21'
}
}
environment {
JENKINS_URL = "https://jenkins.infra.ozg-cloud.systems/job/codeSH_nachrichten-manager/job/${env.BRANCH_NAME}/${env.BUILD_NUMBER}/"
RELEASE_REGEX = /\d+.\d+.\d+/
SNAPSHOT_REGEX = /\d+.\d+.\d+-SNAPSHOT/
FAILED_STAGE = ""
SH_SUCCESS_STATUS_CODE = 0
}
options {
timeout(time: 1, unit: 'HOURS')
disableConcurrentBuilds()
buildDiscarder(logRotator(numToKeepStr: '5'))
}
stages {
stage('Check Version') {
steps {
script {
FAILED_STAGE = env.STAGE_NAME
def rootVersion = getPomVersion('pom.xml')
def interfaceVersion = getPomVersion('nachrichten-manager-interface/pom.xml')
if(isReleaseBranch()){
if ( !(rootVersion ==~ RELEASE_REGEX) || !(interfaceVersion ==~ RELEASE_REGEX) ) {
error("Keine Release Version für Branch ${env.BRANCH_NAME}.")
}
} else {
if ( !(rootVersion ==~ SNAPSHOT_REGEX) || !(interfaceVersion ==~ SNAPSHOT_REGEX) ) {
error("Keine Snapshot Version für Branch ${env.BRANCH_NAME}.")
}
}
if( !(rootVersion == interfaceVersion) ){
error("Versionen sind nicht identisch")
}
}
}
}
stage('Set Version') {
when {
not {
anyOf {
branch 'main'
branch 'release'
}
}
}
steps {
script {
FAILED_STAGE=env.STAGE_NAME
JAR_TAG = getPomVersion('pom.xml').replace("SNAPSHOT", "${env.BRANCH_NAME}-SNAPSHOT")
}
configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
sh "mvn -s $MAVEN_SETTINGS versions:set -DnewVersion=${JAR_TAG} -DprocessAllModules=true"
}
}
}
stage('Build NachrichtenManager') {
steps {
script {
FAILED_STAGE=env.STAGE_NAME
}
configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
sh 'mvn --no-transfer-progress -s $MAVEN_SETTINGS clean install -Dmaven.wagon.http.retryHandler.count=3 -DelasticTests.disabled=true'
}
}
}
stage('Deploy to Nexus'){
steps {
script {
FAILED_STAGE = env.STAGE_NAME
}
configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
sh 'mvn --no-transfer-progress -s $MAVEN_SETTINGS -DskipTests deploy -Dmaven.wagon.http.retryHandler.count=3'
}
}
}
stage ('Deploy SBOM to DependencyTrack') {
steps {
script {
IMAGE_TAG = "${env.BRANCH_NAME}-${getPomVersion('pom.xml')}"
configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
withCredentials([string(credentialsId: 'dependency-track-api-key', variable: 'API_KEY')]) {
catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
sh "mvn --no-transfer-progress -s $MAVEN_SETTINGS io.github.pmckeown:dependency-track-maven-plugin:upload-bom -Ddependency-track.apiKey=$API_KEY -Ddependency-track.projectVersion=${IMAGE_TAG} -Ddependency-track.dependencyTrackBaseUrl=https://dependency-track.ozg-sh.de"
}
}
}
}
}
}
stage('Sonar Checks') {
when {
branch 'main'
}
steps {
script {
FAILED_STAGE=env.STAGE_NAME
configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
dir('nachrichten-manager-postfach-interface') {
try {
withSonarQubeEnv('sonarqube-ozg-sh'){
sh 'mvn -s $MAVEN_SETTINGS sonar:sonar'
}
} catch (Exception e) {
unstable("SonarQube failed")
}
}
dir('nachrichten-manager-server') {
try {
withSonarQubeEnv('sonarqube-ozg-sh'){
sh 'mvn -s $MAVEN_SETTINGS sonar:sonar'
}
} catch (Exception e) {
unstable("SonarQube failed")
}
}
}
}
}
}
}
post {
always{
junit testResults: '**/target/surefire-reports/*.xml', skipPublishingChecks: true
}
failure {
script {
if (env.BRANCH_NAME == 'main' || env.BRANCH_NAME == 'release') {
sendFailureMessage()
}
}
}
}
}
Boolean isReleaseBranch() {
return env.BRANCH_NAME == 'release'
}
String getPomVersion(String pomFile){
def pom = readMavenPom file: pomFile
return pom.version
}
Void sendFailureMessage() {
def room = ''
def data = """{"msgtype":"m.text", \
"body":"NachrichtenManager: Build Failed. Stage: ${FAILED_STAGE} Build-ID: ${env.BUILD_NUMBER}
Link: ${JENKINS_URL}", \
"format": "org.matrix.custom.html", \
"formatted_body":"NachrichtenManager: Build Failed. Stage: ${FAILED_STAGE} Build-ID: <a
href='${JENKINS_URL}'>${env.BUILD_NUMBER}</a>"}"""
if (env.BRANCH_NAME == 'main') {
room = "!GjqhmouBtnDbwUkAjx:matrix.ozg-sh.de"
}
else if (env.BRANCH_NAME == 'release') {
room = "!oWZpUGTFsxkJIYNfYg:matrix.ozg-sh.de"
}
sh "curl -XPOST -H 'authorization: Bearer ${getElementAccessToken()}' -d '${data}' https://matrix.ozg-sh.de/_matrix/client/v3/rooms/$room/send/m.room.message"
}
String getElementAccessToken() {
withCredentials([string(credentialsId: 'element-login-json', variable: 'LOGIN_JSON')]) {
return readJSON ( text: sh (script: '''curl -XPOST -d \"$LOGIN_JSON\" https://matrix.ozg-sh.de/_matrix/client/v3/login''', returnStdout: true)).access_token
}
}