diff --git a/Jenkinsfile b/Jenkinsfile
index 026a3214611a7b5d077fe2c968573a10a15c0ec0..1734f049a349d80d35ac2427fc76a788cabc1a9a 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -1,7 +1,7 @@
pipeline {
agent {
- node {
- label 'jenkins-quarkus-build-agent'
+ node {
+ label 'jenkins-quarkus-build-agent'
}
}
@@ -51,61 +51,57 @@ pipeline {
}
stage('Build UserManager GRPC') {
- steps {
- script {
- FAILED_STAGE=env.STAGE_NAME
- }
-
- // configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
- // sh './mvnw -pl user-manager-interface -s $MAVEN_SETTINGS clean deploy -Dmaven.wagon.http.retryHandler.count=3'
- // }
- }
- }
-
- stage('Build UserManager') {
- steps {
- script {
- FAILED_STAGE=env.STAGE_NAME
-
- // configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
- // sh './mvnw -pl user-manager-server -s $MAVEN_SETTINGS clean deploy -Dmaven.wagon.http.retryHandler.count=3'
- // junit testResults: '**/target/surefire-reports/*.xml', skipPublishingChecks: true
- // }
- }
- }
- }
-
- stage('Build native container image') {
- steps {
- script {
- FAILED_STAGE=env.STAGE_NAME
-
- // withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USER', passwordVariable: 'PASSWORD')]) {
- // configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
- // sh './mvnw -pl user-manager-server -s $MAVEN_SETTINGS clean verify -Pnative -Dquarkus.container-image.registry=docker.ozg-sh.de -Dquarkus.container-image.username=${USER} -Dquarkus.container-image.password=${PASSWORD} -Dquarkus.container-image.push=true -Dquarkus.container-image.build=true -Dquarkus.native.remote-container-build=true -Dmaven.wagon.http.retryHandler.count=3'
- // }
- // }
- }
- }
- }
+ steps {
+ script {
+ FAILED_STAGE=env.STAGE_NAME
+ }
- stage ('OWASP Dependency-Check Vulnerabilities') {
+ configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+ sh './mvnw -pl user-manager-interface -s $MAVEN_SETTINGS clean deploy -Dmaven.wagon.http.retryHandler.count=3'
+ }
+ }
+ }
+
+ stage('Build UserManager') {
+ steps {
+ script {
+ FAILED_STAGE=env.STAGE_NAME
+
+ configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+ sh './mvnw -pl user-manager-server -s $MAVEN_SETTINGS clean deploy -Dmaven.wagon.http.retryHandler.count=3'
+ junit testResults: '**/target/surefire-reports/*.xml', skipPublishingChecks: true
+ }
+ }
+ }
+ }
+
+ stage('Build native container image') {
steps {
script {
FAILED_STAGE=env.STAGE_NAME
+
+ withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USER', passwordVariable: 'PASSWORD')]) {
+ configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+ sh './mvnw -pl user-manager-server -s $MAVEN_SETTINGS clean verify -Pnative -Dquarkus.container-image.registry=docker.ozg-sh.de -Dquarkus.container-image.username=${USER} -Dquarkus.container-image.password=${PASSWORD} -Dquarkus.container-image.push=true -Dquarkus.container-image.build=true -Dquarkus.native.remote-container-build=true -Dmaven.wagon.http.retryHandler.count=3'
+ }
+ }
}
+ }
+ }
- // dependencyCheck additionalArguments: '''
- // -o "./"
- // -s "./"
- // -f "ALL"
- // -d /dependency-check-data
- // --suppression dependency-check-supressions.xml
- // --disableKnownExploited
- // --disableArchive
- // --prettyPrint''', odcInstallation: 'dependency-check-owasp'
-
- // dependencyCheckPublisher pattern: 'dependency-check-report.xml'
+ stage ('OWASP Dependency-Check Vulnerabilities') {
+ steps {
+ dependencyCheck additionalArguments: '''
+ -o "./"
+ -s "./"
+ -f "ALL"
+ -d /dependency-check-data
+ --suppression dependency-check-supressions.xml
+ --disableKnownExploited
+ --disableArchive
+ --prettyPrint''', odcInstallation: 'dependency-check-owasp'
+
+ dependencyCheckPublisher pattern: 'dependency-check-report.xml'
}
}
@@ -113,39 +109,39 @@ pipeline {
when {
branch 'master'
}
- steps {
- script {
+ steps {
+ script {
FAILED_STAGE=env.STAGE_NAME
- // configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
- // dir('user-manager-server') {
- // try {
- // withSonarQubeEnv('sonarqube-ozg-sh'){
- // sh "./mvnw -s $MAVEN_SETTINGS package sonar:sonar -Dsonar.coverage.jacoco.xmlReportPaths=${env.WORKSPACE}/user-manager-server/target/jacoco-report/jacoco.xml"
- // }
- // } catch (Exception e) {
- // unstable("SonarQube failed")
- // }
- // }
- // }
+ configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
+ dir('user-manager-server') {
+ try {
+ withSonarQubeEnv('sonarqube-ozg-sh'){
+ sh "./mvnw -s $MAVEN_SETTINGS package sonar:sonar -Dsonar.coverage.jacoco.xmlReportPaths=${env.WORKSPACE}/user-manager-server/target/jacoco-report/jacoco.xml"
+ }
+ } catch (Exception e) {
+ unstable("SonarQube failed")
+ }
+ }
+ }
}
- }
+ }
}
- stage('Tag and Push Docker image') {
+ stage('Tag and Push Docker image') {
steps {
script {
FAILED_STAGE = env.STAGE_NAME
- // IMAGE_TAG = generateImageTag()
+ IMAGE_TAG = generateImageTag()
- // tagAndPushDockerImage(IMAGE_TAG)
+ tagAndPushDockerImage(IMAGE_TAG)
- // if (env.BRANCH_NAME == 'master') {
- // tagAndPushDockerImage('snapshot-latest')
- // }
- // else if (env.BRANCH_NAME == 'release') {
- // tagAndPushDockerImage('latest')
- // }
+ if (env.BRANCH_NAME == 'master') {
+ tagAndPushDockerImage('snapshot-latest')
+ }
+ else if (env.BRANCH_NAME == 'release') {
+ tagAndPushDockerImage('latest')
+ }
}
}
}
@@ -159,11 +155,11 @@ pipeline {
dir('src/main/helm') {
sh "helm lint -f ../../test/unit-values.yaml"
- sh "helm unittest --helm3 -f '../../test/helm/*.yaml' -v '../../test/unit-values.yaml' ."
+ sh "helm unittest -f '../../test/helm/*.yaml' -v '../../test/unit-values.yaml' ."
sh "helm package --version=${HELM_CHART_VERSION} ."
- // deployHelmChart(HELM_CHART_VERSION)
+ deployHelmChart(HELM_CHART_VERSION)
}
}
}
@@ -188,23 +184,23 @@ pipeline {
stage('Trigger Test rollout') {
when {
- branch 'release'
+ branch 'release'
}
steps {
script {
FAILED_STAGE = env.STAGE_NAME
- // cloneGitopsRepo()
+ cloneGitopsRepo()
- // setNewTestUserManagerVersion()
+ setNewTestUserManagerVersion()
- // pushTestGitopsRepo()
+ pushTestGitopsRepo()
}
}
}
}
-
+
post {
failure {
script {
@@ -216,7 +212,7 @@ pipeline {
}
}
-Void deployHelmChart(String helmChartVersion) {
+Void deployHelmChart(String helmChartVersion) {
withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]){
if (env.BRANCH_NAME == 'release') {
result = sh script: '''curl -u $USERNAME:$PASSWORD https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps -F file=@user-manager-'''+helmChartVersion+'''.tgz''', returnStdout: true
@@ -250,7 +246,7 @@ Void sendFailureMessage() {
"body":"UserManager: Build Failed. Stage: ${FAILED_STAGE} Build-ID: ${env.BUILD_NUMBER} Link: ${BLUE_OCEAN_URL}", \
"format": "org.matrix.custom.html", \
"formatted_body":"UserManager: Build Failed. Stage: ${FAILED_STAGE} Build-ID: <a href='${BLUE_OCEAN_URL}'>${env.BUILD_NUMBER}</a>"}"""
-
+
if (env.BRANCH_NAME == 'master') {
room = "!iQPAvQIiRwRpNOszjw:matrix.ozg-sh.de"
}
@@ -298,7 +294,7 @@ Void configureGit() {
}
}
-Void cloneGitopsRepo() {
+Void cloneGitopsRepo() {
withCredentials([usernamePassword(credentialsId: 'jenkins-gitea-access-token', passwordVariable: 'TOKEN', usernameVariable: 'USER')]) {
sh 'git clone https://${USER}:${TOKEN}@git.ozg-sh.de/mgm/gitops.git'
}
@@ -319,7 +315,7 @@ Void pushNewGitopsVersion(String environment) {
if (!hasUserManagerValuesFileChanged(environment)) {
return
}
-
+
withCredentials([usernamePassword(credentialsId: 'jenkins-gitea-access-token', passwordVariable: 'TOKEN', usernameVariable: 'USER')]) {
sh "git add ${environment}/application/values/user-manager-values.yaml"