Skip to content
Snippets Groups Projects
Select Git revision
  • 0.4.0
  • main default protected
  • release
  • ovh-poc-add-image-pull-secret
  • 1.13.0
  • 1.12.0
  • 1.11.0
  • 1.10.0
  • 1.9.0
  • 1.8.0
  • 1.7.0
  • 1.6.0
  • 1.5.0
  • 1.4.0
  • 1.3.0
  • 1.2.0
  • 1.1.0
  • 1.0.0
  • 0.6.0
  • 0.5.0
  • 0.3.0
  • 0.1.0
22 results

Jenkinsfile

Blame
  • user avatar
    OZGCloud authored
    df709215
    History
    Jenkinsfile 12.74 KiB
    pipeline {
        agent {
           node {
               label 'jenkins-quarkus-build-agent'
            }
        }
    
        environment {
            BLUE_OCEAN_URL = "https://jenkins.ozg-sh.de/job/zufi-manager/job/${env.BRANCH_NAME}/${env.BUILD_NUMBER}/"
            RELEASE_REGEX = /\d+.\d+.\d+/
            SNAPSHOT_REGEX = /\d+.\d+.\d+-SNAPSHOT/
            FAILED_STAGE = ""
            
            //The container runtime (e.g. docker) that is used to do an image based build. If this is set then a container build is always done.
            QUARKUS_NATIVE_CONTAINER_RUNTIME = "docker"
            QUARKUS_CONTAINER_IMAGE_NAME = "zufi-manager"
            QUARKUS_CONTAINER_IMAGE_TAG = generateImageTag()
            QUARKUS_CONTAINER_IMAGE_ADDITIONAL_TAGS = additionalImageTag()
            QUARKUS_CONTAINER_IMAGE_GROUP = " "
            QUARKUS_CONTAINER_IMAGE_REGISTRY = "docker.ozg-sh.de"
        }
    
        options {
            timeout(time: 1, unit: 'HOURS')
            disableConcurrentBuilds()
            buildDiscarder(logRotator(numToKeepStr: '5'))
        }
    
        stages {
            stage('Check Version') {
                steps {
                    script {
                        FAILED_STAGE = env.STAGE_NAME
                        def rootVersion = getPomVersion('pom.xml')
                        def zufiManagerVersion = getPomVersion('kop-zufi-pvog/pom.xml')
    
                        if(env.BRANCH_NAME == 'release'){
                            if ( !(rootVersion ==~ RELEASE_REGEX) || !(zufiManagerVersion ==~ RELEASE_REGEX)) {
                                error("Keine Release Version für Branch ${env.BRANCH_NAME}.")
                            }
                        } else {
                            if ( !(rootVersion ==~ SNAPSHOT_REGEX) || !(zufiManagerVersion ==~ SNAPSHOT_REGEX)) {
                                error("Keine Snapshot Version für Branch ${env.BRANCH_NAME}.")
                            }
                        }
                    }
                }
            }
            
            stage('Build and Deploy ZufiManager API') {
    			steps {
    				script {
    				    FAILED_STAGE=env.STAGE_NAME
    				}
    
        		    configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
    					sh './mvnw -pl kop-zufi-api -s $MAVEN_SETTINGS clean deploy -Dmaven.wagon.http.retryHandler.count=3'                       
    				}            
    			}
            }
            
            stage('Build ZufiManager Server') {
    			steps {
    				script {
    				    FAILED_STAGE=env.STAGE_NAME
    				}
    
        		    configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
    					sh './mvnw -pl kop-zufi-server -s $MAVEN_SETTINGS clean install -Dmaven.wagon.http.retryHandler.count=3'               
    				}            
    			}
            }
            
            stage('Deploy ZufiManager Server to Nexus'){
                when {
                    anyOf {
                        branch 'master'
                        branch 'release'
                    }
                }
                steps {
                    script {
                        FAILED_STAGE = env.STAGE_NAME
                    }
                    configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
                        sh './mvnw -pl kop-zufi-server -s $MAVEN_SETTINGS -DskipTests deploy -Dmaven.wagon.http.retryHandler.count=3'
                    }
                }
            }
            
            stage('Build ZufiManager Server Docker image') {
    			steps {
    				script {
    				    FAILED_STAGE=env.STAGE_NAME
    				}
    
        		    configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
                        sh './mvnw -pl kop-zufi-server -s $MAVEN_SETTINGS spring-boot:build-image -DskipTests -Dmaven.wagon.http.retryHandler.count=3'
                    }            
    			}
            }
            
            stage('Tag and Push ZufiManager Docker image') {
                steps {
                    script {
                        FAILED_STAGE=env.STAGE_NAME
                        IMAGE_TAG = generateImageTag()
    
                        tagAndPushDockerImage(IMAGE_TAG)
    
                        if (env.BRANCH_NAME == 'master') {
                            tagAndPushDockerImage('snapshot-latest')
                        }
                        else if (env.BRANCH_NAME == 'release') {
                            tagAndPushDockerImage('latest')
                        }
                    }
                }
            }
                             
            stage('Build ZufiManager PVOG sync') {
    			steps {
    				script {
    				    FAILED_STAGE=env.STAGE_NAME
        		    
                        configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
    		    			sh './mvnw -pl kop-zufi-pvog -s $MAVEN_SETTINGS clean deploy -Dmaven.wagon.http.retryHandler.count=3'
    
    	    				junit testResults: '**/target/surefire-reports/*.xml', skipPublishingChecks: true
        				}            
    				}
    			}
             }
             
             stage('Build ZufiManager PVOG sync native container image') {
    			steps {
    				script {
    				    FAILED_STAGE=env.STAGE_NAME
    
    					withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USER', passwordVariable: 'PASSWORD')]) {
    						configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
    							sh './mvnw -pl kop-zufi-pvog -s $MAVEN_SETTINGS clean verify -Pnative  -Dquarkus.container-image.username=${USER} -Dquarkus.container-image.password=${PASSWORD} -Dquarkus.container-image.push=true -Dquarkus.container-image.build=true -Dquarkus.native.remote-container-build=true -Dmaven.wagon.http.retryHandler.count=3'
    						}
    					}
    				}
    			}
    		}
    		
            stage('Sonar Checks') {
                when {
                    branch 'master'
                }
            	steps {
            	    script {
                        FAILED_STAGE=env.STAGE_NAME
    
                    	configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
                        	dir('kop-zufi-pvog') {
                            	try {
                                    withSonarQubeEnv('sonarqube-ozg-sh'){
    	                                sh "./mvnw -s $MAVEN_SETTINGS package sonar:sonar -Dsonar.coverage.jacoco.xmlReportPaths=${env.WORKSPACE}/kop-zufi-pvog/target/jacoco-report/jacoco.xml"
    	                            }
    	                        } catch (Exception e) {
                                    unstable("SonarQube failed")
                                }
                            }
                    	}
                    }
            	}
            }
          
            stage('Test, build and deploy Helm Chart') {
                steps {
                    script {
                        FAILED_STAGE=env.STAGE_NAME
                        HELM_CHART_VERSION = generateHelmChartVersion()
    
                        dir('src/main/helm') {
                            sh "helm lint -f ../../test/required-values.yaml"
    
                            sh "helm unittest -f '../../test/helm/*.yaml' -v '../../test/required-values.yaml' ."
    
                            sh "helm package --version=${HELM_CHART_VERSION} ."
    
                            deployHelmChart(HELM_CHART_VERSION)
                        }
                    }
                }
            }
    
            // TODO: in Story OZG-2724 aktivieren, wenn zufi-manager im provisioning vorhanden ist
            // stage('Trigger Dev rollout') {
            //     when {
            //         branch 'master'
            //     }
            //     steps {
            //         script {
            //             FAILED_STAGE = env.STAGE_NAME
    
            //             checkoutProvisioningRepo()
    
            //             setNewProvisioningVersion('dev')
    
            //             pushNewProvisioningVersion('dev')
            //         }
            //     }
            // }
    
            // stage('Trigger Test | Stage rollout') {
            //     when {
            //         branch 'release'
            //     }
    
            //     steps {
            //         script {
            //             FAILED_STAGE = env.STAGE_NAME
    
            //             checkoutProvisioningRepo()
    
            //             setNewProvisioningVersion('test')
            //             setNewProvisioningVersion('stage')
    
            //             pushNewProvisioningVersion('test stage')
            //         }
            //     }
            // }
        }
        
        post {
            failure {
                script {
                    if (env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'release') {
                        sendFailureMessage()
                    }
                }
            }
        }
    }
    
    Void tagAndPushDockerImage(String newTag){
        withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USER', passwordVariable: 'PASSWORD')]) {
            sh 'docker login docker.ozg-sh.de -u ${USER} -p ${PASSWORD}'
    
            sh "docker tag docker.ozg-sh.de/zufimanager:build-latest docker.ozg-sh.de/zufimanager:${newTag}"
            sh "docker push docker.ozg-sh.de/zufimanager:${newTag}"
        }
    }
    
    Void deployHelmChart(String helmChartVersion) {       
        withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]){
            if (env.BRANCH_NAME == 'release') {
                result = sh script: '''curl -u $USERNAME:$PASSWORD https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps -F file=@zufi-manager-'''+helmChartVersion+'''.tgz''', returnStdout: true
            }
            else {
                result = sh script: '''curl -u $USERNAME:$PASSWORD https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps-snapshot -F file=@zufi-manager-'''+helmChartVersion+'''.tgz''', returnStdout: true
            }
    
            if (result != '') {
                error(result)
            }
        }
    }
    
    String generateHelmChartVersion() {
        def chartVersion = getPomVersion('pom.xml')
    
        if (env.BRANCH_NAME == 'master') {
            chartVersion += "-${env.GIT_COMMIT.take(7)}"
        }
        else if (env.BRANCH_NAME != 'release') {
            chartVersion += "-${env.BRANCH_NAME}"
        }
    
        return chartVersion.replaceAll("_", "-")
    }
    
    Void sendFailureMessage() {
        def room = ''
        def data = """{"msgtype":"m.text", \
                        "body":"zufiManager: Build Failed. Stage: ${FAILED_STAGE} Build-ID: ${env.BUILD_NUMBER} Link: ${BLUE_OCEAN_URL}", \
                        "format": "org.matrix.custom.html", \
                        "formatted_body":"zufiManager: Build Failed. Stage: ${FAILED_STAGE} Build-ID: <a href='${BLUE_OCEAN_URL}'>${env.BUILD_NUMBER}</a>"}"""
           
        if (env.BRANCH_NAME == 'master') {
            room = "!iQPAvQIiRwRpNOszjw:matrix.ozg-sh.de"
        }
        else if (env.BRANCH_NAME == 'release') {
            room = "!oWZpUGTFsxkJIYNfYg:matrix.ozg-sh.de"
        }
    
        sh "curl -XPOST -H 'authorization: Bearer ${getElementAccessToken()}' -d '${data}' https://matrix.ozg-sh.de/_matrix/client/v3/rooms/$room/send/m.room.message"
    }
    
    String getElementAccessToken() {
        withCredentials([string(credentialsId: 'element-login-json', variable: 'LOGIN_JSON')]) {
            return readJSON ( text: sh (script: '''curl -XPOST -d \"$LOGIN_JSON\" https://matrix.ozg-sh.de/_matrix/client/v3/login''', returnStdout: true)).access_token
        }
    }
    
    Void setNewProvisioningVersion(String environment) {
        dir("provisioning") {
            def envFile = "inventories/group_vars/${environment}/versions"
    
            def envVersions = readYaml file: envFile
    
            envVersions.versions.zufi_manager.image.tag = IMAGE_TAG
            envVersions.charts.zufi_manager.version = HELM_CHART_VERSION
    
            writeYaml file: envFile, data: envVersions, overwrite: true
        }
    }
    
    Void checkoutProvisioningRepo() {   
        withCredentials([usernamePassword(credentialsId: 'jenkins-gitea-access-token', passwordVariable: 'TOKEN', usernameVariable: 'USER')]) {
            sh 'git clone https://${USER}:${TOKEN}@git.ozg-sh.de/mgm/provisioning.git'
    
            if (env.BRANCH_NAME == 'release') {
                dir('provisioning') {
                    sh 'git checkout release'
                }
            }
        }
    }
    
    Void pushNewProvisioningVersion(String environment) {
        dir('provisioning') {
            if (sh (script: "git status | grep 'inventories/group_vars/.*/versions'", returnStatus: true) == 1) {
                return
            }
            
            withCredentials([usernamePassword(credentialsId: 'jenkins-gitea-access-token', passwordVariable: 'TOKEN', usernameVariable: 'USER')]) {
                sh 'git add inventories/group_vars/*/versions'
    
                sh 'git config user.email "jenkins@ozg.de"'
                sh 'git config user.name "jenkins"'
                sh "git commit -m 'jenkins rollout ${environment} zufi-manager version ${IMAGE_TAG}'"
                sh 'git push https://${USER}:${TOKEN}@git.ozg-sh.de/mgm/provisioning.git'
            }
        }
    }
    
    String getPomVersion(String pomFile){
        def pom = readMavenPom file: pomFile
    
        return pom.version
    }
    
    String generateImageTag() {
        def imageTag = "${env.BRANCH_NAME}-${getPomVersion('pom.xml')}"
    
        if (env.BRANCH_NAME == 'master') {
            imageTag += "-${env.GIT_COMMIT.take(7)}"
        }
    
        return imageTag
    }
    
    String additionalImageTag() {
        if (env.BRANCH_NAME == 'master') {
            return "snapshot-latest"
        }
        else if (env.BRANCH_NAME == 'release') {
            return "latest"
        }
    
        return ""
    }