From 122d61d446dd14db67330fdb44fa073daa3ff83c Mon Sep 17 00:00:00 2001
From: Felix Reichenbach <felix.reichenbach@mgm-tp.com>
Date: Wed, 5 Mar 2025 10:28:12 +0100
Subject: [PATCH 1/3] add pipeline scripts
---
.../build_and_push_docker_image.sh | 13 +++++++++++++
pipeline-scripts/check_version.sh | 17 +++++++++++++++++
pipeline-scripts/configure_git.sh | 8 ++++++++
pipeline-scripts/configure_helm.sh | 5 +++++
pipeline-scripts/configure_maven.sh | 6 ++++++
pipeline-scripts/configure_python.sh | 7 +++++++
pipeline-scripts/deploy_maven_artifact.sh | 5 +++++
.../deploy_sbom_to_dependency_track.sh | 5 +++++
pipeline-scripts/get_tag_version.sh | 3 +++
pipeline-scripts/perform_gitops_rollout.sh | 19 +++++++++++++++++++
pipeline-scripts/run_mvn.sh | 6 ++++++
pipeline-scripts/set_version.py | 16 ++++++++++++++++
.../test_build_deploy_helm_chart.sh | 15 +++++++++++++++
set_up_scripts.sh | 3 +++
14 files changed, 128 insertions(+)
create mode 100755 pipeline-scripts/build_and_push_docker_image.sh
create mode 100755 pipeline-scripts/check_version.sh
create mode 100755 pipeline-scripts/configure_git.sh
create mode 100755 pipeline-scripts/configure_helm.sh
create mode 100755 pipeline-scripts/configure_maven.sh
create mode 100755 pipeline-scripts/configure_python.sh
create mode 100755 pipeline-scripts/deploy_maven_artifact.sh
create mode 100755 pipeline-scripts/deploy_sbom_to_dependency_track.sh
create mode 100755 pipeline-scripts/get_tag_version.sh
create mode 100755 pipeline-scripts/perform_gitops_rollout.sh
create mode 100755 pipeline-scripts/run_mvn.sh
create mode 100755 pipeline-scripts/set_version.py
create mode 100755 pipeline-scripts/test_build_deploy_helm_chart.sh
create mode 100644 set_up_scripts.sh
diff --git a/pipeline-scripts/build_and_push_docker_image.sh b/pipeline-scripts/build_and_push_docker_image.sh
new file mode 100755
index 0000000..e36a7aa
--- /dev/null
+++ b/pipeline-scripts/build_and_push_docker_image.sh
@@ -0,0 +1,13 @@
+#!/usr/bin/env bash
+
+export IMAGE_TAG=$($SCRIPT_DIR/get_tag_version.sh)
+export DOCKER_REGISTRY_IMAGE=$DOCKER_REGISTRY_IMAGE
+
+if [[ "$CI_COMMIT_REF_NAME" == "main" ]]; then
+ profile="main"
+elif [[ "$CI_COMMIT_REF_NAME" == "release" ]]; then
+ profile="release"
+else
+ profile="dev"
+fi
+run_mvn.sh spring-boot:build-image -DskipTests -Dmaven.wagon.http.retryHandler.count=3 -P $profile -Ddocker.publishRegistry.username=${NEXUS_USER} -Ddocker.publishRegistry.password=${NEXUS_PASSWORD}
diff --git a/pipeline-scripts/check_version.sh b/pipeline-scripts/check_version.sh
new file mode 100755
index 0000000..6edafe4
--- /dev/null
+++ b/pipeline-scripts/check_version.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+release_regex='\d+.\d+.\d+'
+snapshot_regex='\d+.\d+.\d+-SNAPSHOT'
+rootVersion=$(run_mvn.sh help:evaluate -Dexpression=project.version -q -DforceStdout)
+
+if [[ "$CI_COMMIT_REF_NAME" == "release" ]]; then
+ if ! [[ "$rootVersion" =~ $release_regex ]]; then
+ echo "Keine Release Version für Branch $CI_COMMIT_REF_NAME."
+ exit 1
+ fi
+else
+ if ! [[ "$rootVersion" =~ $snapshot_regex ]]; then
+ echo "Keine Snapshot Version für Branch $CI_COMMIT_REF_NAME."
+ exit 1
+ fi
+fi
\ No newline at end of file
diff --git a/pipeline-scripts/configure_git.sh b/pipeline-scripts/configure_git.sh
new file mode 100755
index 0000000..fe0738a
--- /dev/null
+++ b/pipeline-scripts/configure_git.sh
@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+## install prerequisites
+apk add --no-cache git
+
+## configure git
+git config --global user.email "ozgcloud@mgm-tp.com"
+git config --global user.name "OZGCloud"
\ No newline at end of file
diff --git a/pipeline-scripts/configure_helm.sh b/pipeline-scripts/configure_helm.sh
new file mode 100755
index 0000000..65fd54f
--- /dev/null
+++ b/pipeline-scripts/configure_helm.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+## install helm
+apk add --no-cache helm curl
+helm plugin install https://github.com/helm-unittest/helm-unittest.git
\ No newline at end of file
diff --git a/pipeline-scripts/configure_maven.sh b/pipeline-scripts/configure_maven.sh
new file mode 100755
index 0000000..c08519b
--- /dev/null
+++ b/pipeline-scripts/configure_maven.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+## create maven settings file
+echo "${MAVEN_SETTINGS_BASE64}" | base64 -d > "${CI_PROJECT_DIR}/settings.xml"
+
+mv $SCRIPT_DIR/run_mvn.sh /usr/bin
\ No newline at end of file
diff --git a/pipeline-scripts/configure_python.sh b/pipeline-scripts/configure_python.sh
new file mode 100755
index 0000000..0bddcc6
--- /dev/null
+++ b/pipeline-scripts/configure_python.sh
@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+apk add --no-cache python3 py3-pip
+# install pyyaml in a virtual environment
+python3 -m venv $PYTHON_VENV_PATH
+. $PYTHON_VENV_PATH/bin/activate
+pip3 install pyyaml
\ No newline at end of file
diff --git a/pipeline-scripts/deploy_maven_artifact.sh b/pipeline-scripts/deploy_maven_artifact.sh
new file mode 100755
index 0000000..e6c4ef8
--- /dev/null
+++ b/pipeline-scripts/deploy_maven_artifact.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+jar_version=$(run_mvn.sh help:evaluate -Dexpression=project.version -q -DforceStdout | sed "s/SNAPSHOT/${CI_COMMIT_REF_NAME:0:20}-SNAPSHOT/")
+run_mvn.sh versions:set -DnewVersion=$jar_version -DprocessAllModules=true
+run_mvn.sh deploy -DskipTests -Dmaven.wagon.http.retryHandler.count=3
\ No newline at end of file
diff --git a/pipeline-scripts/deploy_sbom_to_dependency_track.sh b/pipeline-scripts/deploy_sbom_to_dependency_track.sh
new file mode 100755
index 0000000..2047443
--- /dev/null
+++ b/pipeline-scripts/deploy_sbom_to_dependency_track.sh
@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+image_tag=$($SCRIPT_DIR/get_tag_version.sh)
+run_mvn.sh -P ci-build package -DskipTests
+run_mvn.sh io.github.pmckeown:dependency-track-maven-plugin:upload-bom -Ddependency-track.apiKey=$dependency_track_api_key -Ddependency-track.projectVersion=$image_tag -Ddependency-track.dependencyTrackBaseUrl=https://dependency-track.ozg-sh.de
diff --git a/pipeline-scripts/get_tag_version.sh b/pipeline-scripts/get_tag_version.sh
new file mode 100755
index 0000000..15d7220
--- /dev/null
+++ b/pipeline-scripts/get_tag_version.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+printf $(run_mvn.sh help:evaluate -Dexpression=project.version -q -DforceStdout | sed "s/SNAPSHOT/${CI_COMMIT_REF_NAME:0:20}-SNAPSHOT-${CI_PIPELINE_ID}/")
\ No newline at end of file
diff --git a/pipeline-scripts/perform_gitops_rollout.sh b/pipeline-scripts/perform_gitops_rollout.sh
new file mode 100755
index 0000000..34dd684
--- /dev/null
+++ b/pipeline-scripts/perform_gitops_rollout.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+
+clone_gitops_repo() {
+ git clone https://$GITEA_USER:$GITEA_PASSWORD@git.ozg-sh.de/ozgcloud-devops/gitops.git
+ cd gitops
+}
+
+environment="$1"
+service_name="$2"
+service_value=$(echo $service_name | sed "s/-/_/g")
+new_version=$($SCRIPT_DIR/get_tag_version.sh)
+
+clone_gitops_repo
+. $PYTHON_VENV_PATH/bin/activate
+python3 $SCRIPT_DIR/set_version.py "$environment/application/values/$service_name-values.yaml" "$service_value" "$new_version" || exit 1
+
+git add $environment/application/values/$service_name-values.yaml
+git commit -m "gitlab rollout $environment $service_name version $new_version"
+git push https://$GITEA_USER:$GITEA_PASSWORD@git.ozg-sh.de/ozgcloud-devops/gitops.git
\ No newline at end of file
diff --git a/pipeline-scripts/run_mvn.sh b/pipeline-scripts/run_mvn.sh
new file mode 100755
index 0000000..cabd0f0
--- /dev/null
+++ b/pipeline-scripts/run_mvn.sh
@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+mvn -s "${CI_PROJECT_DIR}/settings.xml" -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn --no-transfer-progress "$@"
+if [[ "$?" -ne 0 ]] ; then
+ echo 'Maven command failed!'; exit 1
+fi
diff --git a/pipeline-scripts/set_version.py b/pipeline-scripts/set_version.py
new file mode 100755
index 0000000..51f1bea
--- /dev/null
+++ b/pipeline-scripts/set_version.py
@@ -0,0 +1,16 @@
+#!/usr/bin/python3
+
+import yaml
+import sys
+
+values_file = sys.argv[1]
+service_name = sys.argv[2]
+new_version = sys.argv[3]
+
+with open(values_file) as file:
+ ymldoc = yaml.safe_load(file)
+ ymldoc[service_name]['image']['tag'] = new_version
+ ymldoc[service_name]['helm']['version'] = new_version
+
+with open(values_file, "w") as ostream:
+ yaml.dump(ymldoc, ostream, default_flow_style=False, sort_keys=False)
\ No newline at end of file
diff --git a/pipeline-scripts/test_build_deploy_helm_chart.sh b/pipeline-scripts/test_build_deploy_helm_chart.sh
new file mode 100755
index 0000000..5d2e919
--- /dev/null
+++ b/pipeline-scripts/test_build_deploy_helm_chart.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+service_name="$1"
+
+helm_chart_version=$($SCRIPT_DIR/get_tag_version.sh)
+./run_helm_test.sh
+cd src/main/helm
+helm package --version=$helm_chart_version .
+
+if [[ "$CI_COMMIT_REF_NAME" == "release" ]]; then
+ repository=ozg-base-apps
+else
+ repository=ozg-base-apps-snapshot
+fi
+curl -u $NEXUS_USER:$NEXUS_PASSWORD -F file=@$service_name-$helm_chart_version.tgz https://nexus.ozg-sh.de/service/rest/v1/components?repository=$repository
diff --git a/set_up_scripts.sh b/set_up_scripts.sh
new file mode 100644
index 0000000..abfb236
--- /dev/null
+++ b/set_up_scripts.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+source_dir=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
+export SCRIPT_DIR="$source_dir/pipeline-scripts"
\ No newline at end of file
--
GitLab
From 476a68ac505fa69c5ef0c39670d047efb64d9b48 Mon Sep 17 00:00:00 2001
From: Felix Reichenbach <felix.reichenbach@mgm-tp.com>
Date: Wed, 5 Mar 2025 10:29:41 +0100
Subject: [PATCH 2/3] add build_maven_project script
---
pipeline-scripts/build_maven_project.sh | 3 +++
1 file changed, 3 insertions(+)
create mode 100755 pipeline-scripts/build_maven_project.sh
diff --git a/pipeline-scripts/build_maven_project.sh b/pipeline-scripts/build_maven_project.sh
new file mode 100755
index 0000000..f4ff759
--- /dev/null
+++ b/pipeline-scripts/build_maven_project.sh
@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+run_mvn.sh clean install -Dmaven.wagon.http.retryHandler.count=3 -DelasticTests.disabled=true
\ No newline at end of file
--
GitLab
From 27f96909b4bf209f176934d2a3c64e2f51942561 Mon Sep 17 00:00:00 2001
From: Felix Reichenbach <felix.reichenbach@mgm-tp.com>
Date: Thu, 27 Mar 2025 16:02:40 +0100
Subject: [PATCH 3/3] remove unnecessary script
---
pipeline-scripts/configure_git.sh | 8 --------
1 file changed, 8 deletions(-)
delete mode 100755 pipeline-scripts/configure_git.sh
diff --git a/pipeline-scripts/configure_git.sh b/pipeline-scripts/configure_git.sh
deleted file mode 100755
index fe0738a..0000000
--- a/pipeline-scripts/configure_git.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env bash
-
-## install prerequisites
-apk add --no-cache git
-
-## configure git
-git config --global user.email "ozgcloud@mgm-tp.com"
-git config --global user.name "OZGCloud"
\ No newline at end of file
--
GitLab