diff --git a/Jenkinsfile b/Jenkinsfile
index 8e94fdcfdce3971ee0d7ba778e49a06125377ada..4ab729f3dcc0b6726f3b4f6f95e71e88a67e4cd5 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -6,17 +6,19 @@ pipeline {
}
environment {
- BLUE_OCEAN_URL = "https://jenkins.infra.ozg-cloud.systems/job/ozgcloud-keycloak-operator/job/${env.BRANCH_NAME}/${env.BUILD_NUMBER}/"
RELEASE_REGEX = /\d+.\d+.\d+/
SNAPSHOT_REGEX = /\d+.\d+.\d+-SNAPSHOT/
FAILED_STAGE = ""
SH_SUCCESS_STATUS_CODE = 0
+
+ KEYCLOAK_OPERATOR_NAME = 'ozgcloud-keycloak-operator'
+ ELASTIC_OPERATOR_NAME = 'ozgcloud-elastic-operator'
}
options {
timeout(time: 1, unit: 'HOURS')
disableConcurrentBuilds()
- buildDiscarder(logRotator(numToKeepStr: '5'))
+ buildDiscarder(logRotator(numToKeepStr: '10'))
}
stages {
@@ -27,8 +29,7 @@ pipeline {
def rootPom = readMavenPom file: 'pom.xml'
def rootVersion = rootPom.version
-
- if(env.BRANCH_NAME == 'release'){
+ if(isReleaseBranch()){
if ( !isReleaseVersion([rootVersion])) {
error("Keine Release Version für Branch ${env.BRANCH_NAME}.")
}
@@ -40,7 +41,7 @@ pipeline {
}
}
}
- stage('Build OzgCloud Keycloak Operator') {
+ stage('Build OzgCloud Operator') {
steps {
script {
FAILED_STAGE=env.STAGE_NAME
@@ -93,25 +94,27 @@ pipeline {
}
configFileProvider([configFile(fileId: 'maven-settings', variable: 'MAVEN_SETTINGS')]) {
- sh 'mvn -s $MAVEN_SETTINGS spring-boot:build-image -DskipTests -Dmaven.wagon.http.retryHandler.count=3'
+ sh 'mvn -s $MAVEN_SETTINGS spring-boot:build-image -DskipTests -Dmaven.wagon.http.retryHandler.count=3'
}
- }
+ }
}
-
stage('Tag and Push Docker image') {
steps {
script {
FAILED_STAGE=env.STAGE_NAME
IMAGE_TAG = generateImageTag()
- tagAndPushDockerImage('ozgcloud-keycloak-operator', IMAGE_TAG)
+ tagAndPushDockerImage(KEYCLOAK_OPERATOR_NAME, IMAGE_TAG)
+ tagAndPushDockerImage(ELASTIC_OPERATOR_NAME, IMAGE_TAG)
- if (env.BRANCH_NAME == 'master') {
- tagAndPushDockerImage('ozgcloud-keycloak-operator', 'snapshot-latest')
+ if (isMasterBranch()) {
+ tagAndPushDockerImage(KEYCLOAK_OPERATOR_NAME, 'snapshot-latest')
+ tagAndPushDockerImage(ELASTIC_OPERATOR_NAME, 'snapshot-latest')
}
- else if (env.BRANCH_NAME == 'release') {
- tagAndPushDockerImage('ozgcloud-keycloak-operator', 'latest')
+ else if (isReleaseBranch()) {
+ tagAndPushDockerImage(KEYCLOAK_OPERATOR_NAME, 'latest')
+ tagAndPushDockerImage(ELASTIC_OPERATOR_NAME, 'latest')
}
}
}
@@ -123,15 +126,18 @@ pipeline {
FAILED_STAGE=env.STAGE_NAME
HELM_CHART_VERSION = generateHelmChartVersion()
- dir('ozgcloud-keycloak-operator/src/main/helm') {
- sh "helm lint -f ../../test/helm/linter_values.yaml"
-
- sh "helm unittest --helm3 -f '../../test/helm/*.yaml' -f '../../test/helm/*/*.yaml' ."
-
- sh "helm package --version=${HELM_CHART_VERSION} ."
+ testAndDeployKeycloakHelmChart(HELM_CHART_VERSION)
+ }
+ }
+ }
+
+ stage('Test, build and deploy Elastic-Operator Helm Chart') {
+ steps {
+ script {
+ FAILED_STAGE=env.STAGE_NAME
+ HELM_CHART_VERSION = generateHelmChartVersion()
- deployHelmChart("ozgcloud-keycloak-operator", HELM_CHART_VERSION)
- }
+ testAndDeployElasticHelmChart(HELM_CHART_VERSION)
}
}
}
@@ -144,11 +150,7 @@ pipeline {
script {
FAILED_STAGE = env.STAGE_NAME
- cloneGitopsRepo()
-
- setNewDevVersion()
-
- pushNewDevVersion()
+ doDevRollout()
}
}
}
@@ -161,68 +163,57 @@ pipeline {
script {
FAILED_STAGE = env.STAGE_NAME
- cloneGitopsRepo()
-
- setNewTestVersion()
-
- pushNewTestVersion()
+ doTestRollout()
}
}
}
stage ('OWASP Dependency-Check Vulnerabilities') {
steps {
- dependencyCheck additionalArguments: '''
- -o "./"
- -s "./"
- -f "ALL"
- -d /dependency-check-data
- --suppression dependency-check-supressions.xml
- --disableKnownExploited
- --noupdate
- --disableArchive
- --prettyPrint''', odcInstallation: 'dependency-check-owasp'
-
- dependencyCheckPublisher(
- pattern: 'dependency-check-report.xml' ,
- //unstableNewCritical: 999,
- //unstableNewHigh: 999,
- //unstableNewMedium: 999,
- //unstableNewLow: 999,
- //unstableTotalCritical: 999,
- //unstableTotalHigh: 999,
- //unstableTotalMedium: 999,
- //unstableTotalLow: 999,
- //failedNewCritical: 999,
- //failedNewHigh: 999,
- //failedNewMedium: 999,
- //failedNewLow: 999,
- //failedTotalCritical: 999,
- //failedTotalHigh: 999,
- //failedTotalMedium: 999,
- //failedTotalLow: 999
- ) }
- }
- }
- post {
- failure {
- script {
- if (env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'release') {
- //sendFailureMessage()
- }
+ dependencyCheck additionalArguments: '''
+ -o "./"
+ -s "./"
+ -f "ALL"
+ -d /dependency-check-data
+ --suppression dependency-check-supressions.xml
+ --disableKnownExploited
+ --noupdate
+ --disableArchive
+ --prettyPrint''', odcInstallation: 'dependency-check-owasp'
+
+ dependencyCheckPublisher(
+ pattern: 'dependency-check-report.xml'
+ )
}
}
}
}
+
+Void testAndDeployKeycloakHelmChart(String helmChartVersion){
+ dir("${KEYCLOAK_OPERATOR_NAME}/src/main/helm") {
+ runHelmTests()
+ deployHelmChart(KEYCLOAK_OPERATOR_NAME, helmChartVersion)
+ }
+}
+
+Void testAndDeployElasticHelmChart(String helmChartVersion){
+ dir("${ELASTIC_OPERATOR_NAME}/src/main/helm") {
+ //TBD
+ //runHelmTests()
+ //deployHelmChart(ELASTIC_OPERATOR_NAME, helmChartVersion)
+ }
+}
+
+Void runHelmTests(){
+ sh 'helm lint -f ../../test/helm/linter_values.yaml'
+ sh "helm unittest --helm3 -f '../../test/helm/*.yaml' -f '../../test/helm/*/*.yaml' ."
+ sh "helm package --version=${HELM_CHART_VERSION} ."
+}
+
Void deployHelmChart(String helmChartName, String helmChartVersion) {
withCredentials([usernamePassword(credentialsId: 'jenkins-nexus-login', usernameVariable: 'USERNAME', passwordVariable: 'PASSWORD')]){
- if (env.BRANCH_NAME == 'release') {
- result = sh script: '''curl -u $USERNAME:$PASSWORD https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps -F file=@'''+helmChartName+'''-'''+helmChartVersion+'''.tgz''', returnStdout: true
- }
- else {
- result = sh script: '''curl -u $USERNAME:$PASSWORD https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps-snapshot -F file=@'''+helmChartName+'''-'''+helmChartVersion+'''.tgz''', returnStdout: true
- }
+ result = sh script: '''curl -u $USERNAME:$PASSWORD''' + getHelmRepoUrl() + ''' -F file=@'''+helmChartName+'''-'''+helmChartVersion+'''.tgz''', returnStdout: true
if (result != '') {
error(result)
@@ -230,34 +221,32 @@ Void deployHelmChart(String helmChartName, String helmChartVersion) {
}
}
+String getHelmRepoUrl(){
+ if (isReleaseBranch()) {
+ return "https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps"
+ }
+ return "https://nexus.ozg-sh.de/service/rest/v1/components?repository=ozg-base-apps-snapshot"
+}
+
String generateHelmChartVersion() {
def chartVersion = getPomVersion('pom.xml')
- if (env.BRANCH_NAME == 'master') {
+ if (isMasterBranch()) {
chartVersion += "-${env.GIT_COMMIT.take(7)}"
}
- else if (env.BRANCH_NAME != 'release') {
+ else if (!isReleaseBranch()) {
chartVersion += "-${env.BRANCH_NAME}"
}
- return chartVersion.replaceAll("_", "-")
+ return chartVersion.replaceAll('_', '-')
}
-Void sendFailureMessage() {
- def room = ''
- def data = """{"msgtype":"m.text", \
- "body":"OzgCloud-Keycloak-Operator: Build Failed. Stage: ${FAILED_STAGE} Build-ID: ${env.BUILD_NUMBER} Link: ${BLUE_OCEAN_URL}", \
- "format": "org.matrix.custom.html", \
- "formatted_body":"OzgCloud-Keycloak-Operator: Build Failed. Stage: ${FAILED_STAGE} Build-ID: <a href='${BLUE_OCEAN_URL}'>${env.BUILD_NUMBER}</a>"}"""
-
- if (env.BRANCH_NAME == 'master') {
- room = "!iQPAvQIiRwRpNOszjw:matrix.ozg-sh.de"
- }
- else if (env.BRANCH_NAME == 'release') {
- room = "!oWZpUGTFsxkJIYNfYg:matrix.ozg-sh.de"
- }
+Boolean isMasterBranch() {
+ return env.BRANCH_NAME == 'master'
+}
- sh "curl -XPOST -H 'authorization: Bearer ${getElementAccessToken()}' -d '${data}' https://matrix.ozg-sh.de/_matrix/client/v3/rooms/$room/send/m.room.message"
+Boolean isReleaseBranch() {
+ return env.BRANCH_NAME == 'release'
}
String getElementAccessToken() {
@@ -266,32 +255,47 @@ String getElementAccessToken() {
}
}
-Void setNewDevVersion() {
- setNewOzgOperatorVersion('dev')
+Void doDevRollout() {
+ cloneGitopsRepo()
+ setNewOperatorVersion('dev')
+ pushNewGitopsVersion('dev')
}
-Void setNewTestVersion() {
- setNewOzgOperatorVersion('test')
+Void doTestRollout() {
+ cloneGitopsRepo()
+ setNewOperatorVersion('test')
+ pushNewGitopsVersion('test')
}
-Void setNewOzgOperatorVersion(String environment) {
- dir("gitops") {
- def envFile = "${environment}/application/values/ozgcloud-keycloak-operator-values.yaml"
- def envVersions = readYaml file: envFile
+Void setNewOperatorVersion(String environment) {
+ dir('gitops') {
+ updateKeycloakOperatorVersions()
+ updateElasticOperatorVersions()
+ }
+}
- envVersions.ozgcloud_keycloak_operator.image.tag = IMAGE_TAG
- envVersions.ozgcloud_keycloak_operator.helm.version = HELM_CHART_VERSION
+Void updateKeycloakOperatorVersions(String environment){
+ def valuesFile = getApplicationValues(environment, KEYCLOAK_OPERATOR_NAME)
+ def envVersions = readYaml file: envFile
- writeYaml file: envFile, data: envVersions, overwrite: true
- }
+ envVersions.ozgcloud_keycloak_operator.image.tag = IMAGE_TAG
+ envVersions.ozgcloud_keycloak_operator.helm.version = HELM_CHART_VERSION
+
+ writeYaml file: envFile, data: envVersions, overwrite: true
}
-Void pushNewDevVersion() {
- pushNewGitopsVersion('dev')
+Void updateElasticOperatorVersions(String environment){
+ def valuesFile = getApplicationValues(environment, ELASTIC_OPERATOR_NAME)
+ def envVersions = readYaml file: envFile
+
+ envVersions.ozgcloud_elastic_operator.image.tag = IMAGE_TAG
+ envVersions.ozgcloud_elastic_operator.helm.version = HELM_CHART_VERSION
+
+ writeYaml file: envFile, data: envVersions, overwrite: true
}
-Void pushNewTestVersion() {
- pushNewGitopsVersion('test')
+String getApplicationValues(String environment, String valuesFileName) {
+ return "${environment}/application/values/${valuesFileName}-values.yaml"
}
Void pushNewGitopsVersion(String environment) {