-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJenkinsfile
More file actions
159 lines (136 loc) · 7.09 KB
/
Jenkinsfile
File metadata and controls
159 lines (136 loc) · 7.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
#!groovy
@Library('github.com/cloudogu/ces-build-lib@5.1.0')
import com.cloudogu.ces.cesbuildlib.*
git = new Git(this, "cesmarvin")
git.committerName = 'cesmarvin'
git.committerEmail = 'cesmarvin@cloudogu.com'
gitflow = new GitFlow(this, git)
github = new GitHub(this, git)
changelog = new Changelog(this)
repositoryName = "lop-idp"
productionReleaseBranch = "main"
registryNamespace = "k8s"
registryUrl = "registry.cloudogu.com"
authRegistrationCrdChartVersion = "1.0.0"
goVersion = "1.26.0"
helmTargetDir = "target/k8s"
helmChartDir = "${helmTargetDir}/helm"
node('docker') {
timestamps {
properties([
disableConcurrentBuilds(),
])
catchError {
timeout(activity: false, time: 60, unit: 'MINUTES') {
stage('Checkout') {
checkout scm
make 'clean'
}
new Docker(this)
.image("golang:${goVersion}")
.mountJenkinsUser()
.inside("--volume ${WORKSPACE}:/${repositoryName} -w /${repositoryName}")
{
stage('Generate k8s Resources') {
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD']]) {
try {
make 'install-helm'
sh ".bin/helm registry login ${registryUrl} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'"
make 'helm-update-dependencies'
} finally {
sh ".bin/helm registry logout ${registryUrl}"
}
}
make 'helm-generate'
archiveArtifacts "${helmTargetDir}/**/*"
}
stage("Lint helm") {
make 'helm-lint'
}
}
K3d k3d = new K3d(this, "${WORKSPACE}", "${WORKSPACE}/k3d", env.PATH)
try {
stage('Set up k3d cluster') {
k3d.startK3d()
}
stage('Prepare k3d prerequisites') {
sh("openssl req -x509 -nodes -newkey rsa:2048 -keyout global-config.key -out global-config.crt -days 1 -subj '/CN=ces.test'")
String serverCertificate = readFile("global-config.crt").trim()
String indentedServerCertificate = serverCertificate.readLines().collect { " ${it}" }.join("\n")
writeFile file: "global-config.yaml", text: """domain: "ces.test"
fqdn: "ces.test"
admin_group: "cesAdmin"
certificate:
server.crt: |
${indentedServerCertificate}
"""
k3d.kubectl("create configmap global-config --from-file=config.yaml=global-config.yaml")
}
stage('Install k3d prerequisites') {
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD']]) {
try {
k3d.helm("registry login ${registryUrl} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'")
k3d.helm("upgrade --install k8s-auth-registration-crd oci://${registryUrl}/${registryNamespace}/k8s-auth-registration-crd --version ${authRegistrationCrdChartVersion} --namespace default")
} finally {
k3d.helm("registry logout ${registryUrl}")
}
}
}
stage('Deploy lop-idp') {
k3d.helm("upgrade --install ${repositoryName} ${helmChartDir} --namespace default --wait --timeout 10m")
}
stage('Test lop-idp') {
k3d.kubectl("rollout status statefulset/lop-idp-ldap --timeout=300s")
k3d.kubectl("rollout status deployment/lop-idp-cas --timeout=300s")
k3d.kubectl("rollout status deployment/lop-idp-usermgt --timeout=300s")
k3d.kubectl("rollout status deployment/lop-idp-ldap-mapper --timeout=300s")
k3d.kubectl("rollout status deployment/lop-idp-k8s-auth-registration-operator --timeout=300s")
k3d.kubectl("wait --for=condition=ready pod -l app.kubernetes.io/instance=${repositoryName} --timeout=300s")
}
} catch(Exception e) {
k3d.collectAndArchiveLogs()
throw e as java.lang.Throwable
} finally {
stage('Remove k3d cluster') {
k3d.deleteK3d()
}
}
}
}
stageAutomaticRelease()
}
}
void stageAutomaticRelease() {
if (gitflow.isReleaseBranch()) {
Makefile makefile = new Makefile(this)
String releaseVersion = makefile.getVersion()
String changelogVersion = git.getSimpleBranchName()
stage('Push Helm chart to Harbor') {
new Docker(this)
.image("golang:${goVersion}")
.mountJenkinsUser()
.inside("--volume ${WORKSPACE}:/${repositoryName} -w /${repositoryName}")
{
make 'helm-package'
archiveArtifacts "${helmTargetDir}/**/*"
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD']]) {
try {
sh ".bin/helm registry login ${registryUrl} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'"
sh ".bin/helm push ${helmChartDir}/${repositoryName}-${releaseVersion}.tgz oci://${registryUrl}/${registryNamespace}"
} finally {
sh ".bin/helm registry logout ${registryUrl}"
}
}
}
}
stage('Finish Release') {
gitflow.finishRelease(changelogVersion, productionReleaseBranch)
}
stage('Add Github-Release') {
releaseId = github.createReleaseWithChangelog(changelogVersion, changelog, productionReleaseBranch)
}
}
}
void make(String makeArgs) {
sh "make ${makeArgs}"
}