-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
125 lines (120 loc) · 5.7 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
library "pipelineUtils"
pipeline{
parameters{
booleanParam(name: "shouldPublishToDownloads", defaultValue: false, description: 'Should the artifacts be made available for user download')
}
options {
timestamps()
disableConcurrentBuilds()
}
environment {
MASTER_BRANCH = "master"
ARTIFACTS_DIRECTORY = "artifacts"
VERSION = pipelineUtils.getSemanticVersion(1, 2)
}
agent { node { label 'docker' } }
stages{
stage("Build"){
steps{
script{
env.FORMATTED_VERSION = "${VERSION}"
currentBuild.displayName = "${env.FORMATTED_VERSION}"
def containerName = "jfrog-plugin-${env.FORMATTED_VERSION}"
pipelineUtils.buildDockerImage(null, "VERSION=${VERSION}")
sh "docker create --name $containerName buildimage-build"
sh "docker cp $containerName:/artifacts ${env.ARTIFACTS_DIRECTORY}"
}
}
}
stage('E2E-Test') {
steps {
withCredentials([
file(credentialsId: 'JFROG_E2E_PROPERTIES_FILE', variable: 'properties_file'),
file(credentialsId: 'JFROG_LICENSE', variable: 'jfrog_license'),
file(credentialsId: 'JFROG_NGINX_CERT', variable: 'nginx_cert'),
file(credentialsId: 'JFROG_NGINX_KEY', variable: 'nginx_key')
])
{
script {
writeFile file: 'cxsca-security-plugin.properties', text: readFile(properties_file)
writeFile file: 'artifactory.lic', text: readFile(jfrog_license)
writeFile file: 'nginx.key', text: readFile(nginx_key)
writeFile file: 'nginx.crt', text: readFile(nginx_cert)
microservicePipelineStages.invokeTestStage([])
}
}
}
}
stage('Calculate SHA-256 for artifacts'){
steps{
sh '''
for FILE in ${ARTIFACTS_DIRECTORY}/*; do
sha256sum $FILE | cut -d ' ' -f 1 | tr -d $'\n' > $FILE.sha256sum
done
'''
}
}
stage("Publish"){
steps{
withAWS([credentials: 's3publish', region: 'eu-central-1']) {
script {
def filesToUpload = [findFiles(glob: "${env.ARTIFACTS_DIRECTORY}/*")].flatten()
filesToUpload.each {
def fullPath = it.getPath()
fileName = it.getName()
fileDir = fullPath.substring(0, fullPath.lastIndexOf('/'))
s3Upload([bucket : 'lumo-dev-deployment-bucket/published-artifacts/ScaJFrogPlugin/' + env.FORMATTED_VERSION,
workingDir : fileDir,
file : fileName,
metadatas : ["Build:" + env.FORMATTED_VERSION],
cacheControl: 'max-age=315360000'
])
if (env.BRANCH_NAME == env.MASTER_BRANCH) {
s3Upload([bucket : 'lumo-dev-deployment-bucket/published-artifacts/ScaJFrogPlugin/latest-master',
workingDir : fileDir,
file : fileName,
metadatas : ["Build:" + env.FORMATTED_VERSION],
cacheControl: 'max-age=315360000'
])
}
}
}
}
withAWS([credentials: 'jenkins_user_prod', region: 'us-east-1']) {
script {
if (params.shouldPublishToDownloads && env.BRANCH_NAME == env.MASTER_BRANCH) {
def filesToUpload = [findFiles(glob: "${env.ARTIFACTS_DIRECTORY}/*")].flatten()
filesToUpload.each {
def fullPath = it.getPath()
fileName = it.getName()
fileDir = fullPath.substring(0, fullPath.lastIndexOf('/'))
s3Upload([bucket : 'sca-downloads/ScaJFrogPlugin/' + env.FORMATTED_VERSION,
workingDir : fileDir,
file : fileName,
metadatas : ["Build:" + env.FORMATTED_VERSION],
cacheControl: 'max-age=315360000',
acl: 'PublicRead'
])
s3Upload([bucket : 'sca-downloads/ScaJFrogPlugin/latest',
workingDir : fileDir,
file : fileName,
metadatas : ["Build:" + env.FORMATTED_VERSION],
cacheControl: 'max-age=315360000',
acl: 'PublicRead'
])
}
}
}
}
}
}
}
post {
always {
script {
if (env.BRANCH_NAME == "master")
pipelineUtils.sendNotificationEmail()
}
}
}
}