-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathJenkinsfile
More file actions
173 lines (163 loc) · 7.04 KB
/
Jenkinsfile
File metadata and controls
173 lines (163 loc) · 7.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#!groovy
// Define Artifactory for publishing non-docker image artifacts
def digitalGridArtServer = Artifactory.server('Digital-Artifactory')
def ARTIFACTORY_SERVER_URL = digitalGridArtServer.getUrl()
library "security-ci-commons-shared-lib"
// Change Snapshot to your own DevCloud Artifactory repo name
def Snapshot = 'PROPEL'
pipeline {
agent none
options {
buildDiscarder(logRotator(artifactDaysToKeepStr: '1', artifactNumToKeepStr: '1', daysToKeepStr: '5', numToKeepStr: '10'))
}
stages {
stage ('Build and Test') {
agent {
docker {
image 'maven:3.9.9-amazoncorretto-21-alpine'
label 'dind'
args '-v /root/.m2:/root/.m2'
}
}
steps {
echo env.BRANCH_NAME
sh '''#!/bin/bash -ex
unset HTTPS_PROXY
unset HTTP_PROXY
unset http_proxy
unset https_proxy
mvn -B clean install -Pcoverage
'''
dir('target') {
stash includes: '*.jar', name: 'uaa-token-lib-jar'
}
}
post {
always {
junit '**/surefire-reports/junitreports/TEST*.xml'
step([$class: 'JacocoPublisher', execPattern: '**/**.exec', maximumBranchCoverage: '90', maximumInstructionCoverage: '90'])
}
success {
echo 'Build and Test stage completed'
}
failure {
echo 'Build and Test stage failed'
}
}
}
stage('Publish Artifacts') {
agent {
docker {
image 'maven:3.9.9-amazoncorretto-21-alpine'
label 'dind'
args '-v /root/.m2:/root/.m2'
}
}
when {
beforeAgent true
expression { env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'develop' }
}
environment {
DEPLOY_CREDS = credentials('DIGITAL_GRID_ARTIFACTORY_CREDENTIALS')
MAVEN_CENTRAL_STAGING_PROFILE_ID=credentials('MAVEN_CENTRAL_STAGING_PROFILE_ID')
}
steps {
dir('spring-filters-config') {
git branch: 'master', changelog: false, credentialsId: 'github.software.gevernova.com', poll: false, url: 'https://github.software.gevernova.com/pers/spring-filters-config.git'
}
unstash 'uaa-token-lib-jar'
script {
APP_VERSION = sh (returnStdout: true, script: '''
grep '<version>' pom.xml -m 1 | sed 's/<version>//' | sed 's/<\\/version>//g'
''').trim()
echo "Uploading uaa-token-lib ${APP_VERSION} build to Artifactory"
if (env.BRANCH_NAME == 'master') {
ARTIFACTORY_REPO = 'pgog-fss-iam-uaa-mvn'
echo "Branch is master push to ${ARTIFACTORY_REPO}, and maven central"
sh """#!/usr/bin/env bash
set -ex
apk update
apk add --no-cache gnupg
gpg --version
ln -s ${WORKSPACE} /working-dir
#Deploy/Release to digital grid repository
mvn clean deploy -B -s spring-filters-config/mvn_settings_noproxy.xml \\
-DaltDeploymentRepository=artifactory.uaa.releases::default::${ARTIFACTORY_SERVER_URL}/${ARTIFACTORY_REPO} \\
-Dartifactory.user=${DEPLOY_CREDS_USR} \\
-Dartifactory.password=${DEPLOY_CREDS_PSW} \\
-DskipTests -e
#Deploy/Release to maven central repository
mvn -B clean deploy -B -P release -s spring-filters-config/mvn_settings_noproxy.xml \\
-D gpg.homedir=/working-dir/spring-filters-config/gnupg -D stagingProfileId=$MAVEN_CENTRAL_STAGING_PROFILE_ID \\
-D skipTests -e
"""
}
else {
ARTIFACTORY_REPO = 'pgog-fss-iam-uaa-mvn-snapshot'
echo "Branch is develop push to ${ARTIFACTORY_REPO}"
sh """#!/usr/bin/env bash
set -ex
apk update
apk add --no-cache gnupg
gpg --version
ln -s ${WORKSPACE} /working-dir
mvn clean deploy -B -s spring-filters-config/mvn_settings_noproxy.xml \\
-DaltDeploymentRepository=artifactory.uaa.snapshots::default::${ARTIFACTORY_SERVER_URL}/${ARTIFACTORY_REPO} \\
-Dartifactory.user=${DEPLOY_CREDS_USR} \\
-Dartifactory.password=${DEPLOY_CREDS_PSW} \\
-DskipTests -e
"""
}
}
}
post {
success {
echo 'Publish artifacts stage completed'
}
failure {
echo 'Publish artifacts stage failed'
}
}
}
stage ('SonarQube Analysis') {
agent {
docker {
image 'maven:3.9.9-amazoncorretto-21-alpine'
label 'dind'
args '-v /root/.m2:/root/.m2'
}
}
environment {
SONAR_HOST_URL = credentials("SONAR_HOST_URL")
SONAR_LOGIN_KEY = credentials("SONAR_LOGIN_KEY")
}
stages {
stage('SonarQube Scanning') {
steps {
withSonarQubeEnv('SONAR_INSTANCE') {
sh """
mvn -B clean install -Pcoverage
mvn -B sonar:sonar -s sonar.xml
"""
} // Submitted: SonarQube taskId is automatically attached to the pipeline context
}
}
stage('Quality Gate') {
steps {
timeout(time: 5, unit: 'MINUTES') {
waitForQualityGate abortPipeline: false
} // abortPipeline is set to false else all builds will fail due to less coverage percentage
}
}
}
}
}
post {
success {
echo 'Pipeline completed'
}
failure {
echo 'Pipeline failed'
}
}
}