Cadoles/Jenkins
22
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

Compare commits

base: Cadoles:gitea-release
Branches Tags
Cadoles:master Cadoles:gitea-package Cadoles:podman Cadoles:pipeline/compile_doc_formation Cadoles:cpkg-auto-version Cadoles:gitea-release Cadoles:pipeline/packaging_pulp Cadoles:symfony-pipeline Cadoles:pipeline/empaquetage_pulp Cadoles:build_pipeline_bbohard Cadoles:pa11y-audit Cadoles:hooks Cadoles:nebula Cadoles:redesign-tamarin
..
compare: Cadoles:pipeline/compile_doc_formation
Branches Tags
Cadoles:master Cadoles:gitea-package Cadoles:podman Cadoles:pipeline/compile_doc_formation Cadoles:cpkg-auto-version Cadoles:gitea-release Cadoles:pipeline/packaging_pulp Cadoles:symfony-pipeline Cadoles:pipeline/empaquetage_pulp Cadoles:build_pipeline_bbohard Cadoles:pa11y-audit Cadoles:hooks Cadoles:nebula Cadoles:redesign-tamarin

8 Commits
gitea-rele ... pipeline/c

Author SHA1 Message Date
Benjamin Bohard
8f33a8a4c9 Configurer nom et adresse de l’utilisateur pour les interactions avec les dépôts git 2022-09-26 08:44:28 +02:00
Benjamin Bohard
bf7e3cf9b9 Mauvais nom de répertoire de destination 2022-08-11 12:35:37 +02:00
Benjamin Bohard
cc802f6fdd Il manque nextcloud dans l’URL 2022-08-11 12:29:23 +02:00
Benjamin Bohard
e8198240de Rétablir le bon identifiant pour l’authentification 2022-08-11 12:01:32 +02:00
Benjamin Bohard
03d07acc23 Encodage naïf du dossier de destination 2022-08-11 11:53:32 +02:00
Benjamin Bohard
71a94bb201 Variables pour le contexte de production 2022-08-11 11:06:32 +02:00
Benjamin Bohard
5dee07ce46 Première version du pipeline pour la compilation des supports de formation 2022-08-08 16:57:27 +02:00
Benjamin Gaudé
502c2c7ed9 retrait remontee junit publishing checks 2022-07-19 08:55:11 +02:00
7 changed files with 292 additions and 221 deletions
Expand all files Collapse all files

2
pipelines/mse-rgaa.jenkinsfile
View File

@ -45,7 +45,7 @@ pipeline {
}
}
junit "*.xml"
junit testResults: '*.xml', skipPublishingChecks: true
rocketSend (
channel: "#cnous-mse",

153
resources/com/cadoles/gitea/gitea-release.sh
View File

@ -1,153 +0,0 @@
#!/bin/bash
set -eo pipefail
GITEA_RELEASE_PROJECT=${GITEA_RELEASE_PROJECT}
GITEA_RELEASE_ORG=${GITEA_RELEASE_ORG}
GITEA_RELEASE_BASE_URL=${GITEA_BASE_URL:-https://forge.cadoles.com}
GITEA_RELEASE_USERNAME=${GITEA_RELEASE_USERNAME}
GITEA_RELEASE_PASSWORD=${GITEA_RELEASE_PASSWORD}
GITEA_RELEASE_VERSION=${GITEA_RELEASE_VERSION}
GITEA_RELEASE_COMMITISH_TARGET=${GITEA_RELEASE_COMMITISH_TARGET}
GITEA_RELEASE_IS_DRAFT=${GITEA_RELEASE_IS_DRAFT:-false}
GITEA_RELEASE_IS_PRERELEASE=${GITEA_RELEASE_IS_PRERELEASE:-true}
GITEA_RELEASE_BODY=${GITEA_RELEASE_BODY}
GITEA_RELEASE_ATTACHMENTS=${GITEA_RELEASE_ATTACHMENTS}
function check_dependencies {
assert_command_available 'curl'
assert_command_available 'jq'
}
function assert_command_available {
local command=$1
local command_path=$(which $command)
if [ -z "$command_path" ]; then
echo "The '$command' command could not be found. Please install it before using this script." 1>&2
exit 1
fi
}
function check_environment {
assert_environment GITEA_RELEASE_PROJECT
assert_environment GITEA_RELEASE_ORG
assert_environment GITEA_RELEASE_BASE_URL
}
function source_env_file {
if [ ! -f '.env' ]; then
return 0
fi
set -o allexport
source .env
set +o allexport
}
function assert_environment {
local name=$1
local value=${!name}
if [ -z "$value" ]; then
echo "The $"$name" environment variable is empty." 1>&2
exit 1
fi
}
function ask_credentials {
if [ -z "$GITEA_RELEASE_USERNAME" ]; then
echo -n "Username: "
read GITEA_RELEASE_USERNAME
fi
if [ -z "$GITEA_RELEASE_PASSWORD" ]; then
echo -n "Password: "
stty -echo
read GITEA_RELEASE_PASSWORD
stty echo
echo
fi
}
function retrieve_version {
if [ ! -z "$GITEA_RELEASE_VERSION" ]; then
return
fi
set +e
GITEA_RELEASE_VERSION=$(git describe --abbrev=0 --tags 2>/dev/null)
GITEA_RELEASE_VERSION=${GITEA_RELEASE_VERSION}
set -e
}
function retrieve_commitish_target {
if [ ! -z "$GITEA_RELEASE_COMMITISH_TARGET" ]; then
return
fi
GITEA_RELEASE_COMMITISH_TARGET=$(git log -n 1 --pretty="format:%h")
}
function create_release {
local payload={}
payload=$(json_set "$payload" body "\"$GITEA_RELEASE_BODY\"")
payload=$(json_set "$payload" draft $GITEA_RELEASE_IS_DRAFT)
payload=$(json_set "$payload" name "\"$GITEA_RELEASE_VERSION\"")
payload=$(json_set "$payload" prerelease $GITEA_RELEASE_IS_PRERELEASE)
payload=$(json_set "$payload" tag_name "\"${GITEA_RELEASE_VERSION:-$GITEA_RELEASE_COMMITISH_TARGET}\"")
payload=$(json_set "$payload" target_commitish "\"$GITEA_RELEASE_COMMITISH_TARGET\"")
gitea_api "/repos/$GITEA_RELEASE_ORG/$GITEA_RELEASE_PROJECT/releases" \
-H "Content-Type:application/json" \
-d "$payload"
}
function json_set {
local data=$1
local key=$2
local value=$3
echo $data | jq -cr --argjson v "$value" --arg k "$key" '.[$k] = $v'
}
function upload_release_attachments {
local release="$1"
local release_id=$(echo "$release" | jq -r .id)
if [ -z "$GITEA_RELEASE_ATTACHMENTS" ]; then
set +e
GITEA_RELEASE_ATTACHMENTS="$(ls release/*.{tar.gz,zip} 2>/dev/null)"
set -e
fi
for file in $GITEA_RELEASE_ATTACHMENTS; do
local filename=$(basename "$file")
gitea_api "/repos/$GITEA_RELEASE_ORG/$GITEA_RELEASE_PROJECT/releases/$release_id/assets?name=$filename" \
-H "Content-Type:multipart/form-data" \
-F "attachment=@$file"
done
}
function gitea_api {
local path=$1
local args=${@:2}
curl -L \
--fail \
-u "$GITEA_RELEASE_USERNAME:$GITEA_RELEASE_PASSWORD" \
${args} \
"$GITEA_RELEASE_BASE_URL/api/v1$path"
}
function main {
check_dependencies
source_env_file
check_environment
ask_credentials
retrieve_commitish_target
retrieve_version
local release=$(create_release)
upload_release_attachments "$release"
}
main

7
resources/com/cadoles/tamarin/Dockerfile
View File

@ -1,17 +1,16 @@
FROM alpine:3.12
FROM alpine:latest
ARG HTTP_PROXY=
ARG HTTPS_PROXY=
ARG http_proxy=
ARG https_proxy=
ARG TAMARIN_VERSION=develop
RUN apk add --no-cache git docker python3 bash openssl curl
RUN curl -k https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash
RUN git clone http://forge.cadoles.com/Cadoles/Tamarin /tamarin\
ARG TAMARIN_VERSION=feature/doc-compile
RUN git clone https://forge.cadoles.com/Cadoles/Tamarin /tamarin\
&& cd /tamarin\
&& git checkout ${TAMARIN_VERSION}

2
resources/com/cadoles/tamarin/run-tamarin.sh
View File

@ -28,6 +28,6 @@ DEST_DIR=${TAMARIN_DEST_DIR:-dist}
mkdir -p ${DEST_DIR}
for f in /dist/*; do
if [ -e "$f" ]; then
cp "$f" ./${DEST_DIR}
cp -r "$f" ./${DEST_DIR}
fi
done

246
vars/compileDoc.groovy Normal file
View File

@ -0,0 +1,246 @@
// Pipeline de construction des images Docker des services Zéphir
def call() {
def buildTag
def gitEmail = params.gitEmail ? params.gitEmail : 'jenkins@cadoles.com'
def gitUsername = params.gitUsername ? params.gitUsername : 'Jenkins'
pipeline {
agent any
environment {
projectDir = "${env.project_name}_${env.BUILD_ID}"
}
triggers {
// Execute pipeline every day at 7h30 to prepare docker images
cron('30 7 * * 1-5')
}
parameters {
string(
name: 'targetUrl',
description: 'URL cible pour le dépôt de fichier',
defaultValue: 'https://nextcloud.cadoles.com/nextcloud'
)
string(
name: 'targetFolder',
description: 'Répertoire racine cible partagé avec lutilisateur',
defaultValue: 'Cadoles Formation'
)
string(
name: 'credentialsId',
description: "Identifiant du compte de type login/mot de passe",
defaultValue: 'nextcloud-user-for-formation-documents'
)
}
stages {
stage("Prepare build environment") {
when {
anyOf {
triggeredBy cause: "UserIdCause", detail: "bbohard"
triggeredBy 'TimerTrigger'
}
}
steps {
script {
tamarin.prepareEnvironment()
}
}
}
stage("Build doc") {
when {
not {
triggeredBy 'TimerTrigger'
}
}
steps {
script {
stage("Check tag") {
buildTag = env.ref
if (!buildTag.startsWith('build/')) {
currentBuild.result= 'ABORTED'
error("La référence `${buildTag}` nest pas une demande de paquet valide.")
}
}
stage("Clone repository") {
checkout scm:
[
$class: 'GitSCM',
userRemoteConfigs: [[url: env.repository_url, credentialsId: 'jenkins-forge-ssh']],
branches: [[name: env.ref]],
extensions: [
[$class: 'RelativeTargetDirectory', relativeTargetDir: env.projectDir ],
[$class: 'CloneOption', noTags: false, shallow: false, depth: 0, reference: ''],
[$class: 'WipeWorkspace' ]
]
],
changelog: false,
poll: false
}
stage("Checkout ref") {
dir(env.projectDir) {
sh """
git checkout ${env.ref}
"""
return
}
}
stage("Compile document") {
dir(env.projectDir) {
def date = new Date()
def dateTag = date.format('yyyyMMdd')
def splittedTag = env.ref.split('/')
def docProfile = splittedTag[1]
withCredentials([
usernamePassword(
credentialsId: params.credentialsId,
usernameVariable: "NEXTCLOUD_USER",
passwordVariable: "NEXTCLOUD_PASSWORD"
)
]) {
targetFolder = targetFolder.replace(' ', '%20')
def rootFolder = "${params.targetUrl}/remote.php/dav/files/${NEXTCLOUD_USER}/${targetFolder}"
def projectName = env.project_name
def destFolder = "${projectName}/${docProfile}"
def result = tamarin.compileDoc(env.buildProfile)
if(result.size() == 0) {
error('No artefact produced')
}
println(result)
if(docProfile != 'draft') {
def publicFolder = "${destFolder}/latest/public"
def privateFolder = "${destFolder}/latest/private"
def archivePublicFolder = "${destFolder}/archive/${dateTag}/public"
def archivePrivateFolder = "${destFolder}/archive/${dateTag}/private"
createWebDAVFolder (params.credentialsId, rootFolder, publicFolder)
createWebDAVFolder (params.credentialsId, rootFolder, privateFolder)
createWebDAVFolder (params.credentialsId, rootFolder, archivePublicFolder)
createWebDAVFolder (params.credentialsId, rootFolder, archivePrivateFolder)
result.each { r ->
println(r)
splittedDest = r.split('/')
if(splittedDest[2] == 'public') {
def destPath = "${rootFolder}/${publicFolder}/${splittedDest[-1]}"
def destArchivePath = "${rootFolder}/${archivePublicFolder}/${splittedDest[-1]}"
copyWebDAVFile (params.credentialsId, r, destPath)
copyWebDAVFile (params.credentialsId, r, destArchivePath)
} else {
def destPath = "${rootFolder}/${privateFolder}/${splittedDest[-1]}"
def destArchivePath = "${rootFolder}/${archivePrivateFolder}/${splittedDest[-1]}"
copyWebDAVFile (params.credentialsId, r, destPath)
copyWebDAVFile (params.credentialsId, r, destArchivePath)
}
}
} else {
def draftPublicFolder = "${destFolder}/public"
def draftPrivateFolder = "${destFolder}/private"
createWebDAVFolder (params.credentialsId, rootFolder, draftPublicFolder)
createWebDAVFolder (params.credentialsId, rootFolder, draftPrivateFolder)
result.each { r ->
println(r)
splittedDest = r.split('/')
if(splittedDest[2] == 'public') {
def destPath = "${rootFolder}/${draftPublicFolder}/${splittedDest[-1]}"
copyWebDAVFile (params.credentialsId, r, destPath)
} else {
def destPath = "${rootFolder}/${draftPrivateFolder}/${splittedDest[-1]}"
copyWebDAVFile (params.credentialsId, r, destPath)
}
}
}
}
withCredentials([sshUserPrivateKey(credentialsId: 'jenkins-forge-ssh', keyFileVariable: 'FORGE_SSH_KEY')]) {
writeFile(
file : "./sshForJenkins.sh",
text: '''
#!/bin/sh
ssh -i "${FORGE_SSH_KEY}" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null "$@"
'''
)
sh(script: "chmod +x ./sshForJenkins.sh")
if (docProfile != 'draft') {
withEnv(["GIT_SSH=./sshForJenkins.sh"]) {
// Add git username/email
sh("git config user.email '${gitEmail}'")
sh("git config user.username '${gitUsername}'")
sh """
git tag -am "paquet" release/v${dateTag}
"""
sh """
git push --tags origin
"""
}
}
withEnv(["GIT_SSH=./sshForJenkins.sh"]) {
// Add git username/email
sh("git config user.email '${gitEmail}'")
sh("git config user.username '${gitUsername}'")
sh """
git tag -d ${env.ref}
git push origin :${env.ref}
"""
}
}
}
}
}
}
}
}
}
}
def createWebDAVFolder (
String creds,
String rootUrl,
String folder
) {
withCredentials([
usernamePassword(
credentialsId: creds,
usernameVariable: "NEXTCLOUD_USER",
passwordVariable: "NEXTCLOUD_PASSWORD"
)
]) {
println(rootUrl)
println(folder)
def splittedFolder = folder.split('/')
splittedFolder.eachWithIndex { subfolder, i ->
def newFolder = ""
if(i == 0) {
newFolder = subfolder
} else {
def prec = i - 1
def parentFolder = splittedFolder[0..prec].join('/')
newFolder = "${parentFolder}/${subfolder}"
}
println(newFolder)
sh 'curl -X MKCOL --user ${NEXTCLOUD_USER}:${NEXTCLOUD_PASSWORD} --basic ' + "${rootUrl}/${newFolder}"
}
}
}
def copyWebDAVFile (
String creds,
String newFile,
String destUrl
) {
withCredentials([
usernamePassword(
credentialsId: creds,
usernameVariable: "NEXTCLOUD_USER",
passwordVariable: "NEXTCLOUD_PASSWORD"
)
]) {
sh "curl -T ${newFile}" + ' --user ${NEXTCLOUD_USER}:${NEXTCLOUD_PASSWORD} --basic ' + destUrl
}
}

60
vars/gitea.groovy
View File

@ -3,7 +3,7 @@ def commentPullRequest(String repo, String issueId, String comment, Integer comm
withCredentials([
string(credentialsId: 'GITEA_JENKINS_PERSONAL_TOKEN', variable: 'GITEA_TOKEN'),
]) {
writeFile(file: '.prComment', text: comment)
writeFile(file: ".prComment", text: comment)
sh """#!/bin/bash
set -xeo pipefail
@ -38,61 +38,3 @@ def commentPullRequest(String repo, String issueId, String comment, Integer comm
"""
}
}
// Effectue une "release" sur Gitea pour le <ORG>/<PROJET> donné.
def release(String credentialsId, String org, String project, Map options = [:]) {
def isDraft = options.get('isDraft', false)
def baseUrl = options.get('baseUrl', 'https://forge.cadoles.com')
def defaultVersion = sh(returnStdout: true, script: 'git describe --always').trim()
def releaseVersion = options.get('releaseVersion', defaultVersion)
def commitishTarget = options.get('commitishTarget', env.GIT_COMMIT)
def defaultIsPrerelease = true
try {
sh(script: "git describe --exact-match ${GIT_COMMIT}")
defaultIsPrerelease = false
} catch (err) {
println "Could not find tag associated with commit '${GIT_COMMIT}' ! Using 'prerelease' as default."
}
def isPrerelease = options.get('isPrerelease', defaultIsPrerelease)
def body = options.get('body', '')
def attachments = options.get('attachments', [])
def scriptTempDir = ".gitea-release-script-${System.currentTimeMillis()}"
sh("mkdir -p '${scriptTempDir}'")
def giteaReleaseScript = "${scriptTempDir}/gitea-release.sh"
def giteaReleaseScriptContent = libraryResource 'com/cadoles/gitea/gitea-release.sh'
writeFile file: giteaReleaseScript, text:giteaReleaseScriptContent
sh("chmod +x '${giteaReleaseScript}'")
try {
withCredentials([
usernamePassword(
credentialsId: credentialsId,
usernameVariable: 'GITEA_RELEASE_USERNAME',
passwordVariable: 'GITEA_RELEASE_PASSWORD'
)
]) {
sh """
export GITEA_RELEASE_PROJECT="${project}"
export GITEA_RELEASE_ORG="${org}"
export GITEA_RELEASE_BASE_URL="${baseUrl}"
export GITEA_RELEASE_VERSION="${releaseVersion}"
export GITEA_RELEASE_COMMITISH_TARGET="${commitishTarget}"
export GITEA_RELEASE_IS_DRAFT="${isDraft}"
export GITEA_RELEASE_IS_PRERELEASE="${isPrerelease}"
export GITEA_RELEASE_BODY="${body}"
export GITEA_RELEASE_ATTACHMENTS="${attachments.join(' ')}"
${giteaReleaseScript}
"""
}
} finally {
dir(scriptTempDir) {
deleteDir()
}
}
}

37
vars/tamarin.groovy
View File

@ -67,6 +67,7 @@ def buildPackage(
stage("Run Tamarin") {
def dockerArgs = """
-u 0
-v /var/run/docker.sock:/var/run/docker.sock
${forceRebuild ? '-e TAMARIN_FORCE_REBUILD=1' : ''}
${packageArch ? '-e TAMARIN_PACKAGE_ARCH='+packageArch : ''}
@ -89,6 +90,41 @@ def buildPackage(
}
def compileDoc(
String buildProfile,
String destDir = "./packages",
Boolean forceRebuild = false
) {
def tamarinImage
def packages = []
stage("Create Tamarin environment") {
tamarinImage = buildDockerImage()
}
stage("Run Tamarin") {
def dockerArgs = """
-u 0
-v /var/run/docker.sock:/var/run/docker.sock
-e TAMARIN_PROFILE=${buildProfile}
-e TAMARIN_DEST_DIR=${destDir}
""".stripIndent()
tamarinImage.inside(dockerArgs) {
sh 'run-tamarin'
}
packages = sh(script: "find '${destDir}' -type f -name *.pdf", returnStdout: true)
.split('\n')
.collect { return it.trim() }
.findAll { it != '' }
}
println(packages)
return packages
}
def prepareEnvironment(
String packageProfile = "debian",
String baseImage = ""
@ -101,6 +137,7 @@ def prepareEnvironment(
stage("Prepare Tamarin") {
def dockerArgs = """
-u 0
-v /var/run/docker.sock:/var/run/docker.sock
${baseImage ? '-e TAMARIN_BASE_IMAGE='+baseImage : ''}
${packageProfile ? '-e TAMARIN_PROFILE='+packageProfile : ''}