Cadoles/Jenkins
22
0
Fork 0
Code Issues 3 Pull Requests Releases Wiki Activity

Compare commits

base: Cadoles:gitea-release
Branches Tags
Cadoles:master Cadoles:gitea-package Cadoles:podman Cadoles:pipeline/compile_doc_formation Cadoles:cpkg-auto-version Cadoles:gitea-release Cadoles:pipeline/packaging_pulp Cadoles:symfony-pipeline Cadoles:pipeline/empaquetage_pulp Cadoles:build_pipeline_bbohard Cadoles:pa11y-audit Cadoles:hooks Cadoles:nebula Cadoles:redesign-tamarin
..
compare: Cadoles:pipeline/packaging_pulp
Branches Tags
Cadoles:master Cadoles:gitea-package Cadoles:podman Cadoles:pipeline/compile_doc_formation Cadoles:cpkg-auto-version Cadoles:gitea-release Cadoles:pipeline/packaging_pulp Cadoles:symfony-pipeline Cadoles:pipeline/empaquetage_pulp Cadoles:build_pipeline_bbohard Cadoles:pa11y-audit Cadoles:hooks Cadoles:nebula Cadoles:redesign-tamarin

42 Commits
gitea-rele ... pipeline/p

Author SHA1 Message Date
Benjamin Bohard
6fa3cdf8c1 Le paramètre doit être de type string
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-07-06 14:31:04 +02:00
vfebvre
ac4c65d930 gpg pour tous
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-07-05 14:28:28 +02:00
vfebvre
69884d7384 change user pulp api
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-06-15 14:33:06 +02:00
vfebvre
63af3c7121 retour en arrière
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-06-07 11:22:21 +02:00
vfebvre
a31b64b5b6 test déclaration des paramètres de manière globale
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-06-07 10:50:23 +02:00
vfebvre
5112fc5d88 test déclaration des paramètres de manière globale
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-06-07 10:43:42 +02:00
vfebvre
c0bc85f860 correction variable
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-06-03 15:18:47 +02:00
vfebvre
60769e3c68 ajout variable globale
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-06-03 15:05:29 +02:00
vfebvre
7d61382247 ajout variable globale
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-06-03 14:24:18 +02:00
vfebvre
d1757bc028 configuration nouvelle branche
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-06-01 16:51:16 +02:00
vfebvre
0314146633 ajout groovy pour pulp.cadoles.com
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-06-01 16:29:02 +02:00
Benjamin Bohard
71f5fbfe78 Correction du code de retour d’une requête POST
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-29 09:54:05 +02:00
Benjamin Bohard
97abfb0ade Restreindre les codes retours valides
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-03-28 15:03:32 +02:00
Benjamin Bohard
44764866a8 Sortir de la boucle lorsqu’une tâche est en erreur
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-28 12:15:38 +02:00
Benjamin Bohard
1f6a71e0a9 Revert "Essai de chunk pour l’envoi des paquets"
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details 
This reverts commit fad3f5fdcc.
 2022-03-10 15:28:12 +01:00
Benjamin Bohard
a819b3d9a1 Revert "Erreur de syntaxe" 
This reverts commit 4153859453.
 2022-03-10 15:28:04 +01:00
Benjamin Bohard
4153859453 Erreur de syntaxe
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-10 15:03:20 +01:00
Benjamin Bohard
fad3f5fdcc Essai de chunk pour l’envoi des paquets
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-10 14:47:33 +01:00
Benjamin Bohard
8268ac2a0d Suppression des modifications pour debug
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-03-01 16:50:06 +01:00
Benjamin Bohard
b4bb6dd7d6 Erreur de nom de paramètre pour la requête
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-01 16:39:06 +01:00
Benjamin Bohard
3897b60ef7 Debug erreur 400
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-01 16:30:14 +01:00
Benjamin Bohard
61b88898d8 Debug publication error
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-03-01 16:21:31 +01:00
Benjamin Bohard
493e9afd64 Mauvaise variable suite à réécriture
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-02-10 15:05:22 +01:00
Benjamin Bohard
fe3c728823 mélange de dromadaire et de serpent
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-10 14:49:35 +01:00
Benjamin Bohard
5db4a47b13 paramètre manquant
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-10 14:27:49 +01:00
Benjamin Bohard
8b6228fe4a Typo
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-10 12:01:22 +01:00
Benjamin Bohard
672531fc36 Typo
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-10 11:18:39 +01:00
Benjamin Bohard
7be6603e81 Typo
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-10 10:51:09 +01:00
Benjamin Bohard
c1cffc4d6f Automatiser la création des ressources en fonction du tag
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-10 10:26:05 +01:00
Benjamin Bohard
ad49ba869f Typo
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-02-09 22:53:00 +01:00
Benjamin Bohard
e16ccf8bf8 Erreur de syntaxe
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 21:48:40 +01:00
Benjamin Bohard
4dfdb53bad Distribution inconditionnelle
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 21:47:04 +01:00
Benjamin Bohard
331ba5fd6b Nettoyage
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 21:21:10 +01:00
Benjamin Bohard
b7c0f4e2ab debug response
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 21:03:53 +01:00
Benjamin Bohard
2969fb2a7c debug return content
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 20:43:21 +01:00
Benjamin Bohard
ab34e49bc1 Pas de tâche pour la création de dépôt
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 19:39:15 +01:00
Benjamin Bohard
5de4dfd4f8 Créer le dépôt si il n’existe pas
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 19:05:31 +01:00
Benjamin Bohard
1efbd7f5ee Erreur de syntaxe
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-09 10:02:00 +01:00
Benjamin Bohard
63c7b0b3a5 Changement de serveur pulp
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-08 09:28:59 +01:00
Benjamin Bohard
f16e377911 Suppression de la boucle et du découpage de la sortie standard
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-08 09:18:19 +01:00
Benjamin Bohard
4ce857ef7c Ajustements
Some checks failed
Cadoles/Jenkins/pipeline/head There was a failure building this commit
Details
2022-02-08 08:33:09 +01:00
Benjamin Bohard
471b11740e Modèle de jenkinsfile pour envoi de paquet vers pulp
All checks were successful
Cadoles/Jenkins/pipeline/head This commit looks good
Details
2022-01-25 15:30:39 +01:00
14 changed files with 504 additions and 560 deletions
Expand all files Collapse all files

231
Jenkinsfile vendored Normal file
View File

@ -0,0 +1,231 @@
@Library("cadoles@pipeline/packaging_pulp") _
pipeline {
agent {
label 'docker'
}
environment {
projectDir = "${env.project_name}_${env.BUILD_ID}"
}
triggers {
// Execute pipeline every day at 7h30 to prepare docker images
cron('30 7 * * 1-5')
}
stages {
stage("Prepare build environment") {
when {
anyOf {
triggeredBy cause: "UserIdCause", detail: "wpetit"
triggeredBy 'TimerTrigger'
}
}
steps {
script {
tamarin.prepareEnvironment()
}
}
}
stage("Package project") {
when {
not {
triggeredBy 'TimerTrigger'
}
}
steps {
script {
stage("Clone repository") {
checkout scm:
[
$class: 'GitSCM',
userRemoteConfigs: [[url: env.repository_url, credentialsId: 'jenkins-forge-ssh']],
branches: [[name: env.ref]],
extensions: [
[$class: 'RelativeTargetDirectory', relativeTargetDir: env.projectDir ],
[$class: 'CloneOption', noTags: false, shallow: false, depth: 0, reference: ''],
[$class: 'WipeWorkspace' ]
]
],
changelog: false,
poll: false
}
stage("Ensure packaging branch") {
dir(env.projectDir) {
sh 'git checkout "${packageBranch}"'
def commitOrRef = env.commit ? env.commit : env.ref
def branchesWithCommitOrRef = sh(script: "git branch --contains '${commitOrRef}'", returnStdout: true).split(' ')
if (branchesWithCommitOrRef.findAll{env.packageBranch.contains(it)}.any{true}) {
currentBuild.result = 'ABORTED'
error("La référence `${env.ref}` ne fait pas partie de la branche `${env.packageBranch}` !")
}
}
}
stage("Check [ci skip] in tag message") {
dir(env.projectDir) {
sh 'git checkout "${packageBranch}"'
def commitTags = sh(script: 'git describe --exact-match --abbrev=0', returnStdout: true).split(' ')
for (tag in commitTags) {
tag = tag.trim()
def tagMessage = sh(script: "git tag --format='%(subject)' -l '${tag}'", returnStdout: true).trim()
println("Tag '${tag}' message is: '${tagMessage}'")
if (tagMessage.contains('[ci skip]')) {
currentBuild.result = 'ABORTED'
error("Le message du tag '${tag}' contient le marqueur '[ci-skip]' !")
}
}
}
}
stage("Checkout ref") {
dir(env.projectDir) {
sh """
git checkout ${env.ref}
"""
}
}
stage("Build package") {
dir(env.projectDir) {
// On construit les paquets à partir des informations
// de contexte provenant de CPKG et du webhook
def result = tamarin.buildPackageWithCPKG(
env.packageProfile ? env.packageProfile : "debian",
env.packageArch ? env.packageArch : "",
env.packageBranch ? env.packageBranch : "",
env.baseImage ? env.baseImage : ""
)
// On publie chacun des paquets construits
def splittedTag = env.ref.split('/')
def repositoryName = "${splittedTag[2]} ${splittedTag[1]}"
def distributionName = repositoryName
def basePath = repositoryName.replace(' ', '-')
def product = splittedTag[2].split('-')[0]
def contentGuardMapping = ['mse': 'mse_contentguard']
def signingServiceMapping = ['mse': 'sign_deb_release']
def credentials = 'jenkins-pulp-api-client'
def repositoryHREF = pulp.getRepositoryHREF(credentials, repositoryName)
def exportTasks = pulp.exportPackages(credentials, result.packages)
def pulpPackages = []
exportTasks.each {
def created_resources = pulp.waitForTaskCompletion(credentials, it)
for (created_resource in created_resources) {
pulpPackages << created_resource
}
}
pulp.addToRepository(credentials, pulpPackages, repositoryHREF)
// def publicationHREF = pulp.publishRepository(credentials, repositoryHREF, signingServiceMapping.get(product))
def publicationHREF = pulp.publishRepository(credentials, repositoryHREF, 'sign_deb_release')
def distributionHREF = pulp.distributePublication(credentials, publicationHREF[0], distributionName, basePath, contentGuardMapping.get(product))
def distributionURL = pulp.getDistributionURL(credentials, distributionHREF[0])
// On liste l'ensemble des paquets construits
def publishedPackages = result.packages.collect { p ->
def file = new File(p)
return "- Paquet `${file.getName()}`, Dépôt `${result.env}`, Distribution `${result.distrib}`, URL `${distributionURL}`"
}
// On notifie le canal Rocket.Chat de la publication des paquets
rocketSend (
avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
message: """
Les paquets suivants ont été publiés pour le projet ${env.project_name}:
${publishedPackages.join('\n')}
[Visualiser le job](${env.RUN_DISPLAY_URL})
@${env.sender_login}
""".stripIndent(),
rawMessage: true,
attachments: lolops.getRandomDeliveryAttachment()
)
if (env.testPackageInstall != 'yes') {
println "Test d'intallation des paquets désactivé."
return
}
// On essaye de trouver un template de VM compatible
// avec la distribution cible de la construction
def vmTemplate = findMatchingVMTemplate(result.distrib)
if (vmTemplate == null) {
println "Aucun template de VM n'a été trouvé correspondant à la distribution `${result.distrib}`."
return
}
// Pour chaque paquets construits...
result.packages.each { p ->
def packageFullName = new File(p).getName()
def packageRepository = result.distrib.split('-')[1] + '-' + result.env
def packageNameParts = packageFullName.split('_')
def packageName = packageNameParts[0]
def packageVersion = packageNameParts[1]
stage("Test package '${packageName}' installation") {
build job: 'Test de paquet Debian', wait: false, parameters: [
[$class: 'StringParameterValue', name: 'packageName', value: packageName],
[$class: 'StringParameterValue', name: 'packageVersion', value: packageVersion],
[$class: 'StringParameterValue', name: 'packageRepository', value: packageRepository],
[$class: 'StringParameterValue', name: 'vmTemplate', value: vmTemplate]
]
}
}
}
}
}
}
post {
always {
sh "rm -rf '${env.projectDir}'"
}
}
}
}
}
// Cette fonction fait un simple "mapping"
// entre les distributions cibles des paquets et
// les templates de VM disponibles sur l'OpenNebula
def findMatchingVMTemplate(String distrib) {
def vmTemplatesMap = [
'eole-2.7.0': 'eolebase-2.7.0-cadoles',
'eole-2.6.2': 'eolebase-2.6.2-cadoles'
]
return vmTemplatesMap.get(distrib, null)
}
def waitForPackages(String tagRef, buildResults) {
def packageVersion = tagRef.split('/')[3];
def packageDistrib = env.packageBranch.split('/')[2];
buildResults.each { r ->
def distrib = "${packageDistrib}-${r.env}"
r.packages.each { p ->
def file = new File(p)
def fileNameParts = file.getName().take(file.getName().lastIndexOf('.')).split('_')
def packageName = fileNameParts[0]
def packageArch = fileNameParts[2]
debian.waitForRepoPackage(packageName, [
baseURL: 'https://vulcain.cadoles.com',
distrib: distrib,
component: 'main',
type: 'binary',
arch: packageArch,
expectedVersion: packageVersion
])
}
}
}

12
pipelines/mse-rgaa.jenkinsfile
View File

@ -18,7 +18,7 @@ pipeline {
agent { agent {
node { node {
label "docker" label "mse"
} }
} }
@ -48,7 +48,7 @@ pipeline {
junit "*.xml" junit "*.xml"
rocketSend ( rocketSend (
channel: "#cnous-mse", channel: "#cnous-mse-dev",
avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png', avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
message: """ message: """
Audit RGAA | ${testStatuses()} Audit RGAA | ${testStatuses()}
@ -65,14 +65,6 @@ pipeline {
} }
} }
post {
always {
cleanWs()
}
}
} }
@NonCPS @NonCPS

153
resources/com/cadoles/gitea/gitea-release.sh
View File

@ -1,153 +0,0 @@
#!/bin/bash
set -eo pipefail
GITEA_RELEASE_PROJECT=${GITEA_RELEASE_PROJECT}
GITEA_RELEASE_ORG=${GITEA_RELEASE_ORG}
GITEA_RELEASE_BASE_URL=${GITEA_BASE_URL:-https://forge.cadoles.com}
GITEA_RELEASE_USERNAME=${GITEA_RELEASE_USERNAME}
GITEA_RELEASE_PASSWORD=${GITEA_RELEASE_PASSWORD}
GITEA_RELEASE_VERSION=${GITEA_RELEASE_VERSION}
GITEA_RELEASE_COMMITISH_TARGET=${GITEA_RELEASE_COMMITISH_TARGET}
GITEA_RELEASE_IS_DRAFT=${GITEA_RELEASE_IS_DRAFT:-false}
GITEA_RELEASE_IS_PRERELEASE=${GITEA_RELEASE_IS_PRERELEASE:-true}
GITEA_RELEASE_BODY=${GITEA_RELEASE_BODY}
GITEA_RELEASE_ATTACHMENTS=${GITEA_RELEASE_ATTACHMENTS}
function check_dependencies {
assert_command_available 'curl'
assert_command_available 'jq'
}
function assert_command_available {
local command=$1
local command_path=$(which $command)
if [ -z "$command_path" ]; then
echo "The '$command' command could not be found. Please install it before using this script." 1>&2
exit 1
fi
}
function check_environment {
assert_environment GITEA_RELEASE_PROJECT
assert_environment GITEA_RELEASE_ORG
assert_environment GITEA_RELEASE_BASE_URL
}
function source_env_file {
if [ ! -f '.env' ]; then
return 0
fi
set -o allexport
source .env
set +o allexport
}
function assert_environment {
local name=$1
local value=${!name}
if [ -z "$value" ]; then
echo "The $"$name" environment variable is empty." 1>&2
exit 1
fi
}
function ask_credentials {
if [ -z "$GITEA_RELEASE_USERNAME" ]; then
echo -n "Username: "
read GITEA_RELEASE_USERNAME
fi
if [ -z "$GITEA_RELEASE_PASSWORD" ]; then
echo -n "Password: "
stty -echo
read GITEA_RELEASE_PASSWORD
stty echo
echo
fi
}
function retrieve_version {
if [ ! -z "$GITEA_RELEASE_VERSION" ]; then
return
fi
set +e
GITEA_RELEASE_VERSION=$(git describe --abbrev=0 --tags 2>/dev/null)
GITEA_RELEASE_VERSION=${GITEA_RELEASE_VERSION}
set -e
}
function retrieve_commitish_target {
if [ ! -z "$GITEA_RELEASE_COMMITISH_TARGET" ]; then
return
fi
GITEA_RELEASE_COMMITISH_TARGET=$(git log -n 1 --pretty="format:%h")
}
function create_release {
local payload={}
payload=$(json_set "$payload" body "\"$GITEA_RELEASE_BODY\"")
payload=$(json_set "$payload" draft $GITEA_RELEASE_IS_DRAFT)
payload=$(json_set "$payload" name "\"$GITEA_RELEASE_VERSION\"")
payload=$(json_set "$payload" prerelease $GITEA_RELEASE_IS_PRERELEASE)
payload=$(json_set "$payload" tag_name "\"${GITEA_RELEASE_VERSION:-$GITEA_RELEASE_COMMITISH_TARGET}\"")
payload=$(json_set "$payload" target_commitish "\"$GITEA_RELEASE_COMMITISH_TARGET\"")
gitea_api "/repos/$GITEA_RELEASE_ORG/$GITEA_RELEASE_PROJECT/releases" \
-H "Content-Type:application/json" \
-d "$payload"
}
function json_set {
local data=$1
local key=$2
local value=$3
echo $data | jq -cr --argjson v "$value" --arg k "$key" '.[$k] = $v'
}
function upload_release_attachments {
local release="$1"
local release_id=$(echo "$release" | jq -r .id)
if [ -z "$GITEA_RELEASE_ATTACHMENTS" ]; then
set +e
GITEA_RELEASE_ATTACHMENTS="$(ls release/*.{tar.gz,zip} 2>/dev/null)"
set -e
fi
for file in $GITEA_RELEASE_ATTACHMENTS; do
local filename=$(basename "$file")
gitea_api "/repos/$GITEA_RELEASE_ORG/$GITEA_RELEASE_PROJECT/releases/$release_id/assets?name=$filename" \
-H "Content-Type:multipart/form-data" \
-F "attachment=@$file"
done
}
function gitea_api {
local path=$1
local args=${@:2}
curl -L \
--fail \
-u "$GITEA_RELEASE_USERNAME:$GITEA_RELEASE_PASSWORD" \
${args} \
"$GITEA_RELEASE_BASE_URL/api/v1$path"
}
function main {
check_dependencies
source_env_file
check_environment
ask_credentials
retrieve_commitish_target
retrieve_version
local release=$(create_release)
upload_release_attachments "$release"
}
main

2
resources/com/cadoles/pa11y/Dockerfile
View File

@ -35,7 +35,7 @@ RUN apk add --no-cache \
chromium \ chromium \
bash bash
RUN PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1 npm install -g pa11y@^5.0.0 pa11y-reporter-html@^1.0.0 pa11y-reporter-junit RUN PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1 npm install -g pa11y pa11y-reporter-html@^1.0.0 pa11y-reporter-junit
RUN adduser -D pa11y RUN adduser -D pa11y

1
resources/com/cadoles/pa11y/run-audit.sh
View File

@ -9,7 +9,6 @@ cd reports
export PUPPETEER_EXECUTABLE_PATH=$(which chromium-browser) export PUPPETEER_EXECUTABLE_PATH=$(which chromium-browser)
export PA11Y_REPORTER="${PA11Y_REPORTER:-html}" export PA11Y_REPORTER="${PA11Y_REPORTER:-html}"
export PA11Y_STANDARD=${PA11Y_STANDARD:-WCAG2AA}
PA11Y_ARGS="" PA11Y_ARGS=""

41
resources/com/cadoles/symfony/.php-cs-fixer.dist.php
View File

@ -1,41 +0,0 @@
<?php
$finder = PhpCsFixer\Finder::create()
->in(__DIR__.'/src')
->name('*.php')
;
return (new PhpCsFixer\Config())
->setRules([
'@Symfony' => true,
'concat_space' => ['spacing' => 'none'],
'array_syntax' => ['syntax' => 'short'],
'combine_consecutive_issets' => true,
'explicit_indirect_variable' => true,
'no_useless_return' => true,
'ordered_imports' => true,
'no_unused_imports' => true,
'no_spaces_after_function_name' => true,
'no_spaces_inside_parenthesis' => true,
'ternary_operator_spaces' => true,
'class_definition' => ['single_line' => true],
'whitespace_after_comma_in_array' => true,
'phpdoc_add_missing_param_annotation' => ['only_untyped' => true],
'phpdoc_order' => true,
'phpdoc_types_order' => [
'null_adjustment' => 'always_last',
'sort_algorithm' => 'alpha',
],
'phpdoc_no_empty_return' => false,
'phpdoc_summary' => false,
'general_phpdoc_annotation_remove' => [
'annotations' => [
'expectedExceptionMessageRegExp',
'expectedException',
'expectedExceptionMessage',
'author',
],
],
])
->setFinder($finder)
;

42
resources/com/cadoles/symfony/Dockerfile
View File

@ -1,42 +0,0 @@
ARG PHP_SECURITY_CHECKER_VERSION=1.0.0
ARG JQ_VERSION=1.6
RUN apt update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \
wget tar curl ca-certificates \
openssl bash git unzip \
php-cli php-dom php-mbstring php-ctype php-xml php-iconv
COPY add-letsencrypt-ca.sh /root/add-letsencrypt-ca.sh
RUN bash /root/add-letsencrypt-ca.sh \
&& rm -f /root/add-letsencrypt-ca.sh
RUN wget -O /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 \
&& chmod +x /usr/local/bin/jq
# Install local-php-security-checker
RUN wget -O /usr/local/bin/local-php-security-checker https://github.com/fabpot/local-php-security-checker/releases/download/v${PHP_SECURITY_CHECKER_VERSION}/local-php-security-checker_${PHP_SECURITY_CHECKER_VERSION}_linux_amd64 \
&& chmod +x /usr/local/bin/local-php-security-checker
# Install junit2md
RUN junit2md_download_url=$(curl "https://forge.cadoles.com/api/v1/repos/Cadoles/junit2md/releases" -H "accept:application/json" | jq -r 'sort_by(.published_at) | reverse | .[0] | .assets[] | select(.name == "junit2md-linux-amd64.tar.gz") | .browser_download_url') \
&& wget -O junit2md-linux-amd64.tar.gz "$junit2md_download_url" \
&& tar -xzf junit2md-linux-amd64.tar.gz \
&& cp junit2md-linux-amd64/junit2md /usr/local/bin/junit2md
# Install composer
RUN wget https://raw.githubusercontent.com/composer/getcomposer.org/76a7060ccb93902cd7576b67264ad91c8a2700e2/web/installer -O - -q | php -- --force --install-dir /usr/local/bin --filename composer \
&& chmod +x /usr/local/bin/composer
# Install php-cs-fixer
RUN mkdir --parents /tools/php-cs-fixer \
&& composer require --working-dir=/tools/php-cs-fixer friendsofphp/php-cs-fixer \
&& ln -s /tools/php-cs-fixer/vendor/bin/php-cs-fixer /usr/local/bin/php-cs-fixer
# Install php-stan
RUN mkdir --parents /tools/phpstan \
&& composer require --working-dir=/tools/phpstan phpstan/phpstan \
&& ln -s /tools/phpstan/vendor/bin/phpstan /usr/local/bin/phpstan \
&& composer require --working-dir=/tools/phpstan phpstan/phpstan-symfony \
&& composer require --working-dir=/tools/phpstan phpstan/phpstan-doctrine

4
resources/com/cadoles/symfony/phpstan.neon
View File

@ -1,4 +0,0 @@
includes:
- /tools/phpstan/vendor/phpstan/phpstan-symfony/extension.neon
- /tools/phpstan/vendor/phpstan/phpstan-doctrine/extension.neon
- /tools/phpstan/vendor/phpstan/phpstan-doctrine/rules.neon

10
vars/debian.groovy
View File

@ -2,7 +2,6 @@ def waitForRepoPackage(String packageName, Map params = [:]) {
def expectedVersion = params.expectedVersion ? params.expectedVersion : null def expectedVersion = params.expectedVersion ? params.expectedVersion : null
def delay = params.delay ? params.delay : 30 def delay = params.delay ? params.delay : 30
def waitTimeout = params.timeout ? params.timeout : 2400 def waitTimeout = params.timeout ? params.timeout : 2400
def asPattern = params.containsKey("asPattern") ? params.asPattern : true
def message = "Waiting for package '${packageName}'" def message = "Waiting for package '${packageName}'"
if (expectedVersion != null) { if (expectedVersion != null) {
@ -29,9 +28,7 @@ def waitForRepoPackage(String packageName, Map params = [:]) {
} }
def versionFound = packages.find { def versionFound = packages.find {
def matches = asPattern ? it['version'] =~ expectedVersion : it['version'] == expectedVersion return it['version'] =~ expectedVersion
println("Comparing expected version '${expectedVersion}' to '${it['version']}': ${matches}")
return matches
} }
if (versionFound) { if (versionFound) {
@ -79,10 +76,5 @@ def listRepoPackages(Map params = [:]) {
} }
} }
println "Found packages:"
packages.each{
println " - Package: ${it.key}, Version: ${it.value['version']}"
}
return packages return packages
} }

98
vars/gitea.groovy
View File

@ -1,98 +0,0 @@
def commentPullRequest(String repo, String issueId, String comment, Integer commentIndex = 0) {
comment = comment.replaceAll('"', '\\"')
withCredentials([
string(credentialsId: 'GITEA_JENKINS_PERSONAL_TOKEN', variable: 'GITEA_TOKEN'),
]) {
writeFile(file: '.prComment', text: comment)
sh """#!/bin/bash
set -xeo pipefail
# Récupération si il existe du commentaire existant
previous_comment_id=\$(curl -v --fail \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
https://forge.cadoles.com/api/v1/repos/${repo}/issues/${issueId}/comments \
| jq -c '[ .[] | select(.user.login=="jenkins") ] | .[${commentIndex}] | .id' \
)
# Génération du payload pour l'API Gitea
echo '{}' | jq -c --rawfile body .prComment '.body = \$body' > payload.json
if [[ "\$previous_comment_id" == "null" ]]; then
# Création du commentaire via l'API Gitea
curl -v --fail \
-XPOST \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d @payload.json \
https://forge.cadoles.com/api/v1/repos/${repo}/issues/${issueId}/comments
else
# Modification du commentaire existant
curl -v --fail \
-XPATCH \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
-d @payload.json \
https://forge.cadoles.com/api/v1/repos/${repo}/issues/comments/\$previous_comment_id
fi
"""
}
}
// Effectue une "release" sur Gitea pour le <ORG>/<PROJET> donné.
def release(String credentialsId, String org, String project, Map options = [:]) {
def isDraft = options.get('isDraft', false)
def baseUrl = options.get('baseUrl', 'https://forge.cadoles.com')
def defaultVersion = sh(returnStdout: true, script: 'git describe --always').trim()
def releaseVersion = options.get('releaseVersion', defaultVersion)
def commitishTarget = options.get('commitishTarget', env.GIT_COMMIT)
def defaultIsPrerelease = true
try {
sh(script: "git describe --exact-match ${GIT_COMMIT}")
defaultIsPrerelease = false
} catch (err) {
println "Could not find tag associated with commit '${GIT_COMMIT}' ! Using 'prerelease' as default."
}
def isPrerelease = options.get('isPrerelease', defaultIsPrerelease)
def body = options.get('body', '')
def attachments = options.get('attachments', [])
def scriptTempDir = ".gitea-release-script-${System.currentTimeMillis()}"
sh("mkdir -p '${scriptTempDir}'")
def giteaReleaseScript = "${scriptTempDir}/gitea-release.sh"
def giteaReleaseScriptContent = libraryResource 'com/cadoles/gitea/gitea-release.sh'
writeFile file: giteaReleaseScript, text:giteaReleaseScriptContent
sh("chmod +x '${giteaReleaseScript}'")
try {
withCredentials([
usernamePassword(
credentialsId: credentialsId,
usernameVariable: 'GITEA_RELEASE_USERNAME',
passwordVariable: 'GITEA_RELEASE_PASSWORD'
)
]) {
sh """
export GITEA_RELEASE_PROJECT="${project}"
export GITEA_RELEASE_ORG="${org}"
export GITEA_RELEASE_BASE_URL="${baseUrl}"
export GITEA_RELEASE_VERSION="${releaseVersion}"
export GITEA_RELEASE_COMMITISH_TARGET="${commitishTarget}"
export GITEA_RELEASE_IS_DRAFT="${isDraft}"
export GITEA_RELEASE_IS_PRERELEASE="${isPrerelease}"
export GITEA_RELEASE_BODY="${body}"
export GITEA_RELEASE_ATTACHMENTS="${attachments.join(' ')}"
${giteaReleaseScript}
"""
}
} finally {
dir(scriptTempDir) {
deleteDir()
}
}
}

139
vars/pulp.groovy
View File

@ -1,43 +1,88 @@
import groovy.json.JsonOutput import groovy.json.JsonOutput
def getResourceHREF(
String credentials,
String resourceEndpoint,
String resourceName,
String pulpHost = 'pulp.cadoles.com'
) {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/${resourceEndpoint}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
def jsonResponse = readJSON text: response.content
def resource = jsonResponse.results.find { it -> it.name == resourceName}
if (resource) {
return resource.pulp_href
}
return null
}
def waitForTaskCompletion(
String credentials,
String taskHREF,
String pulpHost = 'pulp.cadoles.com'
) {
def status = ''
def created_resources = []
while (status != 'completed') {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${taskHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
def jsonResponse = readJSON text: response.content
status = jsonResponse.state
if (status == 'completed') {
return jsonResponse.created_resources
} else if (!(status in ['running','waiting'])) {
break
}
sleep(10)
}
throw new Exception("Task failed:" + jsonResponse.error.description)
}
def exportPackages( def exportPackages(
String credentials, String credentials,
List packages = [], List packages = [],
String pulpHost = 'pulp.bbohard.lan' String pulpHost = 'pulp.cadoles.com'
) { ) {
def exportTasks = [] def exportTasks = []
packages.each { packages.each {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/content/deb/packages/", httpMode: 'POST', ignoreSslErrors: true, multipartName: "file", timeout: 900, responseHandle: 'NONE', uploadFile: "${it}" def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/content/deb/packages/", httpMode: 'POST', ignoreSslErrors: true, multipartName: "file", timeout: 900, uploadFile: "${it}", validResponseCodes: "202"
jsonResponse = readJSON text: response.content def jsonResponse = readJSON text: response.content
println(jsonResponse)
exportTasks << jsonResponse['task'] exportTasks << jsonResponse['task']
} }
return exportTasks return exportTasks
} }
def createRepository(
String credentials,
String name,
String pulpHost = 'pulp.cadoles.com'
) {
def repositoryName = ["name": name]
def postBody = JsonOutput.toJson(repositoryName)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/repositories/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "201"
def jsonResponse = readJSON text: response.content
return jsonResponse.pulp_href
}
def getRepositoryHREF( def getRepositoryHREF(
String credentials, String credentials,
String repositoryLevel = 'dev', String repository = 'Cadoles4MSE unstable'
String pulpHost = 'pulp.bbohard.lan'
) { ) {
def repositoriesMapping = ['dev': 'Cadoles4MSE'] def repositoryHREF = getResourceHREF(credentials, 'repositories/deb/apt/', repository)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/repositories/deb/apt/", httpMode: 'GET', ignoreSslErrors: true if (repositoryHREF) {
def jsonResponse = readJSON text: response.content return repositoryHREF
println(jsonResponse) } else {
def repositories = jsonResponse.results return createRepository(credentials, repository)
def repositoryHREF = repositories.find { it -> it['name'] == repositoriesMapping[repositoryLevel] } }
return repositoryHREF.pulp_href
} }
def addToRepository( def addToRepository(
String credentials, String credentials,
List packagesHREF, List packagesHREF,
String repositoryHREF, String repositoryHREF,
String pulpHost = 'pulp.bbohard.lan' String pulpHost = 'pulp.cadoles.com'
) { ) {
def packagesHREFURL = ["add_content_units": packagesHREF.collect { "https://$pulpHost$it" }] def packagesHREFURL = ["add_content_units": packagesHREF.collect { "https://$pulpHost$it" }]
def postBody = JsonOutput.toJson(packagesHREFURL) def postBody = JsonOutput.toJson(packagesHREFURL)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${repositoryHREF}modify/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "100:599" def response = httpRequest authentication: credentials, url: "https://${pulpHost}${repositoryHREF}modify/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
def jsonResponse = readJSON text: response.content def jsonResponse = readJSON text: response.content
return waitForTaskCompletion(credentials, jsonResponse.task) return waitForTaskCompletion(credentials, jsonResponse.task)
} }
@ -45,12 +90,19 @@ def addToRepository(
def publishRepository( def publishRepository(
String credentials, String credentials,
String repositoryHREF, String repositoryHREF,
String pulpHost = 'pulp.bbohard.lan' String signing_service = null,
String pulpHost = 'pulp.cadoles.com'
) { ) {
def postBody = JsonOutput.toJson(["repository": repositoryHREF, "simple": true]) def postContent = ["repository": repositoryHREF, "simple": true]
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/publications/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true if (signing_service) {
def signingServiceHREF = getResourceHREF(credentials, 'signing-services/', signing_service)
if (signingServiceHREF) {
postContent.put("signing_service", "https://${pulpHost}${signingServiceHREF}")
}
}
def postBody = JsonOutput.toJson(postContent)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/publications/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
def jsonResponse = readJSON text: response.content def jsonResponse = readJSON text: response.content
println(jsonResponse)
return waitForTaskCompletion(credentials, jsonResponse.task) return waitForTaskCompletion(credentials, jsonResponse.task)
} }
@ -59,26 +111,30 @@ def distributePublication(
String publicationHREF, String publicationHREF,
String distributionName, String distributionName,
String basePath, String basePath,
String pulpHost = 'pulp.bbohard.lan', String contentGuard = null,
String contentGuard = null String pulpHost = 'pulp.cadoles.com'
) { ) {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/distributions/deb/apt/", httpMode: 'GET', ignoreSslErrors: true
def jsonResponse = readJSON text: response.content
def httpMode = '' def httpMode = ''
def url = '' def url = ''
def distribution = jsonResponse.results.find { it -> it.name == distributionName} def distributionHREF = getResourceHREF(credentials, 'distributions/deb/apt/', distributionName)
if (distribution) { if (distributionHREF) {
httpMode = 'PUT' httpMode = 'PUT'
url = distribution.pulp_href url = distributionHREF
} else { } else {
httpMode = 'POST' httpMode = 'POST'
url = '/pulp/api/v3/distributions/deb/apt/' url = '/pulp/api/v3/distributions/deb/apt/'
} }
def postBody = JsonOutput.toJson(["publication": publicationHREF, "name": distributionName, "base_path": basePath, "content_guard": contentGuard]) def bodyContent = ["publication": publicationHREF, "name": distributionName, "base_path": basePath]
response = httpRequest authentication: credentials, url: "https://${pulpHost}${url}", httpMode: httpMode, requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "100:599" if (contentGuard) {
def contentGuardHREF = getResourceHREF(credentials, 'contentguards/core/rbac/', contentGuard)
if (contentGuardHREF) {
bodyContent.put('content_guard', "https://${pulpHost}${contentGuardHREF}")
}
}
def postBody = JsonOutput.toJson(bodyContent)
response = httpRequest authentication: credentials, url: "https://${pulpHost}${url}", httpMode: httpMode, requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
jsonResponse = readJSON text: response.content jsonResponse = readJSON text: response.content
if (distribution) { if (distributionHREF) {
waitForTaskCompletion(credentials, jsonResponse.task) waitForTaskCompletion(credentials, jsonResponse.task)
return [url] return [url]
} else { } else {
@ -86,31 +142,12 @@ def distributePublication(
} }
} }
def waitForTaskCompletion(
String credentials,
String taskHREF,
String pulpHost = 'pulp.bbohard.lan'
) {
def status = ''
def created_resources = []
while (status != 'completed') {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${taskHREF}", httpMode: 'GET', ignoreSslErrors: true
def jsonResponse = readJSON text: response.content
status = jsonResponse.state
if (status == 'completed') {
created_resources = jsonResponse.created_resources
}
sleep(10)
}
return created_resources
}
def getDistributionURL( def getDistributionURL(
String credentials, String credentials,
String resourceHREF, String resourceHREF,
String pulpHost = 'pulp.bbohard.lan' String pulpHost = 'pulp.cadoles.com'
) { ) {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${resourceHREF}", httpMode: 'GET', ignoreSslErrors: true def response = httpRequest authentication: credentials, url: "https://${pulpHost}${resourceHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
def jsonResponse = readJSON text: response.content def jsonResponse = readJSON text: response.content
println(jsonResponse) println(jsonResponse)
return jsonResponse.base_url return jsonResponse.base_url

154
vars/pulp.groovy.bak Normal file
View File

@ -0,0 +1,154 @@
import groovy.json.JsonOutput
def getResourceHREF(
String credentials,
String resourceEndpoint,
String resourceName,
String pulpHost = 'pulp.cadoles.com'
) {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/${resourceEndpoint}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
def jsonResponse = readJSON text: response.content
def resource = jsonResponse.results.find { it -> it.name == resourceName}
if (resource) {
return resource.pulp_href
}
return null
}
def waitForTaskCompletion(
String credentials,
String taskHREF,
String pulpHost = 'pulp.cadoles.com'
) {
def status = ''
def created_resources = []
while (status != 'completed') {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${taskHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
def jsonResponse = readJSON text: response.content
status = jsonResponse.state
if (status == 'completed') {
return jsonResponse.created_resources
} else if (!(status in ['running','waiting'])) {
break
}
sleep(10)
}
throw new Exception("Task failed:" + jsonResponse.error.description)
}
def exportPackages(
String credentials,
List packages = [],
String pulpHost = 'pulp.cadoles.com'
) {
def exportTasks = []
packages.each {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/content/deb/packages/", httpMode: 'POST', ignoreSslErrors: true, multipartName: "file", timeout: 900, uploadFile: "${it}", validResponseCodes: "202"
def jsonResponse = readJSON text: response.content
exportTasks << jsonResponse['task']
}
return exportTasks
}
def createRepository(
String credentials,
String name,
String pulpHost = 'pulp.cadoles.com'
) {
def repositoryName = ["name": name]
def postBody = JsonOutput.toJson(repositoryName)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/repositories/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "201"
def jsonResponse = readJSON text: response.content
return jsonResponse.pulp_href
}
def getRepositoryHREF(
String credentials,
String repository = 'Cadoles4MSE unstable'
) {
def repositoryHREF = getResourceHREF(credentials, 'repositories/deb/apt/', repository)
if (repositoryHREF) {
return repositoryHREF
} else {
return createRepository(credentials, repository)
}
}
def addToRepository(
String credentials,
List packagesHREF,
String repositoryHREF,
String pulpHost = 'pulp.cadoles.com'
) {
def packagesHREFURL = ["add_content_units": packagesHREF.collect { "https://$pulpHost$it" }]
def postBody = JsonOutput.toJson(packagesHREFURL)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${repositoryHREF}modify/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
def jsonResponse = readJSON text: response.content
return waitForTaskCompletion(credentials, jsonResponse.task)
}
def publishRepository(
String credentials,
String repositoryHREF,
String signing_service = null,
String pulpHost = 'pulp.cadoles.com'
) {
def postContent = ["repository": repositoryHREF, "simple": true]
if (signing_service) {
def signingServiceHREF = getResourceHREF(credentials, 'signing-services/', signing_service)
if (signingServiceHREF) {
postContent.put("signing_service", "https://${pulpHost}${signingServiceHREF}")
}
}
def postBody = JsonOutput.toJson(postContent)
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/publications/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
def jsonResponse = readJSON text: response.content
return waitForTaskCompletion(credentials, jsonResponse.task)
}
def distributePublication(
String credentials,
String publicationHREF,
String distributionName,
String basePath,
String contentGuard = null,
String pulpHost = 'pulp.cadoles.com'
) {
def httpMode = ''
def url = ''
def distributionHREF = getResourceHREF(credentials, 'distributions/deb/apt/', distributionName)
if (distributionHREF) {
httpMode = 'PUT'
url = distributionHREF
} else {
httpMode = 'POST'
url = '/pulp/api/v3/distributions/deb/apt/'
}
def bodyContent = ["publication": publicationHREF, "name": distributionName, "base_path": basePath]
if (contentGuard) {
def contentGuardHREF = getResourceHREF(credentials, 'contentguards/core/rbac/', contentGuard)
if (contentGuardHREF) {
bodyContent.put('content_guard', "https://${pulpHost}${contentGuardHREF}")
}
}
def postBody = JsonOutput.toJson(bodyContent)
response = httpRequest authentication: credentials, url: "https://${pulpHost}${url}", httpMode: httpMode, requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
jsonResponse = readJSON text: response.content
if (distributionHREF) {
waitForTaskCompletion(credentials, jsonResponse.task)
return [url]
} else {
return waitForTaskCompletion(credentials, jsonResponse.task)
}
}
def getDistributionURL(
String credentials,
String resourceHREF,
String pulpHost = 'pulp.cadoles.com'
) {
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${resourceHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
def jsonResponse = readJSON text: response.content
println(jsonResponse)
return jsonResponse.base_url
}

115
vars/symfonyAppPipeline.groovy
View File

@ -1,115 +0,0 @@
import org.jenkinsci.plugins.pipeline.modeldefinition.Utils
def call(String baseImage = "ubuntu:22.04") {
node {
stage("Checkout project") {
checkout(scm)
}
stage('Run in Symfony image') {
def symfonyImage = buildDockerImage(baseImage)
symfonyImage.inside() {
def repo = env.JOB_NAME
if (env.BRANCH_NAME ==~ /^PR-.*$/) {
repo = env.JOB_NAME - "/${env.JOB_BASE_NAME}"
}
stage("Install composer dependencies") {
sh '''
composer install
'''
}
parallel([
'php-security-check': {
stage("Check PHP security issues") {
catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
def auditReport = sh(script: "local-php-security-checker --format=markdown || true", returnStdout: true)
if (auditReport.trim() != "") {
if (env.CHANGE_ID) {
gitea.commentPullRequest(repo, env.CHANGE_ID, auditReport, 0)
} else {
print auditReport
}
}
if (!auditReport.contains("No packages have known vulnerabilities.")) {
throw new Exception("Dependencies check failed !")
}
}
}
},
'php-cs-fixer': {
stage("Run PHP-CS-Fixer on modified code") {
catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') {
if ( !fileExists('.php-cs-fixer.dist.php') ) {
def phpCsFixerConfig = libraryResource 'com/cadoles/symfony/.php-cs-fixer.dist.php'
writeFile file:'.php-cs-fixer.dist.php', text:phpCsFixerConfig
}
sh '''
CHANGED_FILES=$(git diff --name-only --diff-filter=ACMRTUXB "HEAD~..HEAD" | fgrep ".php" | tr "\n" " ")
if ! echo "${CHANGED_FILES}" | grep -qE "^(\\.php-cs-fixer(\\.dist)\\.php?|composer\\.lock)$"; then EXTRA_ARGS=$(printf -- '--path-mode=intersection -- %s' "${CHANGED_FILES}"); else EXTRA_ARGS=''; fi
php-cs-fixer fix --config=.php-cs-fixer.dist.php -v --dry-run --using-cache=no --format junit ${EXTRA_ARGS} > php-cs-fixer.xml || true
'''
def report = sh(script: "junit2md php-cs-fixer.xml", returnStdout: true)
if (env.CHANGE_ID) {
gitea.commentPullRequest(repo, env.CHANGE_ID, report, 1)
} else {
print report
}
}
}
},
'phpstan': {
stage("Run phpstan") {
catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
if ( !fileExists('phpstan.neon') ) {
def phpStanConfig = libraryResource 'com/cadoles/symfony/phpstan.neon'
writeFile file:'phpstan.neon', text:phpStanConfig
}
sh '''
phpstan analyze -l 1 --error-format=table src > phpstan.txt || true
'''
def report = sh(script: "cat phpstan.txt", returnStdout: true)
report = "## Rapport PHPStan\n\n```\n" + report
report = report + "\n```\n"
if (env.CHANGE_ID) {
gitea.commentPullRequest(repo, env.CHANGE_ID, report, 2)
} else {
print report
}
}
}
}
])
}
}
}
}
def buildDockerImage(String baseImage) {
def imageName = "cadoles-symfony-ci"
dir (".${imageName}") {
def dockerfile = libraryResource 'com/cadoles/symfony/Dockerfile'
writeFile file:'Dockerfile', text: "FROM ${baseImage}\n\n" + dockerfile
def addLetsEncryptCA = libraryResource 'com/cadoles/common/add-letsencrypt-ca.sh'
writeFile file:'add-letsencrypt-ca.sh', text:addLetsEncryptCA
def safeJobName = URLDecoder.decode(env.JOB_NAME).toLowerCase().replace('/', '-').replace(' ', '-')
def imageTag = "${safeJobName}-${env.BUILD_ID}"
return docker.build("${imageName}:${imageTag}", ".")
}
}
def when(boolean condition, body) {
def config = [:]
body.resolveStrategy = Closure.OWNER_FIRST
body.delegate = config
if (condition) {
body()
} else {
Utils.markStageSkippedForConditional(STAGE_NAME)
}
}

20
vars/tamarin.groovy
View File

@ -7,19 +7,16 @@ def buildPackageWithCPKG(
Boolean forceRebuild = false Boolean forceRebuild = false
) { ) {
def builds = [] def result = [:]
// Retrieve commit tags // Retrieve commit tags
def commitTags = sh(script: 'git describe --exact-match --abbrev=0', returnStdout: true).split(' ') def commitTag = sh(script: 'git describe --exact-match --abbrev=0', returnStdout: true)
if (commitTags.length == 0) { if (commitTag == '') {
error 'No build build tags on last commit' error 'No build build tags on last commit'
} }
// For each tags
for (tag in commitTags) {
// Split tag to retrieve context informations // Split tag to retrieve context informations
def tagParts = tag.split('/') def tagParts = commitTag.split('/')
def packageEnv = tagParts[1] def packageEnv = tagParts[1]
def packageDistrib = tagParts[2] def packageDistrib = tagParts[2]
def packageVersion = tagParts[3] def packageVersion = tagParts[3]
@ -34,19 +31,14 @@ def buildPackageWithCPKG(
sh "rm -rf ${destDir}/*" sh "rm -rf ${destDir}/*"
stage("Build ${packageEnv} package (version ${packageVersion}) for ${packageDistrib}") { stage("Build ${packageEnv} package (version ${packageVersion}) for ${packageDistrib}") {
def result = [:] result.put('tag', commitTag)
result.put('tag', tag)
result.put('env', packageEnv) result.put('env', packageEnv)
result.put('version', packageVersion) result.put('version', packageVersion)
result.put('distrib', packageDistrib) result.put('distrib', packageDistrib)
def packages = buildPackage(packageProfile, packageArch, baseImage, destDir, forceRebuild) def packages = buildPackage(packageProfile, packageArch, baseImage, destDir, forceRebuild)
result.put('packages', packages) result.put('packages', packages)
builds << result
} }
return result
}
return builds
} }