Compare commits
7 Commits
pipeline/p
...
gitea-rele
| Author | SHA1 | Date | |
|---|---|---|---|
| ab34f326d3 | |||
| 9cf903ce41 | |||
| cf66210f4e | |||
| 83688cc56c | |||
| 8699ec0a9d | |||
| ed1fb84ea9 | |||
| d50a9c6b77 |
231
Jenkinsfile
vendored
231
Jenkinsfile
vendored
@ -1,231 +0,0 @@
|
||||
@Library("cadoles@pipeline/packaging_pulp") _
|
||||
|
||||
pipeline {
|
||||
|
||||
agent {
|
||||
label 'docker'
|
||||
}
|
||||
|
||||
environment {
|
||||
projectDir = "${env.project_name}_${env.BUILD_ID}"
|
||||
}
|
||||
|
||||
triggers {
|
||||
// Execute pipeline every day at 7h30 to prepare docker images
|
||||
cron('30 7 * * 1-5')
|
||||
}
|
||||
|
||||
stages {
|
||||
|
||||
stage("Prepare build environment") {
|
||||
when {
|
||||
anyOf {
|
||||
triggeredBy cause: "UserIdCause", detail: "wpetit"
|
||||
triggeredBy 'TimerTrigger'
|
||||
}
|
||||
}
|
||||
steps {
|
||||
script {
|
||||
tamarin.prepareEnvironment()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage("Package project") {
|
||||
when {
|
||||
not {
|
||||
triggeredBy 'TimerTrigger'
|
||||
}
|
||||
}
|
||||
steps {
|
||||
script {
|
||||
stage("Clone repository") {
|
||||
checkout scm:
|
||||
[
|
||||
$class: 'GitSCM',
|
||||
userRemoteConfigs: [[url: env.repository_url, credentialsId: 'jenkins-forge-ssh']],
|
||||
branches: [[name: env.ref]],
|
||||
extensions: [
|
||||
[$class: 'RelativeTargetDirectory', relativeTargetDir: env.projectDir ],
|
||||
[$class: 'CloneOption', noTags: false, shallow: false, depth: 0, reference: ''],
|
||||
[$class: 'WipeWorkspace' ]
|
||||
]
|
||||
],
|
||||
changelog: false,
|
||||
poll: false
|
||||
}
|
||||
|
||||
stage("Ensure packaging branch") {
|
||||
dir(env.projectDir) {
|
||||
sh 'git checkout "${packageBranch}"'
|
||||
def commitOrRef = env.commit ? env.commit : env.ref
|
||||
def branchesWithCommitOrRef = sh(script: "git branch --contains '${commitOrRef}'", returnStdout: true).split(' ')
|
||||
if (branchesWithCommitOrRef.findAll{env.packageBranch.contains(it)}.any{true}) {
|
||||
currentBuild.result = 'ABORTED'
|
||||
error("La référence `${env.ref}` ne fait pas partie de la branche `${env.packageBranch}` !")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage("Check [ci skip] in tag message") {
|
||||
dir(env.projectDir) {
|
||||
sh 'git checkout "${packageBranch}"'
|
||||
def commitTags = sh(script: 'git describe --exact-match --abbrev=0', returnStdout: true).split(' ')
|
||||
for (tag in commitTags) {
|
||||
tag = tag.trim()
|
||||
def tagMessage = sh(script: "git tag --format='%(subject)' -l '${tag}'", returnStdout: true).trim()
|
||||
println("Tag '${tag}' message is: '${tagMessage}'")
|
||||
if (tagMessage.contains('[ci skip]')) {
|
||||
currentBuild.result = 'ABORTED'
|
||||
error("Le message du tag '${tag}' contient le marqueur '[ci-skip]' !")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
stage("Checkout ref") {
|
||||
dir(env.projectDir) {
|
||||
sh """
|
||||
git checkout ${env.ref}
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
stage("Build package") {
|
||||
dir(env.projectDir) {
|
||||
// On construit les paquets à partir des informations
|
||||
// de contexte provenant de CPKG et du webhook
|
||||
def result = tamarin.buildPackageWithCPKG(
|
||||
env.packageProfile ? env.packageProfile : "debian",
|
||||
env.packageArch ? env.packageArch : "",
|
||||
env.packageBranch ? env.packageBranch : "",
|
||||
env.baseImage ? env.baseImage : ""
|
||||
)
|
||||
|
||||
// On publie chacun des paquets construits
|
||||
def splittedTag = env.ref.split('/')
|
||||
def repositoryName = "${splittedTag[2]} ${splittedTag[1]}"
|
||||
def distributionName = repositoryName
|
||||
def basePath = repositoryName.replace(' ', '-')
|
||||
def product = splittedTag[2].split('-')[0]
|
||||
def contentGuardMapping = ['mse': 'mse_contentguard']
|
||||
def signingServiceMapping = ['mse': 'sign_deb_release']
|
||||
def credentials = 'jenkins-pulp-api-client'
|
||||
def repositoryHREF = pulp.getRepositoryHREF(credentials, repositoryName)
|
||||
def exportTasks = pulp.exportPackages(credentials, result.packages)
|
||||
def pulpPackages = []
|
||||
exportTasks.each {
|
||||
def created_resources = pulp.waitForTaskCompletion(credentials, it)
|
||||
for (created_resource in created_resources) {
|
||||
pulpPackages << created_resource
|
||||
}
|
||||
}
|
||||
pulp.addToRepository(credentials, pulpPackages, repositoryHREF)
|
||||
// def publicationHREF = pulp.publishRepository(credentials, repositoryHREF, signingServiceMapping.get(product))
|
||||
def publicationHREF = pulp.publishRepository(credentials, repositoryHREF, 'sign_deb_release')
|
||||
def distributionHREF = pulp.distributePublication(credentials, publicationHREF[0], distributionName, basePath, contentGuardMapping.get(product))
|
||||
def distributionURL = pulp.getDistributionURL(credentials, distributionHREF[0])
|
||||
|
||||
// On liste l'ensemble des paquets construits
|
||||
def publishedPackages = result.packages.collect { p ->
|
||||
def file = new File(p)
|
||||
return "- Paquet `${file.getName()}`, Dépôt `${result.env}`, Distribution `${result.distrib}`, URL `${distributionURL}`"
|
||||
}
|
||||
|
||||
// On notifie le canal Rocket.Chat de la publication des paquets
|
||||
rocketSend (
|
||||
avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
|
||||
message: """
|
||||
Les paquets suivants ont été publiés pour le projet ${env.project_name}:
|
||||
|
||||
${publishedPackages.join('\n')}
|
||||
|
||||
[Visualiser le job](${env.RUN_DISPLAY_URL})
|
||||
|
||||
@${env.sender_login}
|
||||
""".stripIndent(),
|
||||
rawMessage: true,
|
||||
attachments: lolops.getRandomDeliveryAttachment()
|
||||
)
|
||||
|
||||
if (env.testPackageInstall != 'yes') {
|
||||
println "Test d'intallation des paquets désactivé."
|
||||
return
|
||||
}
|
||||
|
||||
// On essaye de trouver un template de VM compatible
|
||||
// avec la distribution cible de la construction
|
||||
def vmTemplate = findMatchingVMTemplate(result.distrib)
|
||||
if (vmTemplate == null) {
|
||||
println "Aucun template de VM n'a été trouvé correspondant à la distribution `${result.distrib}`."
|
||||
return
|
||||
}
|
||||
|
||||
// Pour chaque paquets construits...
|
||||
result.packages.each { p ->
|
||||
def packageFullName = new File(p).getName()
|
||||
def packageRepository = result.distrib.split('-')[1] + '-' + result.env
|
||||
def packageNameParts = packageFullName.split('_')
|
||||
def packageName = packageNameParts[0]
|
||||
def packageVersion = packageNameParts[1]
|
||||
|
||||
stage("Test package '${packageName}' installation") {
|
||||
build job: 'Test de paquet Debian', wait: false, parameters: [
|
||||
[$class: 'StringParameterValue', name: 'packageName', value: packageName],
|
||||
[$class: 'StringParameterValue', name: 'packageVersion', value: packageVersion],
|
||||
[$class: 'StringParameterValue', name: 'packageRepository', value: packageRepository],
|
||||
[$class: 'StringParameterValue', name: 'vmTemplate', value: vmTemplate]
|
||||
]
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
post {
|
||||
always {
|
||||
sh "rm -rf '${env.projectDir}'"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
// Cette fonction fait un simple "mapping"
|
||||
// entre les distributions cibles des paquets et
|
||||
// les templates de VM disponibles sur l'OpenNebula
|
||||
def findMatchingVMTemplate(String distrib) {
|
||||
def vmTemplatesMap = [
|
||||
'eole-2.7.0': 'eolebase-2.7.0-cadoles',
|
||||
'eole-2.6.2': 'eolebase-2.6.2-cadoles'
|
||||
]
|
||||
return vmTemplatesMap.get(distrib, null)
|
||||
}
|
||||
|
||||
def waitForPackages(String tagRef, buildResults) {
|
||||
def packageVersion = tagRef.split('/')[3];
|
||||
def packageDistrib = env.packageBranch.split('/')[2];
|
||||
|
||||
buildResults.each { r ->
|
||||
def distrib = "${packageDistrib}-${r.env}"
|
||||
|
||||
r.packages.each { p ->
|
||||
def file = new File(p)
|
||||
def fileNameParts = file.getName().take(file.getName().lastIndexOf('.')).split('_')
|
||||
def packageName = fileNameParts[0]
|
||||
def packageArch = fileNameParts[2]
|
||||
|
||||
debian.waitForRepoPackage(packageName, [
|
||||
baseURL: 'https://vulcain.cadoles.com',
|
||||
distrib: distrib,
|
||||
component: 'main',
|
||||
type: 'binary',
|
||||
arch: packageArch,
|
||||
expectedVersion: packageVersion
|
||||
])
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -18,7 +18,7 @@ pipeline {
|
||||
|
||||
agent {
|
||||
node {
|
||||
label "mse"
|
||||
label "docker"
|
||||
}
|
||||
}
|
||||
|
||||
@ -48,7 +48,7 @@ pipeline {
|
||||
junit "*.xml"
|
||||
|
||||
rocketSend (
|
||||
channel: "#cnous-mse-dev",
|
||||
channel: "#cnous-mse",
|
||||
avatar: 'https://jenkins.cadol.es/static/b5f67753/images/headshot.png',
|
||||
message: """
|
||||
Audit RGAA | ${testStatuses()}
|
||||
@ -65,6 +65,14 @@ pipeline {
|
||||
}
|
||||
}
|
||||
|
||||
post {
|
||||
always {
|
||||
cleanWs()
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@NonCPS
|
||||
@ -79,4 +87,4 @@ def testStatuses() {
|
||||
testStatus = "Passant(s): ${passed}, Échoué(s): ${failed} ${testResultAction.failureDiffString}, Désactivé(s): ${skipped}"
|
||||
}
|
||||
return testStatus
|
||||
}
|
||||
}
|
||||
153
resources/com/cadoles/gitea/gitea-release.sh
Normal file
153
resources/com/cadoles/gitea/gitea-release.sh
Normal file
@ -0,0 +1,153 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eo pipefail
|
||||
|
||||
GITEA_RELEASE_PROJECT=${GITEA_RELEASE_PROJECT}
|
||||
GITEA_RELEASE_ORG=${GITEA_RELEASE_ORG}
|
||||
GITEA_RELEASE_BASE_URL=${GITEA_BASE_URL:-https://forge.cadoles.com}
|
||||
GITEA_RELEASE_USERNAME=${GITEA_RELEASE_USERNAME}
|
||||
GITEA_RELEASE_PASSWORD=${GITEA_RELEASE_PASSWORD}
|
||||
GITEA_RELEASE_VERSION=${GITEA_RELEASE_VERSION}
|
||||
GITEA_RELEASE_COMMITISH_TARGET=${GITEA_RELEASE_COMMITISH_TARGET}
|
||||
GITEA_RELEASE_IS_DRAFT=${GITEA_RELEASE_IS_DRAFT:-false}
|
||||
GITEA_RELEASE_IS_PRERELEASE=${GITEA_RELEASE_IS_PRERELEASE:-true}
|
||||
GITEA_RELEASE_BODY=${GITEA_RELEASE_BODY}
|
||||
GITEA_RELEASE_ATTACHMENTS=${GITEA_RELEASE_ATTACHMENTS}
|
||||
|
||||
function check_dependencies {
|
||||
assert_command_available 'curl'
|
||||
assert_command_available 'jq'
|
||||
}
|
||||
|
||||
function assert_command_available {
|
||||
local command=$1
|
||||
local command_path=$(which $command)
|
||||
|
||||
if [ -z "$command_path" ]; then
|
||||
echo "The '$command' command could not be found. Please install it before using this script." 1>&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function check_environment {
|
||||
assert_environment GITEA_RELEASE_PROJECT
|
||||
assert_environment GITEA_RELEASE_ORG
|
||||
assert_environment GITEA_RELEASE_BASE_URL
|
||||
}
|
||||
|
||||
function source_env_file {
|
||||
if [ ! -f '.env' ]; then
|
||||
return 0
|
||||
fi
|
||||
set -o allexport
|
||||
source .env
|
||||
set +o allexport
|
||||
}
|
||||
|
||||
function assert_environment {
|
||||
local name=$1
|
||||
local value=${!name}
|
||||
|
||||
if [ -z "$value" ]; then
|
||||
echo "The $"$name" environment variable is empty." 1>&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function ask_credentials {
|
||||
if [ -z "$GITEA_RELEASE_USERNAME" ]; then
|
||||
echo -n "Username: "
|
||||
read GITEA_RELEASE_USERNAME
|
||||
|
||||
fi
|
||||
if [ -z "$GITEA_RELEASE_PASSWORD" ]; then
|
||||
echo -n "Password: "
|
||||
stty -echo
|
||||
read GITEA_RELEASE_PASSWORD
|
||||
stty echo
|
||||
echo
|
||||
fi
|
||||
}
|
||||
|
||||
function retrieve_version {
|
||||
if [ ! -z "$GITEA_RELEASE_VERSION" ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
set +e
|
||||
GITEA_RELEASE_VERSION=$(git describe --abbrev=0 --tags 2>/dev/null)
|
||||
GITEA_RELEASE_VERSION=${GITEA_RELEASE_VERSION}
|
||||
set -e
|
||||
}
|
||||
|
||||
function retrieve_commitish_target {
|
||||
if [ ! -z "$GITEA_RELEASE_COMMITISH_TARGET" ]; then
|
||||
return
|
||||
fi
|
||||
|
||||
GITEA_RELEASE_COMMITISH_TARGET=$(git log -n 1 --pretty="format:%h")
|
||||
}
|
||||
|
||||
function create_release {
|
||||
local payload={}
|
||||
|
||||
payload=$(json_set "$payload" body "\"$GITEA_RELEASE_BODY\"")
|
||||
payload=$(json_set "$payload" draft $GITEA_RELEASE_IS_DRAFT)
|
||||
payload=$(json_set "$payload" name "\"$GITEA_RELEASE_VERSION\"")
|
||||
payload=$(json_set "$payload" prerelease $GITEA_RELEASE_IS_PRERELEASE)
|
||||
payload=$(json_set "$payload" tag_name "\"${GITEA_RELEASE_VERSION:-$GITEA_RELEASE_COMMITISH_TARGET}\"")
|
||||
payload=$(json_set "$payload" target_commitish "\"$GITEA_RELEASE_COMMITISH_TARGET\"")
|
||||
|
||||
gitea_api "/repos/$GITEA_RELEASE_ORG/$GITEA_RELEASE_PROJECT/releases" \
|
||||
-H "Content-Type:application/json" \
|
||||
-d "$payload"
|
||||
}
|
||||
|
||||
function json_set {
|
||||
local data=$1
|
||||
local key=$2
|
||||
local value=$3
|
||||
echo $data | jq -cr --argjson v "$value" --arg k "$key" '.[$k] = $v'
|
||||
}
|
||||
|
||||
function upload_release_attachments {
|
||||
local release="$1"
|
||||
local release_id=$(echo "$release" | jq -r .id)
|
||||
|
||||
if [ -z "$GITEA_RELEASE_ATTACHMENTS" ]; then
|
||||
set +e
|
||||
GITEA_RELEASE_ATTACHMENTS="$(ls release/*.{tar.gz,zip} 2>/dev/null)"
|
||||
set -e
|
||||
fi
|
||||
|
||||
for file in $GITEA_RELEASE_ATTACHMENTS; do
|
||||
local filename=$(basename "$file")
|
||||
gitea_api "/repos/$GITEA_RELEASE_ORG/$GITEA_RELEASE_PROJECT/releases/$release_id/assets?name=$filename" \
|
||||
-H "Content-Type:multipart/form-data" \
|
||||
-F "attachment=@$file"
|
||||
done
|
||||
}
|
||||
|
||||
function gitea_api {
|
||||
local path=$1
|
||||
local args=${@:2}
|
||||
|
||||
curl -L \
|
||||
--fail \
|
||||
-u "$GITEA_RELEASE_USERNAME:$GITEA_RELEASE_PASSWORD" \
|
||||
${args} \
|
||||
"$GITEA_RELEASE_BASE_URL/api/v1$path"
|
||||
}
|
||||
|
||||
function main {
|
||||
check_dependencies
|
||||
source_env_file
|
||||
check_environment
|
||||
ask_credentials
|
||||
retrieve_commitish_target
|
||||
retrieve_version
|
||||
local release=$(create_release)
|
||||
upload_release_attachments "$release"
|
||||
}
|
||||
|
||||
main
|
||||
@ -35,7 +35,7 @@ RUN apk add --no-cache \
|
||||
chromium \
|
||||
bash
|
||||
|
||||
RUN PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1 npm install -g pa11y pa11y-reporter-html@^1.0.0 pa11y-reporter-junit
|
||||
RUN PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=1 npm install -g pa11y@^5.0.0 pa11y-reporter-html@^1.0.0 pa11y-reporter-junit
|
||||
|
||||
RUN adduser -D pa11y
|
||||
|
||||
|
||||
@ -9,6 +9,7 @@ cd reports
|
||||
|
||||
export PUPPETEER_EXECUTABLE_PATH=$(which chromium-browser)
|
||||
export PA11Y_REPORTER="${PA11Y_REPORTER:-html}"
|
||||
export PA11Y_STANDARD=${PA11Y_STANDARD:-WCAG2AA}
|
||||
|
||||
PA11Y_ARGS=""
|
||||
|
||||
|
||||
41
resources/com/cadoles/symfony/.php-cs-fixer.dist.php
Normal file
41
resources/com/cadoles/symfony/.php-cs-fixer.dist.php
Normal file
@ -0,0 +1,41 @@
|
||||
<?php
|
||||
|
||||
$finder = PhpCsFixer\Finder::create()
|
||||
->in(__DIR__.'/src')
|
||||
->name('*.php')
|
||||
;
|
||||
|
||||
return (new PhpCsFixer\Config())
|
||||
->setRules([
|
||||
'@Symfony' => true,
|
||||
'concat_space' => ['spacing' => 'none'],
|
||||
'array_syntax' => ['syntax' => 'short'],
|
||||
'combine_consecutive_issets' => true,
|
||||
'explicit_indirect_variable' => true,
|
||||
'no_useless_return' => true,
|
||||
'ordered_imports' => true,
|
||||
'no_unused_imports' => true,
|
||||
'no_spaces_after_function_name' => true,
|
||||
'no_spaces_inside_parenthesis' => true,
|
||||
'ternary_operator_spaces' => true,
|
||||
'class_definition' => ['single_line' => true],
|
||||
'whitespace_after_comma_in_array' => true,
|
||||
'phpdoc_add_missing_param_annotation' => ['only_untyped' => true],
|
||||
'phpdoc_order' => true,
|
||||
'phpdoc_types_order' => [
|
||||
'null_adjustment' => 'always_last',
|
||||
'sort_algorithm' => 'alpha',
|
||||
],
|
||||
'phpdoc_no_empty_return' => false,
|
||||
'phpdoc_summary' => false,
|
||||
'general_phpdoc_annotation_remove' => [
|
||||
'annotations' => [
|
||||
'expectedExceptionMessageRegExp',
|
||||
'expectedException',
|
||||
'expectedExceptionMessage',
|
||||
'author',
|
||||
],
|
||||
],
|
||||
])
|
||||
->setFinder($finder)
|
||||
;
|
||||
42
resources/com/cadoles/symfony/Dockerfile
Normal file
42
resources/com/cadoles/symfony/Dockerfile
Normal file
@ -0,0 +1,42 @@
|
||||
ARG PHP_SECURITY_CHECKER_VERSION=1.0.0
|
||||
ARG JQ_VERSION=1.6
|
||||
|
||||
RUN apt update && \
|
||||
DEBIAN_FRONTEND=noninteractive apt-get install -y \
|
||||
wget tar curl ca-certificates \
|
||||
openssl bash git unzip \
|
||||
php-cli php-dom php-mbstring php-ctype php-xml php-iconv
|
||||
|
||||
COPY add-letsencrypt-ca.sh /root/add-letsencrypt-ca.sh
|
||||
|
||||
RUN bash /root/add-letsencrypt-ca.sh \
|
||||
&& rm -f /root/add-letsencrypt-ca.sh
|
||||
|
||||
RUN wget -O /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 \
|
||||
&& chmod +x /usr/local/bin/jq
|
||||
|
||||
# Install local-php-security-checker
|
||||
RUN wget -O /usr/local/bin/local-php-security-checker https://github.com/fabpot/local-php-security-checker/releases/download/v${PHP_SECURITY_CHECKER_VERSION}/local-php-security-checker_${PHP_SECURITY_CHECKER_VERSION}_linux_amd64 \
|
||||
&& chmod +x /usr/local/bin/local-php-security-checker
|
||||
|
||||
# Install junit2md
|
||||
RUN junit2md_download_url=$(curl "https://forge.cadoles.com/api/v1/repos/Cadoles/junit2md/releases" -H "accept:application/json" | jq -r 'sort_by(.published_at) | reverse | .[0] | .assets[] | select(.name == "junit2md-linux-amd64.tar.gz") | .browser_download_url') \
|
||||
&& wget -O junit2md-linux-amd64.tar.gz "$junit2md_download_url" \
|
||||
&& tar -xzf junit2md-linux-amd64.tar.gz \
|
||||
&& cp junit2md-linux-amd64/junit2md /usr/local/bin/junit2md
|
||||
|
||||
# Install composer
|
||||
RUN wget https://raw.githubusercontent.com/composer/getcomposer.org/76a7060ccb93902cd7576b67264ad91c8a2700e2/web/installer -O - -q | php -- --force --install-dir /usr/local/bin --filename composer \
|
||||
&& chmod +x /usr/local/bin/composer
|
||||
|
||||
# Install php-cs-fixer
|
||||
RUN mkdir --parents /tools/php-cs-fixer \
|
||||
&& composer require --working-dir=/tools/php-cs-fixer friendsofphp/php-cs-fixer \
|
||||
&& ln -s /tools/php-cs-fixer/vendor/bin/php-cs-fixer /usr/local/bin/php-cs-fixer
|
||||
|
||||
# Install php-stan
|
||||
RUN mkdir --parents /tools/phpstan \
|
||||
&& composer require --working-dir=/tools/phpstan phpstan/phpstan \
|
||||
&& ln -s /tools/phpstan/vendor/bin/phpstan /usr/local/bin/phpstan \
|
||||
&& composer require --working-dir=/tools/phpstan phpstan/phpstan-symfony \
|
||||
&& composer require --working-dir=/tools/phpstan phpstan/phpstan-doctrine
|
||||
4
resources/com/cadoles/symfony/phpstan.neon
Normal file
4
resources/com/cadoles/symfony/phpstan.neon
Normal file
@ -0,0 +1,4 @@
|
||||
includes:
|
||||
- /tools/phpstan/vendor/phpstan/phpstan-symfony/extension.neon
|
||||
- /tools/phpstan/vendor/phpstan/phpstan-doctrine/extension.neon
|
||||
- /tools/phpstan/vendor/phpstan/phpstan-doctrine/rules.neon
|
||||
@ -2,6 +2,7 @@ def waitForRepoPackage(String packageName, Map params = [:]) {
|
||||
def expectedVersion = params.expectedVersion ? params.expectedVersion : null
|
||||
def delay = params.delay ? params.delay : 30
|
||||
def waitTimeout = params.timeout ? params.timeout : 2400
|
||||
def asPattern = params.containsKey("asPattern") ? params.asPattern : true
|
||||
|
||||
def message = "Waiting for package '${packageName}'"
|
||||
if (expectedVersion != null) {
|
||||
@ -26,9 +27,11 @@ def waitForRepoPackage(String packageName, Map params = [:]) {
|
||||
println("Package found !")
|
||||
break
|
||||
}
|
||||
|
||||
|
||||
def versionFound = packages.find {
|
||||
return it['version'] =~ expectedVersion
|
||||
def matches = asPattern ? it['version'] =~ expectedVersion : it['version'] == expectedVersion
|
||||
println("Comparing expected version '${expectedVersion}' to '${it['version']}': ${matches}")
|
||||
return matches
|
||||
}
|
||||
|
||||
if (versionFound) {
|
||||
@ -76,5 +79,10 @@ def listRepoPackages(Map params = [:]) {
|
||||
}
|
||||
}
|
||||
|
||||
println "Found packages:"
|
||||
packages.each{
|
||||
println " - Package: ${it.key}, Version: ${it.value['version']}"
|
||||
}
|
||||
|
||||
return packages
|
||||
}
|
||||
98
vars/gitea.groovy
Normal file
98
vars/gitea.groovy
Normal file
@ -0,0 +1,98 @@
|
||||
def commentPullRequest(String repo, String issueId, String comment, Integer commentIndex = 0) {
|
||||
comment = comment.replaceAll('"', '\\"')
|
||||
withCredentials([
|
||||
string(credentialsId: 'GITEA_JENKINS_PERSONAL_TOKEN', variable: 'GITEA_TOKEN'),
|
||||
]) {
|
||||
writeFile(file: '.prComment', text: comment)
|
||||
sh """#!/bin/bash
|
||||
set -xeo pipefail
|
||||
|
||||
# Récupération si il existe du commentaire existant
|
||||
previous_comment_id=\$(curl -v --fail \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
https://forge.cadoles.com/api/v1/repos/${repo}/issues/${issueId}/comments \
|
||||
| jq -c '[ .[] | select(.user.login=="jenkins") ] | .[${commentIndex}] | .id' \
|
||||
)
|
||||
|
||||
# Génération du payload pour l'API Gitea
|
||||
echo '{}' | jq -c --rawfile body .prComment '.body = \$body' > payload.json
|
||||
|
||||
if [[ "\$previous_comment_id" == "null" ]]; then
|
||||
# Création du commentaire via l'API Gitea
|
||||
curl -v --fail \
|
||||
-XPOST \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d @payload.json \
|
||||
https://forge.cadoles.com/api/v1/repos/${repo}/issues/${issueId}/comments
|
||||
else
|
||||
# Modification du commentaire existant
|
||||
curl -v --fail \
|
||||
-XPATCH \
|
||||
-H "Authorization: token ${GITEA_TOKEN}" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d @payload.json \
|
||||
https://forge.cadoles.com/api/v1/repos/${repo}/issues/comments/\$previous_comment_id
|
||||
fi
|
||||
"""
|
||||
}
|
||||
}
|
||||
|
||||
// Effectue une "release" sur Gitea pour le <ORG>/<PROJET> donné.
|
||||
def release(String credentialsId, String org, String project, Map options = [:]) {
|
||||
def isDraft = options.get('isDraft', false)
|
||||
def baseUrl = options.get('baseUrl', 'https://forge.cadoles.com')
|
||||
def defaultVersion = sh(returnStdout: true, script: 'git describe --always').trim()
|
||||
def releaseVersion = options.get('releaseVersion', defaultVersion)
|
||||
def commitishTarget = options.get('commitishTarget', env.GIT_COMMIT)
|
||||
|
||||
def defaultIsPrerelease = true
|
||||
try {
|
||||
sh(script: "git describe --exact-match ${GIT_COMMIT}")
|
||||
defaultIsPrerelease = false
|
||||
} catch (err) {
|
||||
println "Could not find tag associated with commit '${GIT_COMMIT}' ! Using 'prerelease' as default."
|
||||
}
|
||||
|
||||
def isPrerelease = options.get('isPrerelease', defaultIsPrerelease)
|
||||
def body = options.get('body', '')
|
||||
def attachments = options.get('attachments', [])
|
||||
|
||||
def scriptTempDir = ".gitea-release-script-${System.currentTimeMillis()}"
|
||||
sh("mkdir -p '${scriptTempDir}'")
|
||||
|
||||
def giteaReleaseScript = "${scriptTempDir}/gitea-release.sh"
|
||||
|
||||
def giteaReleaseScriptContent = libraryResource 'com/cadoles/gitea/gitea-release.sh'
|
||||
writeFile file: giteaReleaseScript, text:giteaReleaseScriptContent
|
||||
sh("chmod +x '${giteaReleaseScript}'")
|
||||
|
||||
try {
|
||||
withCredentials([
|
||||
usernamePassword(
|
||||
credentialsId: credentialsId,
|
||||
usernameVariable: 'GITEA_RELEASE_USERNAME',
|
||||
passwordVariable: 'GITEA_RELEASE_PASSWORD'
|
||||
)
|
||||
]) {
|
||||
sh """
|
||||
export GITEA_RELEASE_PROJECT="${project}"
|
||||
export GITEA_RELEASE_ORG="${org}"
|
||||
export GITEA_RELEASE_BASE_URL="${baseUrl}"
|
||||
export GITEA_RELEASE_VERSION="${releaseVersion}"
|
||||
export GITEA_RELEASE_COMMITISH_TARGET="${commitishTarget}"
|
||||
export GITEA_RELEASE_IS_DRAFT="${isDraft}"
|
||||
export GITEA_RELEASE_IS_PRERELEASE="${isPrerelease}"
|
||||
export GITEA_RELEASE_BODY="${body}"
|
||||
export GITEA_RELEASE_ATTACHMENTS="${attachments.join(' ')}"
|
||||
|
||||
${giteaReleaseScript}
|
||||
"""
|
||||
}
|
||||
} finally {
|
||||
dir(scriptTempDir) {
|
||||
deleteDir()
|
||||
}
|
||||
}
|
||||
}
|
||||
141
vars/pulp.groovy
141
vars/pulp.groovy
@ -1,88 +1,43 @@
|
||||
import groovy.json.JsonOutput
|
||||
|
||||
def getResourceHREF(
|
||||
String credentials,
|
||||
String resourceEndpoint,
|
||||
String resourceName,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/${resourceEndpoint}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
def resource = jsonResponse.results.find { it -> it.name == resourceName}
|
||||
if (resource) {
|
||||
return resource.pulp_href
|
||||
}
|
||||
return null
|
||||
}
|
||||
|
||||
def waitForTaskCompletion(
|
||||
String credentials,
|
||||
String taskHREF,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def status = ''
|
||||
def created_resources = []
|
||||
while (status != 'completed') {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${taskHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
status = jsonResponse.state
|
||||
if (status == 'completed') {
|
||||
return jsonResponse.created_resources
|
||||
} else if (!(status in ['running','waiting'])) {
|
||||
break
|
||||
}
|
||||
sleep(10)
|
||||
}
|
||||
throw new Exception("Task failed:" + jsonResponse.error.description)
|
||||
}
|
||||
|
||||
def exportPackages(
|
||||
String credentials,
|
||||
List packages = [],
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
String pulpHost = 'pulp.bbohard.lan'
|
||||
) {
|
||||
def exportTasks = []
|
||||
packages.each {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/content/deb/packages/", httpMode: 'POST', ignoreSslErrors: true, multipartName: "file", timeout: 900, uploadFile: "${it}", validResponseCodes: "202"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
packages.each {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/content/deb/packages/", httpMode: 'POST', ignoreSslErrors: true, multipartName: "file", timeout: 900, responseHandle: 'NONE', uploadFile: "${it}"
|
||||
jsonResponse = readJSON text: response.content
|
||||
println(jsonResponse)
|
||||
exportTasks << jsonResponse['task']
|
||||
}
|
||||
return exportTasks
|
||||
}
|
||||
|
||||
def createRepository(
|
||||
String credentials,
|
||||
String name,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def repositoryName = ["name": name]
|
||||
def postBody = JsonOutput.toJson(repositoryName)
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/repositories/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "201"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
return jsonResponse.pulp_href
|
||||
|
||||
}
|
||||
def getRepositoryHREF(
|
||||
String credentials,
|
||||
String repository = 'Cadoles4MSE unstable'
|
||||
String repositoryLevel = 'dev',
|
||||
String pulpHost = 'pulp.bbohard.lan'
|
||||
) {
|
||||
def repositoryHREF = getResourceHREF(credentials, 'repositories/deb/apt/', repository)
|
||||
if (repositoryHREF) {
|
||||
return repositoryHREF
|
||||
} else {
|
||||
return createRepository(credentials, repository)
|
||||
}
|
||||
def repositoriesMapping = ['dev': 'Cadoles4MSE']
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/repositories/deb/apt/", httpMode: 'GET', ignoreSslErrors: true
|
||||
def jsonResponse = readJSON text: response.content
|
||||
println(jsonResponse)
|
||||
def repositories = jsonResponse.results
|
||||
def repositoryHREF = repositories.find { it -> it['name'] == repositoriesMapping[repositoryLevel] }
|
||||
return repositoryHREF.pulp_href
|
||||
}
|
||||
|
||||
def addToRepository(
|
||||
String credentials,
|
||||
List packagesHREF,
|
||||
String repositoryHREF,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
String pulpHost = 'pulp.bbohard.lan'
|
||||
) {
|
||||
def packagesHREFURL = ["add_content_units": packagesHREF.collect { "https://$pulpHost$it" }]
|
||||
def postBody = JsonOutput.toJson(packagesHREFURL)
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${repositoryHREF}modify/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${repositoryHREF}modify/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "100:599"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
return waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
}
|
||||
@ -90,19 +45,12 @@ def addToRepository(
|
||||
def publishRepository(
|
||||
String credentials,
|
||||
String repositoryHREF,
|
||||
String signing_service = null,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
String pulpHost = 'pulp.bbohard.lan'
|
||||
) {
|
||||
def postContent = ["repository": repositoryHREF, "simple": true]
|
||||
if (signing_service) {
|
||||
def signingServiceHREF = getResourceHREF(credentials, 'signing-services/', signing_service)
|
||||
if (signingServiceHREF) {
|
||||
postContent.put("signing_service", "https://${pulpHost}${signingServiceHREF}")
|
||||
}
|
||||
}
|
||||
def postBody = JsonOutput.toJson(postContent)
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/publications/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
|
||||
def postBody = JsonOutput.toJson(["repository": repositoryHREF, "simple": true])
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/publications/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true
|
||||
def jsonResponse = readJSON text: response.content
|
||||
println(jsonResponse)
|
||||
return waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
}
|
||||
|
||||
@ -111,30 +59,26 @@ def distributePublication(
|
||||
String publicationHREF,
|
||||
String distributionName,
|
||||
String basePath,
|
||||
String contentGuard = null,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
String pulpHost = 'pulp.bbohard.lan',
|
||||
String contentGuard = null
|
||||
) {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/distributions/deb/apt/", httpMode: 'GET', ignoreSslErrors: true
|
||||
def jsonResponse = readJSON text: response.content
|
||||
def httpMode = ''
|
||||
def url = ''
|
||||
def distributionHREF = getResourceHREF(credentials, 'distributions/deb/apt/', distributionName)
|
||||
if (distributionHREF) {
|
||||
def distribution = jsonResponse.results.find { it -> it.name == distributionName}
|
||||
if (distribution) {
|
||||
httpMode = 'PUT'
|
||||
url = distributionHREF
|
||||
url = distribution.pulp_href
|
||||
|
||||
} else {
|
||||
httpMode = 'POST'
|
||||
url = '/pulp/api/v3/distributions/deb/apt/'
|
||||
}
|
||||
def bodyContent = ["publication": publicationHREF, "name": distributionName, "base_path": basePath]
|
||||
if (contentGuard) {
|
||||
def contentGuardHREF = getResourceHREF(credentials, 'contentguards/core/rbac/', contentGuard)
|
||||
if (contentGuardHREF) {
|
||||
bodyContent.put('content_guard', "https://${pulpHost}${contentGuardHREF}")
|
||||
}
|
||||
}
|
||||
def postBody = JsonOutput.toJson(bodyContent)
|
||||
response = httpRequest authentication: credentials, url: "https://${pulpHost}${url}", httpMode: httpMode, requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
|
||||
def postBody = JsonOutput.toJson(["publication": publicationHREF, "name": distributionName, "base_path": basePath, "content_guard": contentGuard])
|
||||
response = httpRequest authentication: credentials, url: "https://${pulpHost}${url}", httpMode: httpMode, requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "100:599"
|
||||
jsonResponse = readJSON text: response.content
|
||||
if (distributionHREF) {
|
||||
if (distribution) {
|
||||
waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
return [url]
|
||||
} else {
|
||||
@ -142,12 +86,31 @@ def distributePublication(
|
||||
}
|
||||
}
|
||||
|
||||
def waitForTaskCompletion(
|
||||
String credentials,
|
||||
String taskHREF,
|
||||
String pulpHost = 'pulp.bbohard.lan'
|
||||
) {
|
||||
def status = ''
|
||||
def created_resources = []
|
||||
while (status != 'completed') {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${taskHREF}", httpMode: 'GET', ignoreSslErrors: true
|
||||
def jsonResponse = readJSON text: response.content
|
||||
status = jsonResponse.state
|
||||
if (status == 'completed') {
|
||||
created_resources = jsonResponse.created_resources
|
||||
}
|
||||
sleep(10)
|
||||
}
|
||||
return created_resources
|
||||
}
|
||||
|
||||
def getDistributionURL(
|
||||
String credentials,
|
||||
String resourceHREF,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
String pulpHost = 'pulp.bbohard.lan'
|
||||
) {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${resourceHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${resourceHREF}", httpMode: 'GET', ignoreSslErrors: true
|
||||
def jsonResponse = readJSON text: response.content
|
||||
println(jsonResponse)
|
||||
return jsonResponse.base_url
|
||||
|
||||
@ -1,154 +0,0 @@
|
||||
import groovy.json.JsonOutput
|
||||
|
||||
def getResourceHREF(
|
||||
String credentials,
|
||||
String resourceEndpoint,
|
||||
String resourceName,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/${resourceEndpoint}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
def resource = jsonResponse.results.find { it -> it.name == resourceName}
|
||||
if (resource) {
|
||||
return resource.pulp_href
|
||||
}
|
||||
return null
|
||||
}
|
||||
|
||||
def waitForTaskCompletion(
|
||||
String credentials,
|
||||
String taskHREF,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def status = ''
|
||||
def created_resources = []
|
||||
while (status != 'completed') {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${taskHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
status = jsonResponse.state
|
||||
if (status == 'completed') {
|
||||
return jsonResponse.created_resources
|
||||
} else if (!(status in ['running','waiting'])) {
|
||||
break
|
||||
}
|
||||
sleep(10)
|
||||
}
|
||||
throw new Exception("Task failed:" + jsonResponse.error.description)
|
||||
}
|
||||
|
||||
def exportPackages(
|
||||
String credentials,
|
||||
List packages = [],
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def exportTasks = []
|
||||
packages.each {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/content/deb/packages/", httpMode: 'POST', ignoreSslErrors: true, multipartName: "file", timeout: 900, uploadFile: "${it}", validResponseCodes: "202"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
exportTasks << jsonResponse['task']
|
||||
}
|
||||
return exportTasks
|
||||
}
|
||||
|
||||
def createRepository(
|
||||
String credentials,
|
||||
String name,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def repositoryName = ["name": name]
|
||||
def postBody = JsonOutput.toJson(repositoryName)
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/repositories/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "201"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
return jsonResponse.pulp_href
|
||||
|
||||
}
|
||||
def getRepositoryHREF(
|
||||
String credentials,
|
||||
String repository = 'Cadoles4MSE unstable'
|
||||
) {
|
||||
def repositoryHREF = getResourceHREF(credentials, 'repositories/deb/apt/', repository)
|
||||
if (repositoryHREF) {
|
||||
return repositoryHREF
|
||||
} else {
|
||||
return createRepository(credentials, repository)
|
||||
}
|
||||
}
|
||||
|
||||
def addToRepository(
|
||||
String credentials,
|
||||
List packagesHREF,
|
||||
String repositoryHREF,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def packagesHREFURL = ["add_content_units": packagesHREF.collect { "https://$pulpHost$it" }]
|
||||
def postBody = JsonOutput.toJson(packagesHREFURL)
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${repositoryHREF}modify/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
return waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
}
|
||||
|
||||
def publishRepository(
|
||||
String credentials,
|
||||
String repositoryHREF,
|
||||
String signing_service = null,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def postContent = ["repository": repositoryHREF, "simple": true]
|
||||
if (signing_service) {
|
||||
def signingServiceHREF = getResourceHREF(credentials, 'signing-services/', signing_service)
|
||||
if (signingServiceHREF) {
|
||||
postContent.put("signing_service", "https://${pulpHost}${signingServiceHREF}")
|
||||
}
|
||||
}
|
||||
def postBody = JsonOutput.toJson(postContent)
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}/pulp/api/v3/publications/deb/apt/", httpMode: 'POST', requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
return waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
}
|
||||
|
||||
def distributePublication(
|
||||
String credentials,
|
||||
String publicationHREF,
|
||||
String distributionName,
|
||||
String basePath,
|
||||
String contentGuard = null,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def httpMode = ''
|
||||
def url = ''
|
||||
def distributionHREF = getResourceHREF(credentials, 'distributions/deb/apt/', distributionName)
|
||||
if (distributionHREF) {
|
||||
httpMode = 'PUT'
|
||||
url = distributionHREF
|
||||
} else {
|
||||
httpMode = 'POST'
|
||||
url = '/pulp/api/v3/distributions/deb/apt/'
|
||||
}
|
||||
def bodyContent = ["publication": publicationHREF, "name": distributionName, "base_path": basePath]
|
||||
if (contentGuard) {
|
||||
def contentGuardHREF = getResourceHREF(credentials, 'contentguards/core/rbac/', contentGuard)
|
||||
if (contentGuardHREF) {
|
||||
bodyContent.put('content_guard', "https://${pulpHost}${contentGuardHREF}")
|
||||
}
|
||||
}
|
||||
def postBody = JsonOutput.toJson(bodyContent)
|
||||
response = httpRequest authentication: credentials, url: "https://${pulpHost}${url}", httpMode: httpMode, requestBody: postBody, contentType: 'APPLICATION_JSON', ignoreSslErrors: true, validResponseCodes: "202"
|
||||
jsonResponse = readJSON text: response.content
|
||||
if (distributionHREF) {
|
||||
waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
return [url]
|
||||
} else {
|
||||
return waitForTaskCompletion(credentials, jsonResponse.task)
|
||||
}
|
||||
}
|
||||
|
||||
def getDistributionURL(
|
||||
String credentials,
|
||||
String resourceHREF,
|
||||
String pulpHost = 'pulp.cadoles.com'
|
||||
) {
|
||||
def response = httpRequest authentication: credentials, url: "https://${pulpHost}${resourceHREF}", httpMode: 'GET', ignoreSslErrors: true, validResponseCodes: "200"
|
||||
def jsonResponse = readJSON text: response.content
|
||||
println(jsonResponse)
|
||||
return jsonResponse.base_url
|
||||
}
|
||||
115
vars/symfonyAppPipeline.groovy
Normal file
115
vars/symfonyAppPipeline.groovy
Normal file
@ -0,0 +1,115 @@
|
||||
import org.jenkinsci.plugins.pipeline.modeldefinition.Utils
|
||||
|
||||
def call(String baseImage = "ubuntu:22.04") {
|
||||
node {
|
||||
stage("Checkout project") {
|
||||
checkout(scm)
|
||||
}
|
||||
|
||||
stage('Run in Symfony image') {
|
||||
def symfonyImage = buildDockerImage(baseImage)
|
||||
symfonyImage.inside() {
|
||||
def repo = env.JOB_NAME
|
||||
if (env.BRANCH_NAME ==~ /^PR-.*$/) {
|
||||
repo = env.JOB_NAME - "/${env.JOB_BASE_NAME}"
|
||||
}
|
||||
|
||||
stage("Install composer dependencies") {
|
||||
sh '''
|
||||
composer install
|
||||
'''
|
||||
}
|
||||
|
||||
parallel([
|
||||
'php-security-check': {
|
||||
stage("Check PHP security issues") {
|
||||
catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
|
||||
def auditReport = sh(script: "local-php-security-checker --format=markdown || true", returnStdout: true)
|
||||
if (auditReport.trim() != "") {
|
||||
if (env.CHANGE_ID) {
|
||||
gitea.commentPullRequest(repo, env.CHANGE_ID, auditReport, 0)
|
||||
} else {
|
||||
print auditReport
|
||||
}
|
||||
}
|
||||
if (!auditReport.contains("No packages have known vulnerabilities.")) {
|
||||
throw new Exception("Dependencies check failed !")
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
'php-cs-fixer': {
|
||||
stage("Run PHP-CS-Fixer on modified code") {
|
||||
catchError(buildResult: 'FAILURE', stageResult: 'FAILURE') {
|
||||
if ( !fileExists('.php-cs-fixer.dist.php') ) {
|
||||
def phpCsFixerConfig = libraryResource 'com/cadoles/symfony/.php-cs-fixer.dist.php'
|
||||
writeFile file:'.php-cs-fixer.dist.php', text:phpCsFixerConfig
|
||||
}
|
||||
|
||||
sh '''
|
||||
CHANGED_FILES=$(git diff --name-only --diff-filter=ACMRTUXB "HEAD~..HEAD" | fgrep ".php" | tr "\n" " ")
|
||||
if ! echo "${CHANGED_FILES}" | grep -qE "^(\\.php-cs-fixer(\\.dist)\\.php?|composer\\.lock)$"; then EXTRA_ARGS=$(printf -- '--path-mode=intersection -- %s' "${CHANGED_FILES}"); else EXTRA_ARGS=''; fi
|
||||
php-cs-fixer fix --config=.php-cs-fixer.dist.php -v --dry-run --using-cache=no --format junit ${EXTRA_ARGS} > php-cs-fixer.xml || true
|
||||
'''
|
||||
def report = sh(script: "junit2md php-cs-fixer.xml", returnStdout: true)
|
||||
if (env.CHANGE_ID) {
|
||||
gitea.commentPullRequest(repo, env.CHANGE_ID, report, 1)
|
||||
} else {
|
||||
print report
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
'phpstan': {
|
||||
stage("Run phpstan") {
|
||||
catchError(buildResult: 'UNSTABLE', stageResult: 'FAILURE') {
|
||||
if ( !fileExists('phpstan.neon') ) {
|
||||
def phpStanConfig = libraryResource 'com/cadoles/symfony/phpstan.neon'
|
||||
writeFile file:'phpstan.neon', text:phpStanConfig
|
||||
}
|
||||
sh '''
|
||||
phpstan analyze -l 1 --error-format=table src > phpstan.txt || true
|
||||
'''
|
||||
def report = sh(script: "cat phpstan.txt", returnStdout: true)
|
||||
report = "## Rapport PHPStan\n\n```\n" + report
|
||||
report = report + "\n```\n"
|
||||
if (env.CHANGE_ID) {
|
||||
gitea.commentPullRequest(repo, env.CHANGE_ID, report, 2)
|
||||
} else {
|
||||
print report
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
])
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
def buildDockerImage(String baseImage) {
|
||||
def imageName = "cadoles-symfony-ci"
|
||||
dir (".${imageName}") {
|
||||
def dockerfile = libraryResource 'com/cadoles/symfony/Dockerfile'
|
||||
writeFile file:'Dockerfile', text: "FROM ${baseImage}\n\n" + dockerfile
|
||||
|
||||
def addLetsEncryptCA = libraryResource 'com/cadoles/common/add-letsencrypt-ca.sh'
|
||||
writeFile file:'add-letsencrypt-ca.sh', text:addLetsEncryptCA
|
||||
|
||||
def safeJobName = URLDecoder.decode(env.JOB_NAME).toLowerCase().replace('/', '-').replace(' ', '-')
|
||||
def imageTag = "${safeJobName}-${env.BUILD_ID}"
|
||||
return docker.build("${imageName}:${imageTag}", ".")
|
||||
}
|
||||
}
|
||||
|
||||
def when(boolean condition, body) {
|
||||
def config = [:]
|
||||
body.resolveStrategy = Closure.OWNER_FIRST
|
||||
body.delegate = config
|
||||
|
||||
if (condition) {
|
||||
body()
|
||||
} else {
|
||||
Utils.markStageSkippedForConditional(STAGE_NAME)
|
||||
}
|
||||
}
|
||||
@ -7,38 +7,46 @@ def buildPackageWithCPKG(
|
||||
Boolean forceRebuild = false
|
||||
) {
|
||||
|
||||
def result = [:]
|
||||
def builds = []
|
||||
|
||||
// Retrieve commit tags
|
||||
def commitTag = sh(script: 'git describe --exact-match --abbrev=0', returnStdout: true)
|
||||
if (commitTag == '') {
|
||||
def commitTags = sh(script: 'git describe --exact-match --abbrev=0', returnStdout: true).split(' ')
|
||||
if (commitTags.length == 0) {
|
||||
error 'No build build tags on last commit'
|
||||
}
|
||||
|
||||
// Split tag to retrieve context informations
|
||||
def tagParts = commitTag.split('/')
|
||||
def packageEnv = tagParts[1]
|
||||
def packageDistrib = tagParts[2]
|
||||
def packageVersion = tagParts[3]
|
||||
// For each tags
|
||||
for (tag in commitTags) {
|
||||
|
||||
// Create .tamarinrc file
|
||||
def tamarinrc = """
|
||||
project_version=${packageVersion}
|
||||
no_version_suffix=${ packageEnv == 'stable' || packageEnv == 'staging' ? 'yes' : 'no' }
|
||||
""".stripIndent()
|
||||
writeFile file: '.tamarinrc', text: tamarinrc
|
||||
// Split tag to retrieve context informations
|
||||
def tagParts = tag.split('/')
|
||||
def packageEnv = tagParts[1]
|
||||
def packageDistrib = tagParts[2]
|
||||
def packageVersion = tagParts[3]
|
||||
|
||||
sh "rm -rf ${destDir}/*"
|
||||
// Create .tamarinrc file
|
||||
def tamarinrc = """
|
||||
project_version=${packageVersion}
|
||||
no_version_suffix=${ packageEnv == 'stable' || packageEnv == 'staging' ? 'yes' : 'no' }
|
||||
""".stripIndent()
|
||||
writeFile file: '.tamarinrc', text: tamarinrc
|
||||
|
||||
sh "rm -rf ${destDir}/*"
|
||||
|
||||
stage("Build ${packageEnv} package (version ${packageVersion}) for ${packageDistrib}") {
|
||||
result.put('tag', commitTag)
|
||||
result.put('env', packageEnv)
|
||||
result.put('version', packageVersion)
|
||||
result.put('distrib', packageDistrib)
|
||||
def packages = buildPackage(packageProfile, packageArch, baseImage, destDir, forceRebuild)
|
||||
result.put('packages', packages)
|
||||
stage("Build ${packageEnv} package (version ${packageVersion}) for ${packageDistrib}") {
|
||||
def result = [:]
|
||||
result.put('tag', tag)
|
||||
result.put('env', packageEnv)
|
||||
result.put('version', packageVersion)
|
||||
result.put('distrib', packageDistrib)
|
||||
def packages = buildPackage(packageProfile, packageArch, baseImage, destDir, forceRebuild)
|
||||
result.put('packages', packages)
|
||||
builds << result
|
||||
}
|
||||
|
||||
}
|
||||
return result
|
||||
|
||||
return builds
|
||||
|
||||
}
|
||||
|
||||
@ -121,4 +129,4 @@ def buildDockerImage() {
|
||||
def imageTag = "${safeJobName}-${env.BUILD_ID}"
|
||||
return docker.build("tamarin:${imageTag}", ".")
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user