-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathJenkinsfile
105 lines (102 loc) · 3.53 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
pipeline {
agent { label 'docker-slave' }
environment {
// CI-CD vars
docker_registry_ip = credentials('jenkins-docker-registry-ip')
// When triggered from git tag, $BRANCH_NAME is actually GIT's tag_name
TAG_SEM_VER_COMPLIANT = """${sh(
returnStdout: true,
script: './CI-CD/validate_tag.sh SemVar $BRANCH_NAME'
)}"""
TAG_MAJOR_RELEASE = """${sh(
returnStdout: true,
script: './CI-CD/validate_tag.sh MajRel $BRANCH_NAME'
)}"""
TAG_PRODUCTION = """${sh(
returnStdout: true,
script: './CI-CD/validate_tag.sh production $BRANCH_NAME'
)}"""
TAG_STAGING = """${sh(
returnStdout: true,
script: './CI-CD/validate_tag.sh staging $BRANCH_NAME'
)}"""
}
stages {
stage ('Pull repo code from github') {
steps {
checkout scm
}
}
stage('SonarQube analysis'){
environment {
scannerHome = tool 'SonarQubeScanner'
}
steps {
withSonarQubeEnv('SonarCloud') {
sh """ #!/bin/bash
${scannerHome}/bin/sonar-scanner
"""
}
}
}
stage('Inspect GIT TAG'){
steps {
sh """ #!/bin/bash
echo 'TAG: $BRANCH_NAME'
echo 'Tag is compliant with SemVar 2.0.0: $TAG_SEM_VER_COMPLIANT'
echo 'Tag is Major release: $TAG_MAJOR_RELEASE'
echo 'Tag is production: $TAG_PRODUCTION'
echo 'Tag is staging: $TAG_STAGING'
"""
}
}
stage('Build vault-secret-uploader') {
when {
allOf {
// Triggered on every tag, that is considered for staging or production
expression{tag "*"}
expression{
TAG_STAGING == 'true' || TAG_PRODUCTION == 'true'
}
}
}
steps {
sh "cd CI-CD && ./make_docker.sh build vault-secret-uploader"
}
}
stage('Push vault-secret-uploader to sodalite-private-registry') {
// Push during staging and production
when {
allOf {
expression{tag "*"}
expression{
TAG_STAGING == 'true' || TAG_PRODUCTION == 'true'
}
}
}
steps {
withDockerRegistry(credentialsId: 'jenkins-sodalite.docker_token', url: '') {
sh """#!/bin/bash
./CI-CD/make_docker.sh push vault-secret-uploader staging
"""
}
}
}
stage('Push vault-secret-uploader to DockerHub') {
when {
allOf {
// Triggered on every tag, that is considered for staging or production
expression{tag "*"}
expression{
TAG_PRODUCTION == 'true'
}
}
}
steps {
withDockerRegistry(credentialsId: 'jenkins-sodalite.docker_token', url: '') {
sh "./CI-CD/make_docker.sh push vault-secret-uploader production"
}
}
}
}
}