-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathJenkinsfile_CNP
123 lines (104 loc) · 4.54 KB
/
Jenkinsfile_CNP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!groovy
@Library("Infrastructure")
import uk.gov.hmcts.contino.AppPipelineDsl
import uk.gov.hmcts.contino.GradleBuilder
import uk.gov.hmcts.contino.Kubectl
import uk.gov.hmcts.contino.DockerImage
import uk.gov.hmcts.pipeline.TeamConfig
def type = "java"
def product = "bulk-scan"
def component = "processor"
def channel = '#bsp-build-notices'
env.TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX = 'hmctspublic.azurecr.io/imported/'
def combinedSecrets = [
'bulk-scan-${env}': [
secret('processed-envelopes-staging-queue-send-shared-access-key',
'PROCESSED_ENVELOPES_QUEUE_WRITE_ACCESS_KEY'),
secret('storage-account-staging-primary-key', 'TEST_STORAGE_ACCOUNT_KEY'),
secret('storage-account-staging-name', 'TEST_STORAGE_ACCOUNT_NAME'),
secret('launch-darkly-sdk-key', 'LAUNCH_DARKLY_SDK_KEY'),
secret('launch-darkly-offline-mode', 'LAUNCH_DARKLY_OFFLINE_MODE')
],
's2s-${env}': [
// to be removed later
secret('microservicekey-bulk-scan-processor-tests', 'TEST_S2S_SECRET'),
secret('microservicekey-bulk-scan-processor-tests', 'S2S_SECRET')
]
]
def commonSecrets = [
'bulk-scan-${env}': [
secret('all-preview-queue-access-key', 'PROCESSED_ENVELOPES_QUEUE_WRITE_ACCESS_KEY'),
secret('idam-users-bulkscan-username', 'IDAM_USER_NAME'),
secret('idam-users-bulkscan-password', 'IDAM_USER_PASSWORD'),
secret('launch-darkly-sdk-key', 'LAUNCH_DARKLY_SDK_KEY'),
secret('launch-darkly-offline-mode', 'LAUNCH_DARKLY_OFFLINE_MODE')
],
's2s-${env}': [
// to be removed later
secret('microservicekey-bulk-scan-processor-tests', 'TEST_S2S_SECRET'),
secret('microservicekey-bulk-scan-processor-tests', 'S2S_SECRET')
]
]
static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
[ $class: 'AzureKeyVaultSecret',
secretType: 'Secret',
name: secretName,
version: '',
envVariable: envVar
]
}
GradleBuilder builder = new GradleBuilder(this, product)
withPipeline(type, product, component) {
// Vars needed for smoke / functional testing
env.TEST_S2S_NAME = 'bulk_scan_processor_tests'
env.TEST_S2S_URL = 'http://rpe-service-auth-provider-aat.service.core-compute-aat.internal'
env.TEST_SCAN_DELAY = '4000'
env.TEST_STORAGE_CONTAINER_NAME = 'bulkscan'
env.TEST_STORAGE_ACCOUNT_URL = 'https://bulkscanaatstaging.blob.core.windows.net'
env.FLUX_FUNC_TEST = false
env.PROCESSED_ENVELOPES_QUEUE_NAMESPACE = 'bulk-scan-servicebus-aat-premium'
env.PROCESSED_ENVELOPES_QUEUE_NAME = 'processed-envelopes-staging'
env.PROCESSED_ENVELOPES_QUEUE_WRITE_ACCESS_KEY_NAME = 'SendSharedAccessKey'
env.JMS_ENABLED = false
env.SPRING_PROFILES_ACTIVE = 'default'
before('smoketest:preview') {
withAksClient('nonprod', product) {
def dockerImage = new DockerImage(product, component, null, env.BRANCH_NAME, env.GIT_COMMIT, env.LAST_COMMIT_TIMESTAMP)
def subscription = env.SUBSCRIPTION_NAME
def aksServiceName = dockerImage.getAksServiceName().toLowerCase()
def storageSecret = "storage-secret-${aksServiceName}-blobstorage"
def storageSecretName = "storage-account-${aksServiceName}-blobstorage"
def namespace = new TeamConfig(this).getNameSpace(product)
def kubectl = new Kubectl(this, subscription, namespace)
kubectl.login()
// Get storage account details from kubernetes
env.TEST_STORAGE_ACCOUNT_KEY = kubectl.getSecret(storageSecret, namespace, "{.data.accessKey}")
env.TEST_STORAGE_ACCOUNT_URL = kubectl.getSecret(storageSecret, namespace, "{.data.blobEndpoint}")
env.TEST_STORAGE_ACCOUNT_NAME = kubectl.getSecret(storageSecretName, namespace, "{.data.storage_account_name}")
// log the values
echo "storage account url : ${env.TEST_STORAGE_ACCOUNT_URL}"
echo "storage account name : ${env.TEST_STORAGE_ACCOUNT_NAME}"
echo "storage account key : ${env.TEST_STORAGE_ACCOUNT_KEY}"
// Get envelopes queue connection string
env.PROCESSED_ENVELOPES_QUEUE_NAME = "${aksServiceName}-servicebus-processed-envelopes"
env.PROCESSED_ENVELOPES_QUEUE_WRITE_ACCESS_KEY_NAME = "RootManageSharedAccessKey"
env.PROCESSED_ENVELOPES_QUEUE_NAMESPACE = "bsp-sb-preview"
}
}
def branchesToSync = ['demo', 'perftest']
syncBranchesWithMaster(branchesToSync)
afterSuccess('test') {
builder.gradle('integration')
}
enableDbMigration('bulk-scan')
enableSlackNotifications(channel)
enableAksStagingDeployment()
disableLegacyDeployment()
enablePactAs([AppPipelineDsl.PactRoles.CONSUMER])
onPR() {
loadVaultSecrets(commonSecrets)
}
onNonPR() {
loadVaultSecrets(combinedSecrets)
}
}