-
Notifications
You must be signed in to change notification settings - Fork 267
/
Jenkinsfile
141 lines (115 loc) · 4 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
library identifier: "[email protected]",
retriever: modernSCM(
[
$class: "GitSCMSource",
remote: "https://github.com/redhat-cop/pipeline-library.git"
]
)
openshift.withCluster() {
env.NAMESPACE = openshift.project()
env.BUILD = "${env.NAMESPACE}"
env.DEV = env.BUILD.replace('ci-cd', 'dev')
env.TEST = env.BUILD.replace('ci-cd', 'test')
env.MVN_SNAPSHOT_DEPLOYMENT_REPOSITORY = "nexus::default::http://nexus:8081/repository/maven-snapshots"
env.APP_NAME = "${env.JOB_NAME}".replaceAll(/-?${env.PROJECT_NAME}-?/, '').replaceAll(/-?pipeline-?/, '').replaceAll('/','')
env.POM_FILE = env.PIPELINE_CONTEXT_DIR ? "${env.PIPELINE_CONTEXT_DIR}/pom.xml" : "pom.xml"
env.BUILD_OUTPUT_DIR = env.PIPELINE_CONTEXT_DIR ? "${env.PIPELINE_CONTEXT_DIR}/target" : "target"
echo "Starting Pipeline for ${APP_NAME}..."
}
pipeline {
// Use Jenkins Maven slave
// Jenkins will dynamically provision this as OpenShift Pod
// All the stages and steps of this Pipeline will be executed on this Pod
// After Pipeline completes the Pod is killed so every run will have clean
// workspace
agent {
label 'jenkins-slave-mvn'
}
// Pipeline Stages start here
// Requeres at least one stage
stages {
// Checkout source code
// This is required as Pipeline code is originally checked out
// so this will pull the application source code to this slave
stage('Git Checkout Application') {
steps {
// Turn off Git's SSL cert check, uncomment if needed
// sh 'git config --global http.sslVerify false'
git url: "${APPLICATION_SOURCE_REPO}"
}
}
//verify nexus is up
stage('Wait for Nexus') {
steps {
verifyDeployment(targetApp: "nexus", projectName: env.BUILD)
}
}
// Run Maven build, skipping tests
stage('Build, Unit Test, Dependency Scan'){
steps {
// run build
sh "mvn -B clean deploy -f ${POM_FILE} -DaltDeploymentRepository=${MVN_SNAPSHOT_DEPLOYMENT_REPOSITORY}"
// publish unit test report
publishHTML(target: [
reportDir : "${env.BUILD_OUTPUT_DIR}/site/jacoco",
reportFiles : 'index.html',
reportName : 'Jacoco Unit Test Report',
keepAll : true,
alwaysLinkToLastBuild: false,
allowMissing : true
])
// publish dependency check report
publishHTML(target: [
reportDir : "${env.BUILD_OUTPUT_DIR}",
reportFiles : 'dependency-check-report.html',
reportName : 'OWASP Dependency Check Report',
keepAll : true,
alwaysLinkToLastBuild: true,
allowMissing : false
])
}
}
// Perform Static Code Analysis using SonarQube
stage ('Code Analysis') {
steps {
sonarqubeStaticAnalysis(
pomFile: "${POM_FILE}",
buildServerWebHookName: "jenkins"
)
}
}
// Build Container Image using the artifacts produced in previous stages
stage('Build Container Image'){
steps {
binaryBuild(projectName: env.BUILD, buildConfigName: env.APP_NAME, buildFromPath: "${env.BUILD_OUTPUT_DIR}")
}
}
stage('Promote from Build to Dev') {
steps {
tagImage(sourceImageName: env.APP_NAME, sourceImagePath: env.BUILD, toImagePath: env.DEV)
}
}
stage ('Verify Deployment to Dev') {
steps {
verifyDeployment(projectName: env.DEV, targetApp: env.APP_NAME)
}
}
stage('Promotion gate') {
steps {
script {
input message: 'Promote application to Test?'
}
}
}
stage('Promote from Dev to Test') {
steps {
tagImage(sourceImageName: env.APP_NAME, sourceImagePath: env.DEV, toImagePath: env.TEST)
}
}
stage ('Verify Deployment to Test') {
steps {
verifyDeployment(projectName: env.TEST, targetApp: env.APP_NAME)
}
}
}
}