alihan/newsletter-crawler
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
master
newsletter-crawler/Jenkinsfile
ALIHAN DIKEL ebdc0500ad Jenkinsfile edited online with Bitbucket
2023-12-12 19:40:58 +03:00

267 lines
7.6 KiB
Groovy
Raw Permalink Blame History

@Library('DevOpsGenericLibrary') _
def agentLabels = [
default: 'tocpt2-openjdk11-mvn36',
buildah: 'js-vm-linux-buildah',
oc: 'devops-aias-js-maven-new',
fortify: 'tocpt2-jdk17-mvn36'
]
pipeline {
agent {
label "${agentLabels.buildah}"
}
options {
timestamps()
buildDiscarder(
logRotator(numToKeepStr: '30')
)
}
// parameters {
// }
stages {
stage ("Prepare Environment"){
steps{
script{
info = [:]
info.catalog = [
company: "turkcell",
applicationService: "sensai",
softwareModule: "newsletter-crawler"
]
info.artifact = [
application: [
name: "newsletter-crawler"
],
containerImage: [
name: "newsletter-crawler",
version: "${env.BRANCH_NAME}-${env.BUILD_NUMBER}"
]
]
info.repository = [
containerImage: [
dev: "local-docker-dist-dev",
prod: "local-docker-dist-prod",
path: "com/turkcell/sensai",
host: "artifactory.turkcell.com.tr",
]
]
info.artifact.containerImage.imageTag =
"${info.repository.containerImage.host}/${info.repository.containerImage.dev}/${info.repository.containerImage.path}/${info.artifact.containerImage.name}:${info.artifact.containerImage.version}"
info.buildTools = [
buildah: [
root: "/data01/devops/data/buildah/data",
storage: "/data01/devops/data/buildah/storage",
PIP_URL_PUBLIC: "https://artifactory.turkcell.com.tr/artifactory/api/pypi/virtual-pypi/simple",
PIP_URL_PRIVATE: "https://artifactory.turkcell.com.tr/artifactory/api/pypi/virtual-pypi/simple"
],
fortify: [
application: [
appServiceId: "471652",
appServiceName: "SENSAI",
softwareModuleName: "newsletter-crawler",
branch: "master"
],
configuration: [
fortifyHome: "/tmp/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/fortify-scanner"
]
]
]
info.buildTools.fortify.application += [
appName: "${info.buildTools.fortify.application.appServiceId}_${info.buildTools.fortify.application.appServiceName}.${info.buildTools.fortify.application.softwareModuleName}"
]
info.deploymentTargets = [
openshift: [
test: [
cluster: "tocpgt01",
clientToken: "tocpgt01-ai-sensai-jenkins",
namespace: "ai-sensai"
]
]
]
}
}
}
stage ("CI"){
stages{
stage("Validations"){
steps{
echo "${info}"
}
}
stage("Build"){
stages{
stage("Build Container Image"){
agent {
label "${agentLabels.buildah}"
}
when {
anyOf{
branch 'master';
branch 'develop'
}
}
steps{
script{
sh """
buildah bud \
--layers=true \
--build-arg PIP_INDEX_URL=${info.buildTools.buildah.PIP_URL_PRIVATE} \
-t ${info.artifact.containerImage.imageTag} .
"""
}
}
}
}
}
stage("Scan") {
stages("Security Scans") {
stage("Fortify Security") {
agent {
label "${agentLabels.fortify}"
}
when {
anyOf {
branch 'master'
}
}
steps {
script {
fortifyScanner = tool 'fortify-scanner'
FORTIFY_HOME = "/tmp/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/fortify-scanner"
sh 'mkdir -p /tmp/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/fortify-scanner/'
sh 'cp -R /home/jenkins/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/fortify-scanner/* /tmp/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/fortify-scanner/'
fortifyRemoteAnalysis(
remoteAnalysisProjectType: fortifyPython(),
uploadSSC: [
appName: info.buildTools.fortify.application.appName,
appVersion: info.buildTools.fortify.application.branch
]
)
}
}
}
}
}
stage("Publish"){
stages{
stage("Publish Container Image to Artifactory"){
agent {
label "${agentLabels.buildah}"
}
when {
anyOf{
branch 'master';
branch 'develop'
}
}
steps {
script{
withCredentials([usernamePassword(
credentialsId: 'jenkins-aias-artifactory',
usernameVariable: 'USERNAME',
passwordVariable: 'PASSWORD')]) {
sh """
buildah login -u ${USERNAME} -p ${PASSWORD} ${info.repository.containerImage.host}
"""
sh """
buildah push \
${info.artifact.containerImage.imageTag}
"""
}
}
}
}
}
}
}
}
/*
stage ("CD"){
stages{
stage("Deploy"){
agent {
label "${agentLabels.oc}"
}
stages{
stage("Deploy to Openshift"){
when {
anyOf{
branch 'bootstrapping'
}
}
steps {
script {
templateParams = info.deploymentTargets.openshift.test.templateParams
openshiftTestClient {
openshift.apply(
openshift.process(
readFile('openshift/aihub-sima-http.yaml'),
"-p", "IMAGE_TAG_AIHUB_SIMA_HTTP=${templateParams.image.tag}",
"-p", "SECRET_NAME_AIHUB_SIMA_POSTGRES_PASSWORD=${templateParams.secrets.simaPostgresPassword.name}",
"-p", "SECRET_KEY_AIHUB_SIMA_POSTGRES_PASSWORD=${templateParams.secrets.simaPostgresPassword.key}",
"-p", "AIHUB_SIMA_HTTP_POSTGRES_HOSTNAME=${templateParams.postgres.sima.hostname}",
"-p", "AIHUB_SIMA_HTTP_POSTGRES_PORT=${templateParams.postgres.sima.port}",
"-p", "AIHUB_SIMA_HTTP_POSTGRES_DATABASE_NAME=${templateParams.postgres.sima.databaseName}",
"-p", "AIHUB_SIMA_HTTP_APPLICATION_USER=${templateParams.postgres.sima.applicationUser}",
"-p", "AIHUB_SIMA_HTTP_POSTGRES_DEFAULT_SCHEMA=${templateParams.postgres.sima.defaultSchema}",
"-p", "SECRET_NAME_AIHUB_TAPIS_PUBLIC_KEY=${templateParams.secrets.aihubTapisPublicKey.name}",
"-p", "SECRET_KEY_AIHUB_TAPIS_PUBLIC_KEY=${templateParams.secrets.aihubTapisPublicKey.key}",
"-p", "SECRET_NAME_AIHUB_USAGE_LDAP_USER_PASSWORD=${templateParams.secrets.aihubTapisLdap.name}",
"-p", "SECRET_KEY_AIHUB_USAGE_LDAP_USER_PASSWORD=${templateParams.secrets.aihubTapisLdap.key}",
"-p", "AIHUB_TAPIS_PUBLIC_KEY_ENDPOINT=${templateParams.aihub.tapis_public_key_endpoint}",
"-p", "AIHUB_USAGE_HTTP_URL=${templateParams.aihub.usage_http_url}",
"-p", "AIHUB_AUTH_TOKEN_URL=${templateParams.aihub.auth_token_url}",
"-p", "AIHUB_SSL_VERIFY=${templateParams.aihub.ssl_verify}",
"-p", "LIVENESS_MODEL_PATH=${templateParams.models.liveness.modelPath}"
)
)
}
}
}
}
}
}
}
}
*/
}
}
/*
def openshiftTestClient(Closure body) {
openshift.withCluster(info.deploymentTargets.openshift.test.cluster) {
openshift.withCredentials(info.deploymentTargets.openshift.test.clientToken) {
openshift.withProject(info.deploymentTargets.openshift.test.namespace) {
body()
}
}
}
}
*/
Reference in New Issue View Git Blame Copy Permalink