From accdccc5b13af2e9be717a62f7c7e384c78af16e Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Sun, 10 May 2020 21:44:13 +0200 Subject: [PATCH 1/2] use SonarQube from ces-build-lib --- Jenkinsfile | 32 ++------------------------------ 1 file changed, 2 insertions(+), 30 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index c7dff42e68..776b1dea36 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -81,8 +81,8 @@ node('docker') { ) stage('SonarQube') { - - analyzeWith(mvn) + def sonarQube = new SonarCloud(this, [sonarQubeEnv: 'sonarcloud.io-scm', sonarOrganization: 'scm-manager']) + sonarQube.analyzeWith(mvn) if (!waitForQualityGateWebhookToBeCalled()) { currentBuild.result = 'UNSTABLE' @@ -224,34 +224,6 @@ Maven setupMavenBuild() { return mvn } -void analyzeWith(Maven mvn) { - - withSonarQubeEnv('sonarcloud.io-scm') { - - String mvnArgs = "${env.SONAR_MAVEN_GOAL} " + - "-Dsonar.host.url=${env.SONAR_HOST_URL} " + - "-Dsonar.login=${env.SONAR_AUTH_TOKEN} " - - if (isPullRequest()) { - echo "Analysing SQ in PR mode" - mvnArgs += "-Dsonar.pullrequest.base=${env.CHANGE_TARGET} " + - "-Dsonar.pullrequest.branch=${env.CHANGE_BRANCH} " + - "-Dsonar.pullrequest.key=${env.CHANGE_ID} " + - "-Dsonar.pullrequest.provider=bitbucketcloud " + - "-Dsonar.pullrequest.bitbucketcloud.owner=sdorra " + - "-Dsonar.pullrequest.bitbucketcloud.repository=scm-manager " + - "-Dsonar.cpd.exclusions=**/*StoreFactory.java,**/*UserPassword.js " - } else { - mvnArgs += " -Dsonar.branch.name=${env.BRANCH_NAME} " - if (!isMainBranch()) { - // Avoid exception "The main branch must not have a target" on main branch - mvnArgs += " -Dsonar.branch.target=${mainBranch} " - } - } - mvn "${mvnArgs}" - } -} - boolean isReleaseBranch() { return env.BRANCH_NAME.startsWith("release/"); } From 0fc0b71c0b4b248bb3b7667e3a89bd33c4dd192c Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Sun, 10 May 2020 21:47:35 +0200 Subject: [PATCH 2/2] remove Lifecycle stage --- Jenkinsfile | 169 ++++++++++++++++++++++++---------------------------- 1 file changed, 77 insertions(+), 92 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 776b1dea36..15f57a2e28 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -89,115 +89,100 @@ node('docker') { } } - if (isMainBranch() || isReleaseBranch()) { + if (isBuildSuccessful() && (isMainBranch() || isReleaseBranch())) { + def commitHash = git.getCommitHash() - stage('Lifecycle') { - try { - // failBuildOnNetworkError -> so we can catch the exception and neither fail nor make our build unstable - nexusPolicyEvaluation iqApplication: selectedApplication('scm'), iqScanPatterns: [[scanPattern: 'scm-server/target/scm-server-app.zip']], iqStage: 'build', failBuildOnNetworkError: true - } catch (Exception e) { - echo "ERROR: iQ Server policy eval failed. Not marking build unstable for now." - echo "ERROR: iQ Server Exception: ${e.getMessage()}" + def imageVersion = mvn.getVersion() + if (imageVersion.endsWith('-SNAPSHOT')) { + imageVersion = imageVersion.replace('-SNAPSHOT', "-${commitHash.substring(0,7)}-${BUILD_NUMBER}") + } + + stage('Archive') { + archiveArtifacts 'scm-webapp/target/scm-webapp.war' + archiveArtifacts 'scm-server/target/scm-server-app.*' + } + + stage('Maven Deployment') { + // TODO why is the server recreated + // delete appassembler target, because the maven plugin fails to recreate the tar + sh "rm -rf scm-server/target/appassembler" + + // deploy java artifacts + mvn.useRepositoryCredentials([id: 'maven.scm-manager.org', url: 'https://maven.scm-manager.org/nexus', credentialsId: 'maven.scm-manager.org', type: 'Nexus2']) + mvn.deployToNexusRepository() + + // deploy frontend bits + withCredentials([string(credentialsId: 'cesmarvin_npm_token', variable: 'NPM_TOKEN')]) { + writeFile encoding: 'UTF-8', file: '.npmrc', text: "//registry.npmjs.org/:_authToken='${NPM_TOKEN}'" + writeFile encoding: 'UTF-8', file: '.yarnrc', text: ''' + registry "https://registry.npmjs.org/" + always-auth true + email cesmarvin@cloudogu.com + '''.trim() + + // we are tricking lerna by pretending that we are not a git repository + sh "mv .git .git.disabled" + try { + mvn "-pl :scm-ui buildfrontend:run@deploy" + } finally { + sh "mv .git.disabled .git" + } } } - if (isBuildSuccessful()) { - - def commitHash = git.getCommitHash() - - def imageVersion = mvn.getVersion() - if (imageVersion.endsWith('-SNAPSHOT')) { - imageVersion = imageVersion.replace('-SNAPSHOT', "-${commitHash.substring(0,7)}-${BUILD_NUMBER}") - } - - stage('Archive') { - archiveArtifacts 'scm-webapp/target/scm-webapp.war' - archiveArtifacts 'scm-server/target/scm-server-app.*' - } - - stage('Maven Deployment') { - // TODO why is the server recreated - // delete appassembler target, because the maven plugin fails to recreate the tar - sh "rm -rf scm-server/target/appassembler" - - // deploy java artifacts - mvn.useRepositoryCredentials([id: 'maven.scm-manager.org', url: 'https://maven.scm-manager.org/nexus', credentialsId: 'maven.scm-manager.org', type: 'Nexus2']) - mvn.deployToNexusRepository() - - // deploy frontend bits - withCredentials([string(credentialsId: 'cesmarvin_npm_token', variable: 'NPM_TOKEN')]) { - writeFile encoding: 'UTF-8', file: '.npmrc', text: "//registry.npmjs.org/:_authToken='${NPM_TOKEN}'" - writeFile encoding: 'UTF-8', file: '.yarnrc', text: ''' - registry "https://registry.npmjs.org/" - always-auth true - email cesmarvin@cloudogu.com - '''.trim() - - // we are tricking lerna by pretending that we are not a git repository - sh "mv .git .git.disabled" - try { - mvn "-pl :scm-ui buildfrontend:run@deploy" - } finally { - sh "mv .git.disabled .git" - } - } - } - - stage('Docker') { - docker.withRegistry('', 'hub.docker.com-cesmarvin') { - // push to cloudogu repository for internal usage - def image = docker.build('cloudogu/scm-manager') + stage('Docker') { + docker.withRegistry('', 'hub.docker.com-cesmarvin') { + // push to cloudogu repository for internal usage + def image = docker.build('cloudogu/scm-manager') + image.push(imageVersion) + image.push("latest") + if (isReleaseBranch()) { + // push to official repository + image = docker.build('scmmanager/scm-manager') image.push(imageVersion) - image.push("latest") - if (isReleaseBranch()) { - // push to official repository - image = docker.build('scmmanager/scm-manager') - image.push(imageVersion) - } } } + } - stage('Presentation Environment') { - build job: 'scm-manager/next-scm.cloudogu.com', propagate: false, wait: false, parameters: [ - string(name: 'changeset', value: commitHash), - string(name: 'imageTag', value: imageVersion) - ] - } + stage('Presentation Environment') { + build job: 'scm-manager/next-scm.cloudogu.com', propagate: false, wait: false, parameters: [ + string(name: 'changeset', value: commitHash), + string(name: 'imageTag', value: imageVersion) + ] + } - if (isReleaseBranch()) { - stage('Update Repository') { + if (isReleaseBranch()) { + stage('Update Repository') { - // merge changes into develop - sh "git checkout develop" - // TODO what if we have a conflict - // e.g.: someone has edited the changelog during the release - sh "git merge master" + // merge changes into develop + sh "git checkout develop" + // TODO what if we have a conflict + // e.g.: someone has edited the changelog during the release + sh "git merge master" - // set versions for maven packages - mvn "build-helper:parse-version versions:set -DgenerateBackupPoms=false -DnewVersion='\${parsedVersion.majorVersion}.\${parsedVersion.nextMinorVersion}.0-SNAPSHOT'" + // set versions for maven packages + mvn "build-helper:parse-version versions:set -DgenerateBackupPoms=false -DnewVersion='\${parsedVersion.majorVersion}.\${parsedVersion.nextMinorVersion}.0-SNAPSHOT'" - // set versions for ui packages - mvn "-pl :scm-ui buildfrontend:run@set-version" + // set versions for ui packages + mvn "-pl :scm-ui buildfrontend:run@set-version" - // stage pom changes - sh "git status --porcelain | sed s/^...// | grep pom.xml | xargs git add" - // stage package.json changes - sh "git status --porcelain | sed s/^...// | grep package.json | xargs git add" - // stage lerna.json changes - sh "git add lerna.json" + // stage pom changes + sh "git status --porcelain | sed s/^...// | grep pom.xml | xargs git add" + // stage package.json changes + sh "git status --porcelain | sed s/^...// | grep package.json | xargs git add" + // stage lerna.json changes + sh "git add lerna.json" - // commit changes - sh "git -c user.name='CES Marvin' -c user.email='cesmarvin@cloudogu.com' commit -m 'prepare for next development iteration'" + // commit changes + sh "git -c user.name='CES Marvin' -c user.email='cesmarvin@cloudogu.com' commit -m 'prepare for next development iteration'" - // push changes back to remote repository - withCredentials([usernamePassword(credentialsId: 'cesmarvin-github', usernameVariable: 'GIT_AUTH_USR', passwordVariable: 'GIT_AUTH_PSW')]) { - sh "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" push origin master --tags" - sh "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" push origin develop --tags" - sh "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" push origin :${env.BRANCH_NAME}" - } + // push changes back to remote repository + withCredentials([usernamePassword(credentialsId: 'cesmarvin-github', usernameVariable: 'GIT_AUTH_USR', passwordVariable: 'GIT_AUTH_PSW')]) { + sh "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" push origin master --tags" + sh "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" push origin develop --tags" + sh "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" push origin :${env.BRANCH_NAME}" } } - } } }