Daniel Mann
6786f768f0
All checks were successful
InnoHub Processor/tatort/pipeline/head This commit looks good
167 lines
6.0 KiB
Groovy
167 lines
6.0 KiB
Groovy
/* groovylint-disable-next-line UnusedVariable */
|
|
@Library('InnoHub-Library') _
|
|
|
|
Boolean didRun = false
|
|
|
|
pipeline {
|
|
agent any
|
|
|
|
tools {
|
|
nodejs 'NodeJS-24.2.0'
|
|
}
|
|
|
|
environment {
|
|
REGISTRY = 'https://gitea.innovation-hub-niedersachsen.de/'
|
|
USER = 'jenkins'
|
|
TOKEN = credentials('JenkinsGitea')
|
|
}
|
|
|
|
parameters {
|
|
string(name: 'REPO_NAME', defaultValue: '', description: 'Repo Name')
|
|
string(name: 'GIT_REF', defaultValue: '', description: 'Git Ref')
|
|
}
|
|
|
|
options {
|
|
buildDiscarder(
|
|
BuildHistoryManager([
|
|
[ continueAfterMatch: false, matchAtMost: 5 ],
|
|
[ actions: [ DeleteBuild() ] ]
|
|
])
|
|
)
|
|
}
|
|
|
|
stages {
|
|
stage('Validate Repository') {
|
|
steps {
|
|
script {
|
|
checkRepoName(params.REPO_NAME, true)
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Install Dependencies') {
|
|
steps {
|
|
script {
|
|
didRun = true
|
|
}
|
|
sh 'npm ci'
|
|
}
|
|
}
|
|
|
|
stage('Test & Security Audit') {
|
|
steps {
|
|
script {
|
|
didRun = true
|
|
}
|
|
echo 'Start checking security vulnerabilities in npm packages'
|
|
sh 'npm audit --audit-level=moderate'
|
|
}
|
|
}
|
|
|
|
stage('SonarQube Analysis') {
|
|
steps {
|
|
withSonarQubeEnv('sonarqube') {
|
|
sh 'sonar-scanner -Dsonar.projectKey=tatort -Dsonar.sources=src'
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Push image to gitea registry') {
|
|
when {
|
|
branch 'development'
|
|
}
|
|
steps {
|
|
script {
|
|
didRun = true
|
|
def versionTag = "0.${env.BUILD_ID}-dev.1"
|
|
def imageName = "gitea.innovation-hub-niedersachsen.de/innohub/tatort-dev"
|
|
|
|
docker.withRegistry('https://gitea.innovation-hub-niedersachsen.de', 'JenkinsGitea') {
|
|
def img = docker.build("${imageName}:${versionTag}", '-f Dockerfile.dev .')
|
|
img.push()
|
|
img.push('latest') // Optional if you want to keep 'latest' tag
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Update Helm Chart Repository') {
|
|
when {
|
|
branch 'development'
|
|
}
|
|
steps {
|
|
withCredentials([
|
|
usernamePassword(
|
|
credentialsId: 'JenkinsGitea',
|
|
usernameVariable: 'GIT_USER',
|
|
passwordVariable: 'GIT_PAT'
|
|
)
|
|
]) {
|
|
script {
|
|
def newTag = "0.${env.BUILD_ID}-dev.1"
|
|
def chartRepo = "https://${GIT_USER}:${GIT_PAT}@gitea.innovation-hub-niedersachsen.de/innohub/charts.git"
|
|
def chartPath = "tatort-dev/tatort"
|
|
def chartDir = "charts-tmp/${chartPath}"
|
|
def chartRepoRoot = "charts-tmp/tatort-dev"
|
|
|
|
sh """
|
|
set -e
|
|
|
|
echo "[INFO] Cloning chart repo..."
|
|
rm -rf charts-tmp
|
|
git clone ${chartRepo} charts-tmp
|
|
|
|
echo "[INFO] Updating values.yaml and Chart.yaml..."
|
|
cd ${chartDir}
|
|
sed -i 's|^ repository: .*| repository: gitea.innovation-hub-niedersachsen.de/innohub/tatort-dev|' values.yaml
|
|
sed -i 's/^ tag: .*/ tag: ${newTag}/' values.yaml
|
|
sed -i 's/^version: .*/version: ${newTag}/' Chart.yaml
|
|
sed -i 's/^appVersion: .*/appVersion: ${newTag}/' Chart.yaml
|
|
|
|
echo "[INFO] Cleaning up old chart packages..."
|
|
cd ..
|
|
rm -f index.yaml
|
|
rm -f tatort-*.tgz
|
|
git rm -f tatort-*.tgz || true
|
|
|
|
echo "[INFO] Packaging Helm chart..."
|
|
cd tatort
|
|
helm package . --destination ..
|
|
|
|
echo "[INFO] Updating Helm index.yaml..."
|
|
cd ..
|
|
helm repo index . --merge index.yaml || helm repo index .
|
|
|
|
echo "[INFO] Committing and pushing chart changes..."
|
|
git config user.name "jenkins"
|
|
git config user.email "jenkins@innohub.local"
|
|
git add tatort/values.yaml tatort/Chart.yaml tatort-*.tgz index.yaml
|
|
git commit -m "ci: bump tatort-dev to ${newTag}, package chart + update index"
|
|
git push origin main
|
|
"""
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
post {
|
|
success {
|
|
script {
|
|
if (didRun) {
|
|
echo 'Pipeline erfolgreich!'
|
|
discordSend description: "Running ${env.BUILD_ID} on ${env.JENKINS_URL}, ${params.GIT_REF}", footer: 'Pipeline succeeded', link: env.BUILD_URL, result: currentBuild.currentResult, title: env.JOB_NAME, webhookURL: 'https://discordapp.com/api/webhooks/1389470542691831819/NdMO17sLBG2dplp_-oh6Ff0cbPOoADl0QwXKM9UzduxU44av_ZQkQjKTmpdK7YuwcZDc'
|
|
}
|
|
}
|
|
}
|
|
failure {
|
|
script {
|
|
if (didRun) {
|
|
echo 'Pipeline fehlgeschlagen!'
|
|
discordSend description: "Running ${env.BUILD_ID} on ${env.JENKINS_URL}, ${params.GIT_REF}", footer: 'Pipeline failed', link: env.BUILD_URL, result: currentBuild.currentResult, title: env.JOB_NAME, webhookURL: 'https://discordapp.com/api/webhooks/1389470542691831819/NdMO17sLBG2dplp_-oh6Ff0cbPOoADl0QwXKM9UzduxU44av_ZQkQjKTmpdK7YuwcZDc'
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|