diff --git a/pipelines/jasper/Jenkinsfile b/pipelines/jasper/Jenkinsfile new file mode 100644 index 0000000..a96684c --- /dev/null +++ b/pipelines/jasper/Jenkinsfile @@ -0,0 +1,266 @@ +@Library('polaris') +import ca.bc.gov.nrids.polaris.Podman +import ca.bc.gov.nrids.polaris.BrokerIntention +import ca.bc.gov.nrids.polaris.Vault + +def podman + +pipeline { + agent none + stages { + stage('Checkout app') { + agent { + label Podman.AGENT_LABEL_APP + } + environment { + GIT_REPO = "${params.gitRepo}" + GIT_BRANCH = "${params.gitTag != null && params.gitTag != "" ? params.gitTag : params.gitBranch}" + GITHUB_PRIVATE_REPO = "${params.githubToken != null && params.githubToken != "" ? 'true' : ''}" + } + steps { + script { + sh 'rm -rf app' + if (env.GITHUB_PRIVATE_REPO) { + env.GITHUB_USER = "${params.githubUser}" + env.GITHUB_TOKEN = "${params.githubToken}" + wrap([$class: 'MaskPasswordsBuildWrapper', varPasswordPairs: [[var: env.GITHUB_TOKEN, password: GITHUB_TOKEN]]]) { + sh 'git clone --branch ${GIT_BRANCH} https://${GITHUB_USER}:${GITHUB_TOKEN}@${GIT_REPO} app' + } + } else { + sh 'git clone --branch ${GIT_BRANCH} https://${GIT_REPO} app' + } + } + } + } + stage('Deploy to development') { + agent { + label Podman.AGENT_LABEL_APP + } + environment { + PROJECT = "${params.project}" + COMPONENT = "${params.component}" + GIT_REPO = "${params.gitRepo}" + GIT_BRANCH = "${params.gitBranch}" + EVENT_PROVIDER = "${params.eventProvider}" + VAULT_ADDR = "https://knox.io.nrs.gov.bc.ca" + BROKER_URL = "https://broker.io.nrs.gov.bc.ca" + HTTP_PROXY = "http://test-forwardproxy.nrs.bcgov:23128" + AUTHFILE = "auth.json" + CAUSE_USER_ID = "${params.userId != null && params.userId != "" ? params.userId : "github@internal"}" + CONFIG_ROLE_ID = credentials('knox-jasper-jasper-reports-prod-role-id') + JASPER_REPORTS_INSTANCE = "${params.jasperReportsInstance}" + } + steps { + script { + try { + echo 'Do development deployment' + intention = new BrokerIntention(readJSON(file: "app/.jenkins/jasper-reports-intention.json")) + intention.setEventDetails( + userName: env.CAUSE_USER_ID, + url: env.BUILD_URL, + provider: env.EVENT_PROVIDER, + environment: 'development' + ) + BROKER_JWT = "${params.brokerJwt}" + intention.open(BROKER_JWT) + intention.startAction("login") + def vaultToken = intention.provisionToken("login") + def vault = new Vault(vaultToken) + vault.readToObject("apps/data/prod/jasper/jasper-reports/${params.jasperReportsInstance}", env) + } catch (IllegalStateException ex) { + echo "IllegalStateException occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } catch (IllegalArgumentException ex) { + echo "IllegalArgumentException occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } catch (Exception ex) { + echo "Other exception occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } + } + } + } + stage('Approve test deployment') { + steps { + script { + echo "Deployment to test pending approval" + def approver = input(message: 'Is this build approved for test?', + ok: 'Yes, this build is approved.', + submitterParameter: 'approver' + ) + env.TEST_DEPLOYMENT_APPROVER = "${approver}@azureidir".toLowerCase() + echo "Deployment approved for test by ${env.TEST_DEPLOYMENT_APPROVER}" + } + } + } + stage('Deploy to test') { + agent { + label Podman.AGENT_LABEL_APP + } + environment { + PROJECT = "${params.project}" + COMPONENT = "${params.component}" + GIT_REPO = "${params.gitRepo}" + GIT_BRANCH = "${params.gitBranch}" + EVENT_PROVIDER = "${params.eventProvider}" + VAULT_ADDR = "https://knox.io.nrs.gov.bc.ca" + BROKER_URL = "https://broker.io.nrs.gov.bc.ca" + HTTP_PROXY = "http://test-forwardproxy.nrs.bcgov:23128" + AUTHFILE = "auth.json" + CAUSE_USER_ID = "${params.userId != null && params.userId != "" ? params.userId : "github@internal"}" + CONFIG_ROLE_ID = credentials('knox-jasper-jasper-reports-prod-role-id') + JASPER_REPORTS_INSTANCE = "${params.jasperReportsInstance}" + } + steps { + script { + try { + echo 'Do test deployment' + intention = new BrokerIntention(readJSON(file: "app/.jenkins/jasper-reports-intention.json")) + intention.setEventDetails( + userName: env.CAUSE_USER_ID, + url: env.BUILD_URL, + provider: env.EVENT_PROVIDER, + environment: 'test' + ) + BROKER_JWT = "${params.brokerJwt}" + intention.open(BROKER_JWT) + intention.startAction("login") + def vaultToken = intention.provisionToken("login") + def vault = new Vault(vaultToken) + vault.readToObject("apps/data/prod/jasper/jasper-reports/${params.jasperReportsInstance}", env) + } catch (IllegalStateException ex) { + echo "IllegalStateException occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } catch (IllegalArgumentException ex) { + echo "IllegalArgumentException occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } catch (Exception ex) { + echo "Other exception occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } + } + } + } + stage('Pre-deployment checks for production') { + agent { + label Podman.AGENT_LABEL_APP + } + steps { + script { + // TODO: Exit pipeline for SNAPSHOT builds, which should NOT proceed beyond the test environment + echo 'Do pre-deployment checks for production' + } + } + } + stage('Approve production deployment') { + steps { + script { + echo "Deployment to production pending approval" + def approver = input(message: 'Is this build approved for production?', + ok: 'Yes, this build is approved.', + submitterParameter: 'approver' + ) + env.PRODUCTION_DEPLOYMENT_APPROVER = "${approver}@azureidir".toLowerCase() + echo "Deployment approved for production by ${env.PRODUCTION_DEPLOYMENT_APPROVER}" + } + } + } + stage('Deploy to production') { + agent { + label Podman.AGENT_LABEL_APP + } + environment { + PROJECT = "${params.project}" + COMPONENT = "${params.component}" + GIT_REPO = "${params.gitRepo}" + GIT_BRANCH = "${params.gitBranch}" + EVENT_PROVIDER = "${params.eventProvider}" + VAULT_ADDR = "https://knox.io.nrs.gov.bc.ca" + BROKER_URL = "https://broker.io.nrs.gov.bc.ca" + HTTP_PROXY = "http://test-forwardproxy.nrs.bcgov:23128" + AUTHFILE = "auth.json" + CAUSE_USER_ID = "${params.userId != null && params.userId != "" ? params.userId : "github@internal"}" + CONFIG_ROLE_ID = credentials('knox-jasper-jasper-reports-prod-role-id') + JASPER_REPORTS_INSTANCE = "${params.jasperReportsInstance}" + } + steps { + script { + try { + echo 'Do production deployment' + intention = new BrokerIntention(readJSON(file: "app/.jenkins/jasper-reports-intention.json")) + intention.setEventDetails( + userName: env.CAUSE_USER_ID, + url: env.BUILD_URL, + provider: env.EVENT_PROVIDER, + environment: 'production' + ) + BROKER_JWT = "${params.brokerJwt}" + intention.open(BROKER_JWT) + intention.startAction("login") + def vaultToken = intention.provisionToken("login") + def vault = new Vault(vaultToken) + vault.readToObject("apps/data/prod/jasper/jasper-reports/${params.jasperReportsInstance}", env) + } catch (IllegalStateException ex) { + echo "IllegalStateException occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } catch (IllegalArgumentException ex) { + echo "IllegalArgumentException occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } catch (Exception ex) { + echo "Other exception occurred: $ex" + currentBuild.result = 'ABORTED' + error('Quitting') + } + } + } + } + } + post { + unstable { + node(Podman.AGENT_LABEL_APP) { + script { + if (intention) { + println intention.close(false) + } + } + } + } + failure { + node(Podman.AGENT_LABEL_APP) { + script { + if (intention) { + println intention.close(false) + } + } + } + } + aborted { + node(Podman.AGENT_LABEL_APP) { + script { + if (intention) { + println intention.close(true) + } + } + } + } + always { + node(Podman.AGENT_LABEL_APP) { + cleanWs( + cleanWhenAborted: true, + cleanWhenFailure: false, + cleanWhenSuccess: true, + cleanWhenUnstable: false, + deleteDirs: true + ) + } + } + } +}