246 lines
9.7 KiB
Groovy
246 lines
9.7 KiB
Groovy
def projectProperties = [
|
|
[$class: 'BuildDiscarderProperty',
|
|
strategy: [$class: 'LogRotator', numToKeepStr: '5']],
|
|
pipelineTriggers([cron('@daily')])
|
|
]
|
|
properties(projectProperties)
|
|
|
|
def SUCCESS = hudson.model.Result.SUCCESS.toString()
|
|
currentBuild.result = SUCCESS
|
|
|
|
def GRADLE_ENTERPRISE_CACHE_USER = usernamePassword(credentialsId: 'gradle_enterprise_cache_user',
|
|
passwordVariable: 'GRADLE_ENTERPRISE_CACHE_PASSWORD',
|
|
usernameVariable: 'GRADLE_ENTERPRISE_CACHE_USERNAME')
|
|
def GRADLE_ENTERPRISE_SECRET_ACCESS_KEY = string(credentialsId: 'gradle_enterprise_secret_access_key',
|
|
variable: 'GRADLE_ENTERPRISE_ACCESS_KEY')
|
|
def SPRING_SIGNING_SECRING = file(credentialsId: 'spring-signing-secring.gpg', variable: 'SIGNING_KEYRING_FILE')
|
|
def SPRING_GPG_PASSPHRASE = string(credentialsId: 'spring-gpg-passphrase', variable: 'SIGNING_PASSWORD')
|
|
def OSSRH_CREDENTIALS = usernamePassword(credentialsId: 'oss-token', passwordVariable: 'OSSRH_PASSWORD', usernameVariable: 'OSSRH_USERNAME')
|
|
def ARTIFACTORY_CREDENTIALS = usernamePassword(credentialsId: '02bd1690-b54f-4c9f-819d-a77cb7a9822c', usernameVariable: 'ARTIFACTORY_USERNAME', passwordVariable: 'ARTIFACTORY_PASSWORD')
|
|
def JENKINS_PRIVATE_SSH_KEY = file(credentialsId: 'docs.spring.io-jenkins_private_ssh_key', variable: 'DEPLOY_SSH_KEY')
|
|
def SONAR_LOGIN_CREDENTIALS = string(credentialsId: 'spring-sonar.login', variable: 'SONAR_LOGIN')
|
|
|
|
def jdkEnv(String jdk = 'jdk8') {
|
|
def jdkTool = tool(jdk)
|
|
return "JAVA_HOME=${ jdkTool }"
|
|
}
|
|
|
|
try {
|
|
parallel check: {
|
|
stage('Check') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
try {
|
|
withCredentials([GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY,
|
|
ARTIFACTORY_CREDENTIALS]) {
|
|
withEnv([jdkEnv(),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew check -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace"
|
|
}
|
|
}
|
|
} catch(Exception e) {
|
|
currentBuild.result = 'FAILED: check'
|
|
throw e
|
|
} finally {
|
|
junit '**/build/test-results/*/*.xml'
|
|
}
|
|
}
|
|
}
|
|
},
|
|
sonar: {
|
|
stage('Sonar') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
withCredentials([SONAR_LOGIN_CREDENTIALS,
|
|
GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY,
|
|
ARTIFACTORY_CREDENTIALS]) {
|
|
try {
|
|
withEnv([jdkEnv(),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
if ("master" == env.BRANCH_NAME) {
|
|
sh "./gradlew sonarqube -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD -PexcludeProjects='**/samples/**' -Dsonar.host.url=$SPRING_SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN --stacktrace"
|
|
} else {
|
|
sh "./gradlew sonarqube -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD -PexcludeProjects='**/samples/**' -Dsonar.projectKey='spring-security-${env.BRANCH_NAME}' -Dsonar.projectName='spring-security-${env.BRANCH_NAME}' -Dsonar.host.url=$SPRING_SONAR_HOST_URL -Dsonar.login=$SONAR_LOGIN --stacktrace"
|
|
}
|
|
}
|
|
} catch(Exception e) {
|
|
currentBuild.result = 'FAILED: sonar'
|
|
throw e
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
snapshots: {
|
|
stage('Snapshot Tests') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
try {
|
|
withCredentials([GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY,
|
|
ARTIFACTORY_CREDENTIALS]) {
|
|
withEnv([jdkEnv(),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew test -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --refresh-dependencies -PforceMavenRepositories=snapshot -PspringVersion='5.2.+' -PreactorVersion='Dysprosium-BUILD-SNAPSHOT' -PspringDataVersion='Neumann-BUILD-SNAPSHOT' -PrsocketVersion='1.0.+' -PspringBootVersion='2.3.+' -PlocksDisabled --stacktrace"
|
|
}
|
|
}
|
|
} catch(Exception e) {
|
|
currentBuild.result = 'FAILED: snapshots'
|
|
throw e
|
|
}
|
|
}
|
|
}
|
|
},
|
|
jdk11: {
|
|
stage('JDK 11') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
try {
|
|
|
|
withCredentials([GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY,
|
|
ARTIFACTORY_CREDENTIALS]) {
|
|
withEnv([jdkEnv("jdk11"),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew test -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace"
|
|
}
|
|
}
|
|
} catch(Exception e) {
|
|
currentBuild.result = 'FAILED: jdk11'
|
|
throw e
|
|
}
|
|
}
|
|
}
|
|
},
|
|
jdk12: {
|
|
stage('JDK 12') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
try {
|
|
withCredentials([GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY,
|
|
ARTIFACTORY_CREDENTIALS]) {
|
|
withEnv([jdkEnv("openjdk12"),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew test -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace"
|
|
}
|
|
}
|
|
} catch(Exception e) {
|
|
currentBuild.result = 'FAILED: jdk12'
|
|
throw e
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if(currentBuild.result == 'SUCCESS') {
|
|
parallel artifacts: {
|
|
stage('Deploy Artifacts') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
withCredentials([SPRING_SIGNING_SECRING,
|
|
SPRING_GPG_PASSPHRASE,
|
|
OSSRH_CREDENTIALS,
|
|
ARTIFACTORY_CREDENTIALS,
|
|
GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) {
|
|
withEnv([jdkEnv(),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew deployArtifacts -Psigning.secretKeyRingFile=$SIGNING_KEYRING_FILE -Psigning.keyId=$SPRING_SIGNING_KEYID -Psigning.password='$SIGNING_PASSWORD' -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace --no-parallel"
|
|
sh "./gradlew finalizeDeployArtifacts -Psigning.secretKeyRingFile=$SIGNING_KEYRING_FILE -Psigning.keyId=$SPRING_SIGNING_KEYID -Psigning.password='$SIGNING_PASSWORD' -PossrhUsername=$OSSRH_USERNAME -PossrhPassword=$OSSRH_PASSWORD -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD --stacktrace --no-parallel"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
docs: {
|
|
stage('Deploy Docs') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
withCredentials([JENKINS_PRIVATE_SSH_KEY,
|
|
SPRING_GPG_PASSPHRASE,
|
|
OSSRH_CREDENTIALS,
|
|
ARTIFACTORY_CREDENTIALS,
|
|
GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) {
|
|
withEnv([jdkEnv(),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew deployDocs -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD -PdeployDocsSshKeyPath=$DEPLOY_SSH_KEY -PdeployDocsSshUsername=$SPRING_DOCS_USERNAME -PdeployDocsHost=docs-ip.spring.io --stacktrace"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
schema: {
|
|
stage('Deploy Schema') {
|
|
node {
|
|
checkout scm
|
|
sh "git clean -dfx"
|
|
withCredentials([JENKINS_PRIVATE_SSH_KEY,
|
|
SPRING_GPG_PASSPHRASE,
|
|
OSSRH_CREDENTIALS,
|
|
ARTIFACTORY_CREDENTIALS,
|
|
GRADLE_ENTERPRISE_CACHE_USER,
|
|
GRADLE_ENTERPRISE_SECRET_ACCESS_KEY]) {
|
|
withEnv([jdkEnv(),
|
|
"GRADLE_ENTERPRISE_CACHE_USERNAME=${GRADLE_ENTERPRISE_CACHE_USERNAME}",
|
|
"GRADLE_ENTERPRISE_CACHE_PASSWORD=${GRADLE_ENTERPRISE_CACHE_PASSWORD}",
|
|
"GRADLE_ENTERPRISE_ACCESS_KEY=${GRADLE_ENTERPRISE_ACCESS_KEY}"]) {
|
|
sh "./gradlew deploySchema -PartifactoryUsername=$ARTIFACTORY_USERNAME -PartifactoryPassword=$ARTIFACTORY_PASSWORD -PdeployDocsSshKeyPath=$DEPLOY_SSH_KEY -PdeployDocsSshUsername=$SPRING_DOCS_USERNAME -PdeployDocsHost=docs-ip.spring.io --stacktrace"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} catch(Exception e) {
|
|
currentBuild.result = 'FAILED: deploys'
|
|
throw e
|
|
} finally {
|
|
def buildStatus = currentBuild.result
|
|
def buildNotSuccess = !SUCCESS.equals(buildStatus)
|
|
def lastBuildNotSuccess = !SUCCESS.equals(currentBuild.previousBuild?.result)
|
|
|
|
if(buildNotSuccess || lastBuildNotSuccess) {
|
|
|
|
stage('Notifiy') {
|
|
node {
|
|
final def RECIPIENTS = [[$class: 'DevelopersRecipientProvider'], [$class: 'RequesterRecipientProvider']]
|
|
|
|
def subject = "${buildStatus}: Build ${env.JOB_NAME} ${env.BUILD_NUMBER} status is now ${buildStatus}"
|
|
def details = """The build status changed to ${buildStatus}. For details see ${env.BUILD_URL}"""
|
|
|
|
emailext (
|
|
subject: subject,
|
|
body: details,
|
|
recipientProviders: RECIPIENTS,
|
|
to: "$SPRING_SECURITY_TEAM_EMAILS"
|
|
)
|
|
}
|
|
}
|
|
}
|
|
}
|