-
Notifications
You must be signed in to change notification settings - Fork 462
/
Jenkinsfile
111 lines (110 loc) · 4.16 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
@Library("jenkins_library") _
pipeline {
agent {
dockerfile {
label 'google'
filename 'tests/ci/Dockerfile'
args '-u root -v /var/run/docker.sock:/var/run/docker.sock'
}
}
options {
timestamps()
}
parameters{
booleanParam(name: 'PERFORM_PRISMA_SCAN', defaultValue: true, description: 'Perform a Prisma scan for the local image')
}
stages {
stage('Checkout') {
steps {
script {
initJenkinsGlobal()
tagName = sh(returnStdout: true, script: "git tag --points-at HEAD").trim()
isRelease = !tagName.isEmpty()
IMAGE_TAG = env.JOB_NAME + "." + env.BUILD_NUMBER
IMAGE_TAG = IMAGE_TAG.toLowerCase()
imageName = "blazemeter/taurus"
date = sh(returnStdout: true, script: "echo \$(date '+%Y-%m-%d')").trim()
commitSha = GIT_COMMIT.take(8)
imageTag = "${imageName}:master-${commitSha}-${date}"
extraImageTag = isRelease ? "${imageName}:${tagName} -t ${imageTag} -t ${imageName}:latest" : "${imageName}:unstable -t ${imageTag}"
sh "./build-info.sh ${isRelease}"
}
}
}
stage("Create artifacts") {
steps {
script {
sh "./build-artifacts.sh"
}
archiveArtifacts artifacts: 'dist/*.whl', fingerprint: true
}
}
stage("Docker Image Build") {
steps {
script {
sh "docker build --no-cache -t ${JOB_NAME.toLowerCase()} -t ${extraImageTag} ."
}
}
}
stage("Prisma scan") {
when { expression { return PERFORM_PRISMA_SCAN } }
steps {
script{
prismaCloudScanImage(dockerAddress: 'unix:///var/run/docker.sock',
image: "${JOB_NAME.toLowerCase()}",
logLevel: 'info',
resultsFile: 'prisma-cloud-scan-results.json',
ignoreImageBuildTime: true)
prismaCloudPublish(resultsFilePattern: 'prisma-cloud-scan-results.json')
}
}
}
stage("Integration Tests") {
steps {
sh """
docker run -v `pwd`:/bzt-configs -v `pwd`/integr-artifacts:/tmp/artifacts ${JOB_NAME.toLowerCase()} -sequential examples/all-executors.yml
"""
}
}
stage("Deploy an artifact to PyPi") {
when { expression { isRelease } }
steps {
withCredentials([string(credentialsId: 'pypi-api-token', variable: 'TOKEN')]) {
sh "python3 -m twine upload -u __token__ -p ${TOKEN} dist/*"
}
}
}
stage("Docker Image Push") {
steps {
withDockerRegistry([ credentialsId: "dockerhub-access", url: "" ]) {
sh "docker image push --all-tags ${imageName}"
}
}
}
stage("Deploy site") {
when { expression { isRelease } }
steps {
script {
PROJECT_ID = "blazemeter-taurus-website-prod"
withCredentials([file(credentialsId: PROJECT_ID, variable: 'CRED_JSON')]) {
sh """
gcloud auth activate-service-account --key-file ${CRED_JSON}
gcloud config set project ${PROJECT_ID}
gcloud config set compute/zone us-central1-a
"""
}
sh """
export PROJECT_ID=${PROJECT_ID}
./site/deploy-site.sh ${isRelease}
"""
}
}
}
}
post {
always {
smartSlackNotification(channel: "bm-taurus-dev", buildStatus:currentBuild.result ?: 'SUCCESS')
cleanWs()
}
}
}