From c32e15c58b8c6673f0683f1a39e2f6b475ed43c4 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Wed, 3 Jan 2024 15:30:55 +0100 Subject: [PATCH 01/11] wip change agent to arm64 --- vars/terraform.groovy | 46 +++++++++---------------------------------- 1 file changed, 9 insertions(+), 37 deletions(-) diff --git a/vars/terraform.groovy b/vars/terraform.groovy index 56f03468..0f77dee2 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -10,6 +10,7 @@ def call(userConfig = [:]) { productionCredentials: [], // No custom secrets for production by default productionBranch: 'main', // Defaults to the principal branch agentContainerImage: 'jenkinsciinfra/hashicorp-tools:1.0.62', // Version managed by updatecli + agentLabel: 'jnlp-linux-arm64', // replace agentContainerImage runTests: false, // Executes the tests provided by the "calling" project, which should provide a tests/Makefile runCommonTests: true, // Executes the default test suite from the shared tools repository (terratest) ] @@ -140,43 +141,14 @@ def call(userConfig = [:]) { } def agentTemplate(containerImage, body) { - podTemplate( - // Custom YAML definition to enforce no service account token (if Terraform uses kubernetes, it would grant it a wrong access) - yaml: ''' - apiVersion: v1 - kind: Pod - spec: - automountServiceAccountToken: false - nodeSelector: - kubernetes.azure.com/agentpool: infracipool - kubernetes.io/os: linux - tolerations: - - key: "jenkins" - operator: "Equal" - value: "infra.ci.jenkins.io" - effect: "NoSchedule" - - key: "kubernetes.azure.com/scalesetpriority" - operator: "Equal" - value: "spot" - effect: "NoSchedule" - resources: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 2 - memory: 2Gi - ''', - // The Docker image here is aimed at "1 container per pod" and is embedding Jenkins agent tooling - containers: [containerTemplate(name: 'jnlp', image: containerImage)]) { - node(POD_LABEL) { - timeout(time: 1, unit: 'HOURS') { - ansiColor('xterm') { - body.call() - } - } - } - } + agent { + label 'agentLabel' + } + timeout(time: 1, unit: 'HOURS') { + ansiColor('xterm') { + body.call() + } + } } From b9720ce9342015d17626539b7b014b11830a3e0a Mon Sep 17 00:00:00 2001 From: smerle33 Date: Wed, 3 Jan 2024 16:00:37 +0100 Subject: [PATCH 02/11] node not agent --- vars/terraform.groovy | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/vars/terraform.groovy b/vars/terraform.groovy index 0f77dee2..6902651a 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -141,12 +141,11 @@ def call(userConfig = [:]) { } def agentTemplate(containerImage, body) { - agent { - label 'agentLabel' - } - timeout(time: 1, unit: 'HOURS') { - ansiColor('xterm') { - body.call() + node (agentLabel) { + timeout(time: 1, unit: 'HOURS') { + ansiColor('xterm') { + body.call() + } } } } From cb9826b294029b2389215fa272458fc7d0916d9b Mon Sep 17 00:00:00 2001 From: smerle33 Date: Tue, 9 Jan 2024 10:56:15 +0100 Subject: [PATCH 03/11] agentLabel --- vars/terraform.groovy | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vars/terraform.groovy b/vars/terraform.groovy index 6902651a..c098197d 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -51,7 +51,7 @@ def call(userConfig = [:]) { if (!isBuildCauseUser) { parallelStages['staging'] = { stage('Staging') { - agentTemplate(finalConfig.agentContainerImage, { + agentTemplate(finalConfig.agentLabel, { withCredentials(finalConfig.stagingCredentials) { stage('🔎 Validate Terraform for Staging Environment') { getInfraSharedTools(sharedToolsSubDir) @@ -76,7 +76,7 @@ def call(userConfig = [:]) { parallelStages['production'] = { stage('Production') { - agentTemplate(finalConfig.agentContainerImage, { + agentTemplate(finalConfig.agentLabel, { withCredentials(defaultConfig.productionCredentials) { final String planFileName = 'terraform-plan-for-humans.txt' def scmOutput @@ -140,7 +140,7 @@ def call(userConfig = [:]) { } } -def agentTemplate(containerImage, body) { +def agentTemplate(agentLabel, body) { node (agentLabel) { timeout(time: 1, unit: 'HOURS') { ansiColor('xterm') { From 461dae7da860fcd3397c026dbacce765d6639a1f Mon Sep 17 00:00:00 2001 From: smerle33 Date: Tue, 9 Jan 2024 12:31:32 +0100 Subject: [PATCH 04/11] correct tests --- test/groovy/TerraformStepTests.groovy | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/test/groovy/TerraformStepTests.groovy b/test/groovy/TerraformStepTests.groovy index 23645c51..e03a8a2c 100644 --- a/test/groovy/TerraformStepTests.groovy +++ b/test/groovy/TerraformStepTests.groovy @@ -86,9 +86,9 @@ class TerraformStepTests extends BaseTest { // And a daily cron trigger for the job assertTrue(assertMethodCallContainsPattern('cron', '@daily')) - // And the correct pod templates defined - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'jenkinsciinfra/hashicorp-tools:')) // Not tag as it's managed by updatecli - assertTrue(assertMethodCallOccurrences('containerTemplate', 2)) // Only 1 container per pod, but 2 pod spawn (staging and production) + // And 2 nodes with default label are spawned + assertTrue(assertMethodCallContainsPattern('node', 'jnlp-linux-arm64')) + assertTrue(assertMethodCallOccurrences('node', 2)) // xterm color enabled (easier to read Terraform plans) assertTrue(assertMethodCallContainsPattern('ansiColor', 'xterm')) @@ -221,14 +221,14 @@ class TerraformStepTests extends BaseTest { @Test void itRunSuccessfullyWithCustomParameters() throws Exception { def script = loadScript(scriptName) - final String customImage = 'hashicorp/terraform-full:0.13.0' + final String customLabel = 'jnlp-windows-amd64' // When calling the shared library global function with custom parameters script.call( cronTriggerExpression: '@weekly', stagingCredentials: stagingCustomCreds, productionCredentials: productionCustomCreds, - agentContainerImage: customImage, + agentLabel: customLabel, ) printCallStack() @@ -244,9 +244,9 @@ class TerraformStepTests extends BaseTest { // And the custom cron trigger assertTrue(assertMethodCallContainsPattern('cron', '@weekly')) - // And the custom agent container template defined - assertFalse(assertMethodCallContainsPattern('containerTemplate', 'jenkinsciinfra/terraform:')) - assertTrue(assertMethodCallContainsPattern('containerTemplate', customImage)) - assertTrue(assertMethodCallOccurrences('containerTemplate', 2)) + // And 2 nodes with custom label are spawned + assertTrue(assertMethodCallContainsPattern('node', customLabel)) + assertTrue(assertMethodCallOccurrences('node', 2)) + } } From c85022a26c3ad0e0fc896322b02e406013d6dc96 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Tue, 9 Jan 2024 12:40:24 +0100 Subject: [PATCH 05/11] mvn spotless:apply --- test/groovy/TerraformStepTests.groovy | 1 - 1 file changed, 1 deletion(-) diff --git a/test/groovy/TerraformStepTests.groovy b/test/groovy/TerraformStepTests.groovy index e03a8a2c..fad97218 100644 --- a/test/groovy/TerraformStepTests.groovy +++ b/test/groovy/TerraformStepTests.groovy @@ -247,6 +247,5 @@ class TerraformStepTests extends BaseTest { // And 2 nodes with custom label are spawned assertTrue(assertMethodCallContainsPattern('node', customLabel)) assertTrue(assertMethodCallOccurrences('node', 2)) - } } From 391957de911c21349120f0529dc08d4a6c2bc4fd Mon Sep 17 00:00:00 2001 From: smerle33 Date: Mon, 15 Jan 2024 09:29:52 +0100 Subject: [PATCH 06/11] update updatecli share library to use agent label instead of image --- test/groovy/UpdatecliStepTests.groovy | 15 ++---- vars/updatecli.groovy | 71 +++++++++++---------------- vars/updatecli.txt | 3 +- 3 files changed, 33 insertions(+), 56 deletions(-) diff --git a/test/groovy/UpdatecliStepTests.groovy b/test/groovy/UpdatecliStepTests.groovy index 9bb4fb53..4a8969da 100644 --- a/test/groovy/UpdatecliStepTests.groovy +++ b/test/groovy/UpdatecliStepTests.groovy @@ -31,11 +31,8 @@ class UpdatecliStepTests extends BaseTest { // Then we expect a successful build assertJobStatusSuccess() - // And the correct pod template defined - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'jenkinsciinfra/helmfile:')) - // And the correct default container memory - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceRequestMemory=512Mi')) - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceLimitMemory=512Mi')) + // And the correct pod agent used + assertTrue(assertMethodCallContainsPattern('node', 'jnlp-linux-arm64')) // And the repository checkouted assertTrue(assertMethodCallContainsPattern('checkout', '')) @@ -75,7 +72,6 @@ class UpdatecliStepTests extends BaseTest { // Then we expect a successful build assertJobStatusSuccess() - // And the repository checkouted assertTrue(assertMethodCallContainsPattern('checkout','')) @@ -83,9 +79,6 @@ class UpdatecliStepTests extends BaseTest { assertTrue(assertMethodCallContainsPattern('sh','updatecli diff --config ./ops/config.yml')) assertFalse(assertMethodCallContainsPattern('sh','--values')) - // And the correct container memory - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceRequestMemory=512Mi')) - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceLimitMemory=512Mi')) } @Test @@ -113,7 +106,7 @@ class UpdatecliStepTests extends BaseTest { def script = loadScript(scriptName) // when calling the "updatecli" function with a custom Docker image - script.call(updatecliDockerImage: 'golang:1.16-alpine') + script.call(updatecliAgentLabel: 'jnlp-linux-amd64') printCallStack() // Then we expect a successful build @@ -123,7 +116,7 @@ class UpdatecliStepTests extends BaseTest { assertTrue(assertMethodCallContainsPattern('checkout','')) // And the correct pod template defined - assertTrue(assertMethodCallContainsPattern('containerTemplate', 'golang:1.16-alpine')) + assertTrue(assertMethodCallContainsPattern('node', 'jnlp-linux-amd64')) // And only the diff command called with default values assertTrue(assertMethodCallContainsPattern('sh','updatecli diff --config ./updatecli/updatecli.d --values ./updatecli/values.yaml')) diff --git a/vars/updatecli.groovy b/vars/updatecli.groovy index 0f823a8f..d377c1db 100644 --- a/vars/updatecli.groovy +++ b/vars/updatecli.groovy @@ -7,8 +7,7 @@ def call(userConfig = [:]) { action: 'diff', // Updatecli subcommand to execute config: './updatecli/updatecli.d', // Config manifest used by updatecli (can be a file or a directory) values: './updatecli/values.yaml', // Values file used by updatecli - updatecliDockerImage: 'jenkinsciinfra/helmfile:3.0.59', // Container image to use for running updatecli - containerMemory: '512Mi', // When using 'updatecliDockerImage', this is the memory limit+request of the container + updatecliAgentLabel: 'jnlp-linux-arm64', // replace updatecliDockerImage cronTriggerExpression: '', // When specified, it enables cron trigger for the calling pipeline credentialsId: 'github-app-updatecli-on-jenkins-infra', // githubApp or usernamePassword credentials id to use to get an Access Token. The corresponding populated env vars are USERNAME_VALUE & UPDATECLI_GITHUB_TOKEN ] @@ -29,45 +28,31 @@ def call(userConfig = [:]) { properties([pipelineTriggers([cron(finalConfig.cronTriggerExpression)])]) } - // The podTemplate must define only a single container, named `jnlp` - // Ref - https://support.cloudbees.com/hc/en-us/articles/360054642231-Considerations-for-Kubernetes-Clients-Connections-when-using-Kubernetes-Plugin - podTemplate( - containers: [ - containerTemplate( - name: 'jnlp', - image: finalConfig.updatecliDockerImage, - resourceRequestCpu: '1', - resourceLimitCpu: '1', - resourceRequestMemory: finalConfig.containerMemory, - resourceLimitMemory: finalConfig.containerMemory, - ), - ] - ) { - node(POD_LABEL) { - final String updatecliRunStage = "Run updatecli: ${finalConfig.action}" - boolean runUpdatecli = true - stage("Check if updatecli folder exists: ${finalConfig.action}") { - checkout scm - if (!fileExists('updatecli/')) { - echo 'WARNING: no updatecli folder.' - runUpdatecli = false - org.jenkinsci.plugins.pipeline.modeldefinition.Utils.markStageSkippedForConditional(updatecliRunStage) - } - } - stage(updatecliRunStage) { - if (runUpdatecli) { - withCredentials([ - usernamePassword( - credentialsId: finalConfig.credentialsId, - usernameVariable: 'USERNAME_VALUE', // Setting this variable is mandatory, even if of not used when the credentials is a githubApp one - passwordVariable: 'UPDATECLI_GITHUB_TOKEN' - ) - ]) { - sh 'updatecli version' - sh updatecliCommand - } // withCredentials - } // if (runUpdateCli) - } // stage - } // node - } // podTemplate + + node (finalConfig.updatecliAgentLabel) { + final String updatecliRunStage = "Run updatecli: ${finalConfig.action}" + boolean runUpdatecli = true + stage("Check if updatecli folder exists: ${finalConfig.action}") { + checkout scm + if (!fileExists('updatecli/')) { + echo 'WARNING: no updatecli folder.' + runUpdatecli = false + org.jenkinsci.plugins.pipeline.modeldefinition.Utils.markStageSkippedForConditional(updatecliRunStage) + } + } + stage(updatecliRunStage) { + if (runUpdatecli) { + withCredentials([ + usernamePassword( + credentialsId: finalConfig.credentialsId, + usernameVariable: 'USERNAME_VALUE', // Setting this variable is mandatory, even if of not used when the credentials is a githubApp one + passwordVariable: 'UPDATECLI_GITHUB_TOKEN' + ) + ]) { + sh 'updatecli version' + sh updatecliCommand + } // withCredentials + } // if (runUpdateCli) + } // stage + } } diff --git a/vars/updatecli.txt b/vars/updatecli.txt index 0f14bc57..7ac6d1f5 100644 --- a/vars/updatecli.txt +++ b/vars/updatecli.txt @@ -8,9 +8,8 @@
  • String action: (Optional - Default: "diff") Updatecli action (e.g. subcommand) to execute.
  • String config: (Optional - Default: "./updatecli/updatecli.d") path to the file or directory with the updatecli configuration (flag "--config").
  • String values: (Optional - Default: "./updatecli/values.yaml") path to the file with the updatecli values (flag "--values").
    • -
  • String updatecliDockerImage: (Optional - Default: "jenkinsciinfra/helmfile:3.0.59") Docker Image of updatecli to be used in the process.
    • +
  • String updatecliAgentLabel: (Optional - Default: "jnlp-linux-arm64") agent to be used in the process.
  • String cronTriggerExpression: (Optional - Default: "") Enable periodic execution by providing a cron-like expression.
    • -
  • String containerMemory: (Optional - Default: "512Mi") specify the amount of memory dedicated to the updatecli container.
  • String credentialsId: (Optional - Default: "github-app-updatecli-on-jenkins-infra") specify the githubApp or usernamePassword credentials id to use to get an Access Token. The corresponding populated env vars are USERNAME_VALUE & UPDATECLI_GITHUB_TOKEN
    • From f885cf63d6ca9b25b5095fc8e8b7d4e930dd48b4 Mon Sep 17 00:00:00 2001 From: smerle33 Date: Mon, 15 Jan 2024 09:35:17 +0100 Subject: [PATCH 07/11] remove useless updatecli manifest --- updatecli/updatecli.d/docker-helmfile.yml | 67 ------------------- updatecli/updatecli.d/terraform-hashicorp.yml | 57 ---------------- vars/terraform.groovy | 1 - 3 files changed, 125 deletions(-) delete mode 100644 updatecli/updatecli.d/docker-helmfile.yml delete mode 100644 updatecli/updatecli.d/terraform-hashicorp.yml diff --git a/updatecli/updatecli.d/docker-helmfile.yml b/updatecli/updatecli.d/docker-helmfile.yml deleted file mode 100644 index 46c42d1d..00000000 --- a/updatecli/updatecli.d/docker-helmfile.yml +++ /dev/null @@ -1,67 +0,0 @@ ---- -name: Bump `docker-helmfile` version - -scms: - default: - kind: github - spec: - user: "{{ .github.user }}" - email: "{{ .github.email }}" - owner: "{{ .github.owner }}" - repository: "{{ .github.repository }}" - token: "{{ requiredEnv .github.token }}" - username: "{{ .github.username }}" - branch: "{{ .github.branch }}" - -sources: - lastVersion: - kind: githubrelease - name: Get the latest updatecli version - spec: - owner: "jenkins-infra" - repository: "docker-helmfile" - token: "{{ requiredEnv .github.token }}" - username: "{{ .github.username }}" - versionfilter: - kind: semver - transformers: - - trimprefix: v - -conditions: - checkIfDockerImageIsPublished: - name: "Check if the Docker Image is published" - kind: dockerimage - spec: - image: "jenkinsciinfra/helmfile" - architecture: amd64 - -targets: - updateGroovyCode: - name: Update docker-helmfile in groovy code - kind: file - spec: - file: vars/updatecli.groovy - # Please note that the patterns are specified as "block scalars" (>) with the last endline trimmed (-) to avoid tedious escaping of simple quotes - matchpattern: >- - 'jenkinsciinfra/helmfile:(.*)' - replacepattern: >- - 'jenkinsciinfra/helmfile:{{ source `lastVersion` }}' - scmid: default - updateDoc: - name: Update docker-helmfile in documentation - kind: file - spec: - file: vars/updatecli.txt - matchpattern: jenkinsciinfra/helmfile:(\d+\.\d+\.\d+)\" - replacepattern: jenkinsciinfra/helmfile:{{ source `lastVersion` }}" - scmid: default - -actions: - default: - kind: github/pullrequest - title: Bump `docker-helmfile` version to {{ source "lastVersion" }} - scmid: default - spec: - labels: - - dependencies - - jenkinsciinfra/helmfile diff --git a/updatecli/updatecli.d/terraform-hashicorp.yml b/updatecli/updatecli.d/terraform-hashicorp.yml deleted file mode 100644 index 34ec3a6e..00000000 --- a/updatecli/updatecli.d/terraform-hashicorp.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Bump `hashicorp-tools` docker image - -scms: - default: - kind: github - spec: - user: "{{ .github.user }}" - email: "{{ .github.email }}" - owner: "{{ .github.owner }}" - repository: "{{ .github.repository }}" - token: "{{ requiredEnv .github.token }}" - username: "{{ .github.username }}" - branch: "{{ .github.branch }}" - -sources: - dockerHashicorpToolsImageVersion: - kind: githubrelease - spec: - owner: "jenkins-infra" - repository: "docker-hashicorp-tools" - token: "{{ requiredEnv .github.token }}" - username: "{{ .github.username }}" - versionfilter: - kind: semver - transformers: - - trimprefix: v - -conditions: - checkIfDockerImageIsPublished: - name: "Check if the Docker Image is published" - kind: dockerimage - spec: - image: "jenkinsciinfra/hashicorp-tools" - architecture: amd64 - -targets: - updateTerraformFile: - name: Update Terraform file in groovy code - kind: file - spec: - file: ./vars/terraform.groovy - # Please note that the patterns are specified as "block scalars" (>) - https://yaml-multiline.info/ - with the last endline trimmed (-) to avoid tedious escaping of simple quotes - matchpattern: >- - 'jenkinsciinfra/hashicorp-tools:(.*)' - replacepattern: >- - 'jenkinsciinfra/hashicorp-tools:{{ source `dockerHashicorpToolsImageVersion` }}' - scmid: default - -actions: - default: - kind: github/pullrequest - scmid: default - title: Bump `hashicorp-tools` docker image to {{ source "dockerHashicorpToolsImageVersion" }} - spec: - labels: - - dependencies - - jenkinsciinfra/hashicorp-tools diff --git a/vars/terraform.groovy b/vars/terraform.groovy index c098197d..d518bdc5 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -9,7 +9,6 @@ def call(userConfig = [:]) { stagingCredentials: [], // No custom secrets for staging by default productionCredentials: [], // No custom secrets for production by default productionBranch: 'main', // Defaults to the principal branch - agentContainerImage: 'jenkinsciinfra/hashicorp-tools:1.0.62', // Version managed by updatecli agentLabel: 'jnlp-linux-arm64', // replace agentContainerImage runTests: false, // Executes the tests provided by the "calling" project, which should provide a tests/Makefile runCommonTests: true, // Executes the default test suite from the shared tools repository (terratest) From acce4abdafbcd8b583aac978d63aff408b5983be Mon Sep 17 00:00:00 2001 From: smerle33 Date: Tue, 16 Jan 2024 10:38:50 +0100 Subject: [PATCH 08/11] revert updatecli changes as in other PR --- test/groovy/UpdatecliStepTests.groovy | 15 +++-- updatecli/updatecli.d/docker-helmfile.yml | 67 +++++++++++++++++++++ vars/updatecli.groovy | 71 ++++++++++++++--------- vars/updatecli.txt | 3 +- 4 files changed, 123 insertions(+), 33 deletions(-) create mode 100644 updatecli/updatecli.d/docker-helmfile.yml diff --git a/test/groovy/UpdatecliStepTests.groovy b/test/groovy/UpdatecliStepTests.groovy index 4a8969da..9bb4fb53 100644 --- a/test/groovy/UpdatecliStepTests.groovy +++ b/test/groovy/UpdatecliStepTests.groovy @@ -31,8 +31,11 @@ class UpdatecliStepTests extends BaseTest { // Then we expect a successful build assertJobStatusSuccess() - // And the correct pod agent used - assertTrue(assertMethodCallContainsPattern('node', 'jnlp-linux-arm64')) + // And the correct pod template defined + assertTrue(assertMethodCallContainsPattern('containerTemplate', 'jenkinsciinfra/helmfile:')) + // And the correct default container memory + assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceRequestMemory=512Mi')) + assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceLimitMemory=512Mi')) // And the repository checkouted assertTrue(assertMethodCallContainsPattern('checkout', '')) @@ -72,6 +75,7 @@ class UpdatecliStepTests extends BaseTest { // Then we expect a successful build assertJobStatusSuccess() + // And the repository checkouted assertTrue(assertMethodCallContainsPattern('checkout','')) @@ -79,6 +83,9 @@ class UpdatecliStepTests extends BaseTest { assertTrue(assertMethodCallContainsPattern('sh','updatecli diff --config ./ops/config.yml')) assertFalse(assertMethodCallContainsPattern('sh','--values')) + // And the correct container memory + assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceRequestMemory=512Mi')) + assertTrue(assertMethodCallContainsPattern('containerTemplate', 'resourceLimitMemory=512Mi')) } @Test @@ -106,7 +113,7 @@ class UpdatecliStepTests extends BaseTest { def script = loadScript(scriptName) // when calling the "updatecli" function with a custom Docker image - script.call(updatecliAgentLabel: 'jnlp-linux-amd64') + script.call(updatecliDockerImage: 'golang:1.16-alpine') printCallStack() // Then we expect a successful build @@ -116,7 +123,7 @@ class UpdatecliStepTests extends BaseTest { assertTrue(assertMethodCallContainsPattern('checkout','')) // And the correct pod template defined - assertTrue(assertMethodCallContainsPattern('node', 'jnlp-linux-amd64')) + assertTrue(assertMethodCallContainsPattern('containerTemplate', 'golang:1.16-alpine')) // And only the diff command called with default values assertTrue(assertMethodCallContainsPattern('sh','updatecli diff --config ./updatecli/updatecli.d --values ./updatecli/values.yaml')) diff --git a/updatecli/updatecli.d/docker-helmfile.yml b/updatecli/updatecli.d/docker-helmfile.yml new file mode 100644 index 00000000..46c42d1d --- /dev/null +++ b/updatecli/updatecli.d/docker-helmfile.yml @@ -0,0 +1,67 @@ +--- +name: Bump `docker-helmfile` version + +scms: + default: + kind: github + spec: + user: "{{ .github.user }}" + email: "{{ .github.email }}" + owner: "{{ .github.owner }}" + repository: "{{ .github.repository }}" + token: "{{ requiredEnv .github.token }}" + username: "{{ .github.username }}" + branch: "{{ .github.branch }}" + +sources: + lastVersion: + kind: githubrelease + name: Get the latest updatecli version + spec: + owner: "jenkins-infra" + repository: "docker-helmfile" + token: "{{ requiredEnv .github.token }}" + username: "{{ .github.username }}" + versionfilter: + kind: semver + transformers: + - trimprefix: v + +conditions: + checkIfDockerImageIsPublished: + name: "Check if the Docker Image is published" + kind: dockerimage + spec: + image: "jenkinsciinfra/helmfile" + architecture: amd64 + +targets: + updateGroovyCode: + name: Update docker-helmfile in groovy code + kind: file + spec: + file: vars/updatecli.groovy + # Please note that the patterns are specified as "block scalars" (>) with the last endline trimmed (-) to avoid tedious escaping of simple quotes + matchpattern: >- + 'jenkinsciinfra/helmfile:(.*)' + replacepattern: >- + 'jenkinsciinfra/helmfile:{{ source `lastVersion` }}' + scmid: default + updateDoc: + name: Update docker-helmfile in documentation + kind: file + spec: + file: vars/updatecli.txt + matchpattern: jenkinsciinfra/helmfile:(\d+\.\d+\.\d+)\" + replacepattern: jenkinsciinfra/helmfile:{{ source `lastVersion` }}" + scmid: default + +actions: + default: + kind: github/pullrequest + title: Bump `docker-helmfile` version to {{ source "lastVersion" }} + scmid: default + spec: + labels: + - dependencies + - jenkinsciinfra/helmfile diff --git a/vars/updatecli.groovy b/vars/updatecli.groovy index d377c1db..0f823a8f 100644 --- a/vars/updatecli.groovy +++ b/vars/updatecli.groovy @@ -7,7 +7,8 @@ def call(userConfig = [:]) { action: 'diff', // Updatecli subcommand to execute config: './updatecli/updatecli.d', // Config manifest used by updatecli (can be a file or a directory) values: './updatecli/values.yaml', // Values file used by updatecli - updatecliAgentLabel: 'jnlp-linux-arm64', // replace updatecliDockerImage + updatecliDockerImage: 'jenkinsciinfra/helmfile:3.0.59', // Container image to use for running updatecli + containerMemory: '512Mi', // When using 'updatecliDockerImage', this is the memory limit+request of the container cronTriggerExpression: '', // When specified, it enables cron trigger for the calling pipeline credentialsId: 'github-app-updatecli-on-jenkins-infra', // githubApp or usernamePassword credentials id to use to get an Access Token. The corresponding populated env vars are USERNAME_VALUE & UPDATECLI_GITHUB_TOKEN ] @@ -28,31 +29,45 @@ def call(userConfig = [:]) { properties([pipelineTriggers([cron(finalConfig.cronTriggerExpression)])]) } - - node (finalConfig.updatecliAgentLabel) { - final String updatecliRunStage = "Run updatecli: ${finalConfig.action}" - boolean runUpdatecli = true - stage("Check if updatecli folder exists: ${finalConfig.action}") { - checkout scm - if (!fileExists('updatecli/')) { - echo 'WARNING: no updatecli folder.' - runUpdatecli = false - org.jenkinsci.plugins.pipeline.modeldefinition.Utils.markStageSkippedForConditional(updatecliRunStage) - } - } - stage(updatecliRunStage) { - if (runUpdatecli) { - withCredentials([ - usernamePassword( - credentialsId: finalConfig.credentialsId, - usernameVariable: 'USERNAME_VALUE', // Setting this variable is mandatory, even if of not used when the credentials is a githubApp one - passwordVariable: 'UPDATECLI_GITHUB_TOKEN' - ) - ]) { - sh 'updatecli version' - sh updatecliCommand - } // withCredentials - } // if (runUpdateCli) - } // stage - } + // The podTemplate must define only a single container, named `jnlp` + // Ref - https://support.cloudbees.com/hc/en-us/articles/360054642231-Considerations-for-Kubernetes-Clients-Connections-when-using-Kubernetes-Plugin + podTemplate( + containers: [ + containerTemplate( + name: 'jnlp', + image: finalConfig.updatecliDockerImage, + resourceRequestCpu: '1', + resourceLimitCpu: '1', + resourceRequestMemory: finalConfig.containerMemory, + resourceLimitMemory: finalConfig.containerMemory, + ), + ] + ) { + node(POD_LABEL) { + final String updatecliRunStage = "Run updatecli: ${finalConfig.action}" + boolean runUpdatecli = true + stage("Check if updatecli folder exists: ${finalConfig.action}") { + checkout scm + if (!fileExists('updatecli/')) { + echo 'WARNING: no updatecli folder.' + runUpdatecli = false + org.jenkinsci.plugins.pipeline.modeldefinition.Utils.markStageSkippedForConditional(updatecliRunStage) + } + } + stage(updatecliRunStage) { + if (runUpdatecli) { + withCredentials([ + usernamePassword( + credentialsId: finalConfig.credentialsId, + usernameVariable: 'USERNAME_VALUE', // Setting this variable is mandatory, even if of not used when the credentials is a githubApp one + passwordVariable: 'UPDATECLI_GITHUB_TOKEN' + ) + ]) { + sh 'updatecli version' + sh updatecliCommand + } // withCredentials + } // if (runUpdateCli) + } // stage + } // node + } // podTemplate } diff --git a/vars/updatecli.txt b/vars/updatecli.txt index 7ac6d1f5..0f14bc57 100644 --- a/vars/updatecli.txt +++ b/vars/updatecli.txt @@ -8,8 +8,9 @@
  • String action: (Optional - Default: "diff") Updatecli action (e.g. subcommand) to execute.
  • String config: (Optional - Default: "./updatecli/updatecli.d") path to the file or directory with the updatecli configuration (flag "--config").
  • String values: (Optional - Default: "./updatecli/values.yaml") path to the file with the updatecli values (flag "--values").
    • -
  • String updatecliAgentLabel: (Optional - Default: "jnlp-linux-arm64") agent to be used in the process.
    • +
  • String updatecliDockerImage: (Optional - Default: "jenkinsciinfra/helmfile:3.0.59") Docker Image of updatecli to be used in the process.
  • String cronTriggerExpression: (Optional - Default: "") Enable periodic execution by providing a cron-like expression.
    • +
  • String containerMemory: (Optional - Default: "512Mi") specify the amount of memory dedicated to the updatecli container.
  • String credentialsId: (Optional - Default: "github-app-updatecli-on-jenkins-infra") specify the githubApp or usernamePassword credentials id to use to get an Access Token. The corresponding populated env vars are USERNAME_VALUE & UPDATECLI_GITHUB_TOKEN
    • From 59fdda3d75b74538969bd930faad7e2a7282d175 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20MERLE?= <95630726+smerle33@users.noreply.github.com> Date: Thu, 18 Jan 2024 09:23:46 +0100 Subject: [PATCH 09/11] DEBUG --- vars/terraform.groovy | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vars/terraform.groovy b/vars/terraform.groovy index d518bdc5..c64274ff 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -59,6 +59,9 @@ def call(userConfig = [:]) { } if (finalConfig.runCommonTests) { stage('✅ Commons Test Terraform Project') { + sh 'pwd' + sh "echo ${PATH}" + sh 'go version' sh makeCliCmd + ' common-tests' } } From 44f97935556cbc18dbe9c41bdd8ef7325b22e719 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20MERLE?= <95630726+smerle33@users.noreply.github.com> Date: Thu, 18 Jan 2024 11:34:57 +0100 Subject: [PATCH 10/11] wip --- vars/terraform.groovy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vars/terraform.groovy b/vars/terraform.groovy index c64274ff..72b77111 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -59,9 +59,9 @@ def call(userConfig = [:]) { } if (finalConfig.runCommonTests) { stage('✅ Commons Test Terraform Project') { + sh 'whoami' sh 'pwd' - sh "echo ${PATH}" - sh 'go version' + sh 'echo "${PATH}"' sh makeCliCmd + ' common-tests' } } From ae745872c30f529efb85927a4a227d59b069261e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20MERLE?= <95630726+smerle33@users.noreply.github.com> Date: Thu, 18 Jan 2024 16:50:08 +0100 Subject: [PATCH 11/11] remove debug --- vars/terraform.groovy | 3 --- 1 file changed, 3 deletions(-) diff --git a/vars/terraform.groovy b/vars/terraform.groovy index 72b77111..d518bdc5 100644 --- a/vars/terraform.groovy +++ b/vars/terraform.groovy @@ -59,9 +59,6 @@ def call(userConfig = [:]) { } if (finalConfig.runCommonTests) { stage('✅ Commons Test Terraform Project') { - sh 'whoami' - sh 'pwd' - sh 'echo "${PATH}"' sh makeCliCmd + ' common-tests' } }