forked from jenkinsci/nexus-platform-plugin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile.sonatype
145 lines (131 loc) · 5.07 KB
/
Jenkinsfile.sonatype
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
/*
* Copyright (c) 2016-present Sonatype, Inc. All rights reserved.
* Includes the third-party code listed at http://links.sonatype.com/products/nexus/attributions.
* "Sonatype" is a trademark of Sonatype, Inc.
*/
@Library(['ci-pipeline-library', 'jenkins-shared']) _
import com.sonatype.jenkins.pipeline.GitHub
properties([
parameters([
booleanParam(defaultValue: false, description: 'Release Nexus Platform Plugin', name: 'isRelease')
])
])
String getCommitId() {
return runSafely ('git rev-parse HEAD', true)
}
Map jenkinsMavenConfig() {
def common = mavenCommon([mavenStandardOptions: ''])
common.settingsFile = 'jenkins-settings.xml'
return common
}
String apiToken = null
withCredentials([[$class : 'UsernamePasswordMultiBinding', credentialsId: 'integrations-github-api',
usernameVariable: 'GITHUB_API_USERNAME', passwordVariable: 'GITHUB_API_PASSWORD']]) {
apiToken = env.GITHUB_API_PASSWORD
}
GitHub gitHub = new GitHub(this, 'jenkinsci/nexus-platform-plugin', apiToken)
Closure postHandler = {
currentBuild, env ->
def commitId = getCommitId()
if (currentBuild.currentResult == 'SUCCESS') {
gitHub.statusUpdate commitId, 'success', 'CI', 'CI Passed'
}
else {
gitHub.statusUpdate commitId, 'failure', 'CI', 'CI Failed'
}
}
Closure iqPolicyEvaluation = {
stage ->
def commitId = getCommitId()
gitHub.statusUpdate commitId, 'pending', 'analysis', 'Nexus Lifecycle Analysis in running'
try {
def evaluation = nexusPolicyEvaluation failBuildOnNetworkError: false, iqApplication: 'nexus-jenkins-plugin',
iqScanPatterns: [[scanPattern: 'target/nexus-jenkins-plugin.hpi']], iqStage: 'build', jobCredentialsId: ''
gitHub.statusUpdate commitId, 'success', 'analysis', 'Nexus Lifecycle Analysis passed',
"${evaluation.applicationCompositionReportUrl}"
}
catch (error) {
def evaluation = error.policyEvaluation
gitHub.statusUpdate commitId, 'failure', 'analysis', 'Nexus Lifecycle Analysis failed',
"${evaluation.applicationCompositionReportUrl}"
throw error
}
}
if (!params.isRelease) {
/**
* Currently master branch will attempt a deploy which requires logic invoked when isRelease is true. If
* mavenSnapshotPipeline is used on master an unauthorized deploy will be attempted against the jenkinsci repository.
**/
if (scm.branches[0].name == '*/master') {
echo 'Master builds should only be used for release.'
return
}
mavenSnapshotPipeline(
notificationSender: postHandler,
iqPolicyEvaluation: iqPolicyEvaluation
)
return
}
else {
node('ubuntu-zion') {
def commitId, commitDate, pom, version, mvnReleaseCommand
try {
stage('Preparation') {
deleteDir()
checkout scm
runSafely 'git config --global user.email [email protected]'
runSafely 'git config --global user.name Sonatype CI'
commitId = getCommitId()
commitDate = runSafely("git show -s --format=%cd --date=format:%Y%m%d-%H%M%S ${commitId}", true)
pom = readMavenPom file: 'pom.xml'
version = pom.version.replace("-SNAPSHOT", ".${commitDate}.${commitId.substring(0, 7)}")
mvnReleaseCommand = "-Darguments=-DskipTests -DreleaseVersion=${version} -DdevelopmentVersion=${pom.version} " +
"-DpushChanges=false -DlocalCheckout=true -DpreparationGoals=initialize clean release:prepare " +
"release:perform -B"
currentBuild.displayName = "#${currentBuild.number} - ${version}"
}
stage('License Check') {
licenseCheck(jenkinsMavenConfig())
}
stage('Build') {
mvn jenkinsMavenConfig(), 'clean package'
}
stage('Nexus Lifecycle Analysis') {
iqPolicyEvaluation('release')
}
stage('Archive Results') {
junit '**/target/surefire-reports/TEST-*.xml'
archive 'target/*.hpi'
}
}
finally {
postHandler(env, currentBuild)
}
if (currentBuild.result == 'FAILURE') {
return
}
if (scm.branches[0].name != '*/master') {
return
}
stage('Deploy to Sonatype') {
withGpgCredentials('gnupg') {
mvn mavenCommon([usePublicSettingsXmlFile: true, mavenProfiles: ['sonatype'], mavenStandardOptions: '']),
mvnReleaseCommand
}
}
input 'Push tags and deploy to Jenkins Update Center?'
stage('Push tags') {
withCredentials([[$class : 'UsernamePasswordMultiBinding', credentialsId: 'integrations-github-api',
usernameVariable: 'GITHUB_API_USERNAME', passwordVariable: 'GITHUB_API_PASSWORD']]) {
runSafely "git push https://${env.GITHUB_API_USERNAME}:${env.GITHUB_API_PASSWORD}@github" +
".com/jenkinsci/nexus-platform-plugin.git ${pom.artifactId}-${version}"
}
// Reset all changes to local repository made by the Maven release plugin
runSafely "git tag -d ${pom.artifactId}-${version}"
runSafely 'git clean -f && git reset --hard origin/master'
}
stage('Deploy to Jenkins') {
mvn jenkinsMavenConfig(), mvnReleaseCommand
}
}
}