Skip to content

Instantly share code, notes, and snippets.

@mmphego
Forked from merikan/Jenkinsfile
Created June 8, 2022 03:46
Show Gist options
  • Save mmphego/b3a7ed23f81f9ca19e8029d396220143 to your computer and use it in GitHub Desktop.
Save mmphego/b3a7ed23f81f9ca19e8029d396220143 to your computer and use it in GitHub Desktop.
Some Jenkinsfile examples
#!/usr/bin/env groovy
pipeline {
agent { node { label 'swarm-ci' } }
environment {
TEST_PREFIX = "test-IMAGE"
TEST_IMAGE = "${env.TEST_PREFIX}:${env.BUILD_NUMBER}"
TEST_CONTAINER = "${env.TEST_PREFIX}-${env.BUILD_NUMBER}"
REGISTRY_ADDRESS = "my.registry.address.com"
SLACK_CHANNEL = "#deployment-notifications"
SLACK_TEAM_DOMAIN = "MY-SLACK-TEAM"
SLACK_TOKEN = credentials("slack_token")
DEPLOY_URL = "https://deployment.example.com/"
COMPOSE_FILE = "docker-compose.yml"
REGISTRY_AUTH = credentials("docker-registry")
STACK_PREFIX = "my-project-stack-name"
}
stages {
stage("Prepare") {
steps {
bitbucketStatusNotify buildState: "INPROGRESS"
}
}
stage("Build and start test image") {
steps {
sh "docker-composer build"
sh "docker-compose up -d"
waitUntilServicesReady
}
}
stage("Run tests") {
steps {
sh "docker-compose exec -T php-fpm composer --no-ansi --no-interaction tests-ci"
sh "docker-compose exec -T php-fpm composer --no-ansi --no-interaction behat-ci"
}
post {
always {
junit "build/junit/*.xml"
step([
$class : "CloverPublisher",
cloverReportDir : "build/coverage",
cloverReportFileName: "clover.xml"
])
}
}
}
stage("Determine new version") {
when {
branch "master"
}
steps {
script {
env.DEPLOY_VERSION = sh(returnStdout: true, script: "docker run --rm -v '${env.WORKSPACE}':/repo:ro softonic/ci-version:0.1.0 --compatible-with package.json").trim()
env.DEPLOY_MAJOR_VERSION = sh(returnStdout: true, script: "echo '${env.DEPLOY_VERSION}' | awk -F'[ .]' '{print \$1}'").trim()
env.DEPLOY_COMMIT_HASH = sh(returnStdout: true, script: "git rev-parse HEAD | cut -c1-7").trim()
env.DEPLOY_BUILD_DATE = sh(returnStdout: true, script: "date -u +'%Y-%m-%dT%H:%M:%SZ'").trim()
env.DEPLOY_STACK_NAME = "${env.STACK_PREFIX}-v${env.DEPLOY_MAJOR_VERSION}"
env.IS_NEW_VERSION = sh(returnStdout: true, script: "[ '${env.DEPLOY_VERSION}' ] && echo 'YES'").trim()
}
}
}
stage("Create new version") {
when {
branch "master"
environment name: "IS_NEW_VERSION", value: "YES"
}
steps {
script {
sshagent(['ci-ssh']) {
sh """
git config user.email "[email protected]"
git config user.name "Jenkins"
git tag -a "v${env.DEPLOY_VERSION}" \
-m "Generated by: ${env.JENKINS_URL}" \
-m "Job: ${env.JOB_NAME}" \
-m "Build: ${env.BUILD_NUMBER}" \
-m "Env Branch: ${env.BRANCH_NAME}"
git push origin "v${env.DEPLOY_VERSION}"
"""
}
}
sh "docker login -u=$REGISTRY_AUTH_USR -p=$REGISTRY_AUTH_PSW ${env.REGISTRY_ADDRESS}"
sh "docker-compose -f ${env.COMPOSE_FILE} build"
sh "docker-compose -f ${env.COMPOSE_FILE} push"
}
}
stage("Deploy to production") {
agent { node { label "swarm-prod" } }
when {
branch "master"
environment name: "IS_NEW_VERSION", value: "YES"
}
steps {
sh "docker login -u=$REGISTRY_AUTH_USR -p=$REGISTRY_AUTH_PSW ${env.REGISTRY_ADDRESS}"
sh "docker stack deploy ${env.DEPLOY_STACK_NAME} -c ${env.COMPOSE_FILE} --with-registry-auth"
}
post {
success {
slackSend(
teamDomain: "${env.SLACK_TEAM_DOMAIN}",
token: "${env.SLACK_TOKEN}",
channel: "${env.SLACK_CHANNEL}",
color: "good",
message: "${env.STACK_PREFIX} production deploy: *${env.DEPLOY_VERSION}*. <${env.DEPLOY_URL}|Access service> - <${env.BUILD_URL}|Check build>"
)
}
failure {
slackSend(
teamDomain: "${env.SLACK_TEAM_DOMAIN}",
token: "${env.SLACK_TOKEN}",
channel: "${env.SLACK_CHANNEL}",
color: "danger",
message: "${env.STACK_PREFIX} production deploy failed: *${env.DEPLOY_VERSION}*. <${env.BUILD_URL}|Check build>"
)
}
}
}
}
post {
always {
sh "docker-compose down || true"
}
success {
bitbucketStatusNotify buildState: "SUCCESSFUL"
}
failure {
bitbucketStatusNotify buildState: "FAILED"
}
}
}
#!/usr/bin/env groovy
pipeline {
/*
* Run everything on an existing agent configured with a label 'docker'.
* This agent will need docker, git and a jdk installed at a minimum.
*/
agent {
node {
label 'docker'
}
}
// using the Timestamper plugin we can add timestamps to the console log
options {
timestamps()
}
environment {
//Use Pipeline Utility Steps plugin to read information from pom.xml into env variables
IMAGE = readMavenPom().getArtifactId()
VERSION = readMavenPom().getVersion()
}
stages {
stage('Build') {
agent {
docker {
/*
* Reuse the workspace on the agent defined at top-level of Pipeline but run inside a container.
* In this case we are running a container with maven so we don't have to install specific versions
* of maven directly on the agent
*/
reuseNode true
image 'maven:3.5.0-jdk-8'
}
}
steps {
// using the Pipeline Maven plugin we can set maven configuration settings, publish test results, and annotate the Jenkins console
withMaven(options: [findbugsPublisher(), junitPublisher(ignoreAttachments: false)]) {
sh 'mvn clean findbugs:findbugs package'
}
}
post {
success {
// we only worry about archiving the jar file if the build steps are successful
archiveArtifacts(artifacts: '**/target/*.jar', allowEmptyArchive: true)
}
}
}
stage('Quality Analysis') {
parallel {
// run Sonar Scan and Integration tests in parallel. This syntax requires Declarative Pipeline 1.2 or higher
stage('Integration Test') {
agent any //run this stage on any available agent
steps {
echo 'Run integration tests here...'
}
}
stage('Sonar Scan') {
agent {
docker {
// we can use the same image and workspace as we did previously
reuseNode true
image 'maven:3.5.0-jdk-8'
}
}
environment {
//use 'sonar' credentials scoped only to this stage
SONAR = credentials('sonar')
}
steps {
sh 'mvn sonar:sonar -Dsonar.login=$SONAR_PSW'
}
}
}
}
stage('Build and Publish Image') {
when {
branch 'master' //only run these steps on the master branch
}
steps {
/*
* Multiline strings can be used for larger scripts. It is also possible to put scripts in your shared library
* and load them with 'libaryResource'
*/
sh """
docker build -t ${IMAGE} .
docker tag ${IMAGE} ${IMAGE}:${VERSION}
docker push ${IMAGE}:${VERSION}
"""
}
}
}
post {
failure {
// notify users when the Pipeline fails
mail to: '[email protected]',
subject: "Failed Pipeline: ${currentBuild.fullDisplayName}",
body: "Something is wrong with ${env.BUILD_URL}"
}
}
}
#!/usr/bin/env groovy
pipeline {
agent any
environment {
POM_VERSION = readMavenPom().getVersion()
BUILD_RELEASE_VERSION = readMavenPom().getVersion().replace("-SNAPSHOT", "")
IS_SNAPSHOT = readMavenPom().getVersion().endsWith("-SNAPSHOT")
GIT_TAG_COMMIT = sh(script: 'git describe --tags --always', returnStdout: true).trim()
}
stages {
stage('stage one') {
steps {
script {
tags_extra = "value_1"
}
echo "tags_extra: ${tags_extra}"
}
}
stage('stage two') {
steps {
echo "tags_extra: ${tags_extra}"
}
}
stage('stage three') {
when {
expression { tags_extra != 'bla' }
}
steps {
echo "tags_extra: ${tags_extra}"
}
}
}
}
#!/usr/bin/env groovy
// Some fast steps to inspect the build server. Create a pipeline script job and add this:
node {
DOCKER_PATH = sh (script: 'command -v docker', returnStdout: true).trim()
echo "Docker path: ${DOCKER_PATH}"
FREE_MEM = sh (script: 'free -m', returnStdout: true).trim()
echo "Free memory: ${FREE_MEM}"
echo sh(script: 'env|sort', returnStdout: true)
}
#!/usr/bin/env groovy
pipeline {
agent any
stages {
stage("Build") {
steps {
sh 'mvn -v'
}
}
stage("Testing") {
parallel {
stage("Unit Tests") {
agent { docker 'openjdk:7-jdk-alpine' }
steps {
sh 'java -version'
}
}
stage("Functional Tests") {
agent { docker 'openjdk:8-jdk-alpine' }
steps {
sh 'java -version'
}
}
stage("Integration Tests") {
steps {
sh 'java -version'
}
}
}
}
stage("Deploy") {
steps {
echo "Deploy!"
}
}
}
}
#!/usr/bin/env groovy
pipeline {
agent any
environment {
VALUE_ONE = '1'
VALUE_TWO = '2'
VALUE_THREE = '3'
}
stages {
// skip a stage while creating the pipeline
stage("A stage to be skipped") {
when {
expression { false } //skip this stage
}
steps {
echo 'This step will never be run'
}
}
// Execute when branch = 'master'
stage("BASIC WHEN - Branch") {
when {
branch 'master'
}
steps {
echo 'BASIC WHEN - Master Branch!'
}
}
// Expression based when example with AND
stage('WHEN EXPRESSION with AND') {
when {
expression {
VALUE_ONE == '1' && VALUE_THREE == '3'
}
}
steps {
echo 'WHEN with AND expression works!'
}
}
// Expression based when example
stage('WHEN EXPRESSION with OR') {
when {
expression {
VALUE_ONE == '1' || VALUE_THREE == '2'
}
}
steps {
echo 'WHEN with OR expression works!'
}
}
// When - AllOf Example
stage("AllOf") {
when {
allOf {
environment name:'VALUE_ONE', value: '1'
environment name:'VALUE_TWO', value: '2'
}
}
steps {
echo "AllOf Works!!"
}
}
// When - Not AnyOf Example
stage("Not AnyOf") {
when {
not {
anyOf {
branch "development"
environment name:'VALUE_TWO', value: '4'
}
}
}
steps {
echo "Not AnyOf - Works!"
}
}
}
}
#!/usr/bin/env groovy
pipeline {
// run on jenkins nodes tha has java 8 label
agent { label 'java8' }
// global env variables
environment {
EMAIL_RECIPIENTS = '[email protected]'
}
stages {
stage('Build with unit testing') {
steps {
// Run the maven build
script {
// Get the Maven tool.
// ** NOTE: This 'M3' Maven tool must be configured
// ** in the global configuration.
echo 'Pulling...' + env.BRANCH_NAME
def mvnHome = tool 'Maven 3.3.9'
if (isUnix()) {
def targetVersion = getDevVersion()
print 'target build version...'
print targetVersion
sh "'${mvnHome}/bin/mvn' -Dintegration-tests.skip=true -Dbuild.number=${targetVersion} clean package"
def pom = readMavenPom file: 'pom.xml'
// get the current development version
developmentArtifactVersion = "${pom.version}-${targetVersion}"
print pom.version
// execute the unit testing and collect the reports
junit '**//*target/surefire-reports/TEST-*.xml'
archive 'target*//*.jar'
} else {
bat(/"${mvnHome}\bin\mvn" -Dintegration-tests.skip=true clean package/)
def pom = readMavenPom file: 'pom.xml'
print pom.version
junit '**//*target/surefire-reports/TEST-*.xml'
archive 'target*//*.jar'
}
}
}
}
stage('Integration tests') {
// Run integration test
steps {
script {
def mvnHome = tool 'Maven 3.3.9'
if (isUnix()) {
// just to trigger the integration test without unit testing
sh "'${mvnHome}/bin/mvn' verify -Dunit-tests.skip=true"
} else {
bat(/"${mvnHome}\bin\mvn" verify -Dunit-tests.skip=true/)
}
}
// cucumber reports collection
cucumber buildStatus: null, fileIncludePattern: '**/cucumber.json', jsonReportDirectory: 'target', sortingMethod: 'ALPHABETICAL'
}
}
stage('Sonar scan execution') {
// Run the sonar scan
steps {
script {
def mvnHome = tool 'Maven 3.3.9'
withSonarQubeEnv {
sh "'${mvnHome}/bin/mvn' verify sonar:sonar -Dintegration-tests.skip=true -Dmaven.test.failure.ignore=true"
}
}
}
}
// waiting for sonar results based into the configured web hook in Sonar server which push the status back to jenkins
stage('Sonar scan result check') {
steps {
timeout(time: 2, unit: 'MINUTES') {
retry(3) {
script {
def qg = waitForQualityGate()
if (qg.status != 'OK') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
}
}
}
stage('Development deploy approval and deployment') {
steps {
script {
if (currentBuild.result == null || currentBuild.result == 'SUCCESS') {
timeout(time: 3, unit: 'MINUTES') {
// you can use the commented line if u have specific user group who CAN ONLY approve
//input message:'Approve deployment?', submitter: 'it-ops'
input message: 'Approve deployment?'
}
timeout(time: 2, unit: 'MINUTES') {
//
if (developmentArtifactVersion != null && !developmentArtifactVersion.isEmpty()) {
// replace it with your application name or make it easily loaded from pom.xml
def jarName = "application-${developmentArtifactVersion}.jar"
echo "the application is deploying ${jarName}"
// NOTE : CREATE your deployemnt JOB, where it can take parameters whoch is the jar name to fetch from jenkins workspace
build job: 'ApplicationToDev', parameters: [[$class: 'StringParameterValue', name: 'jarName', value: jarName]]
echo 'the application is deployed !'
} else {
error 'the application is not deployed as development version is null!'
}
}
}
}
}
}
stage('DEV sanity check') {
steps {
// give some time till the deployment is done, so we wait 45 seconds
sleep(45)
script {
if (currentBuild.result == null || currentBuild.result == 'SUCCESS') {
timeout(time: 1, unit: 'MINUTES') {
script {
def mvnHome = tool 'Maven 3.3.9'
//NOTE : if u change the sanity test class name , change it here as well
sh "'${mvnHome}/bin/mvn' -Dtest=ApplicationSanityCheck_ITT surefire:test"
}
}
}
}
}
}
stage('Release and publish artifact') {
when {
// check if branch is master
branch 'master'
}
steps {
// create the release version then create a tage with it , then push to nexus releases the released jar
script {
def mvnHome = tool 'Maven 3.3.9' //
if (currentBuild.result == null || currentBuild.result == 'SUCCESS') {
def v = getReleaseVersion()
releasedVersion = v;
if (v) {
echo "Building version ${v} - so released version is ${releasedVersion}"
}
// jenkins user credentials ID which is transparent to the user and password change
sshagent(['0000000-3b5a-454e-a8e6-c6b6114d36000']) {
sh "git tag -f v${v}"
sh "git push -f --tags"
}
sh "'${mvnHome}/bin/mvn' -Dmaven.test.skip=true versions:set -DgenerateBackupPoms=false -DnewVersion=${v}"
sh "'${mvnHome}/bin/mvn' -Dmaven.test.skip=true clean deploy"
} else {
error "Release is not possible. as build is not successful"
}
}
}
}
stage('Deploy to Acceptance') {
when {
// check if branch is master
branch 'master'
}
steps {
script {
if (currentBuild.result == null || currentBuild.result == 'SUCCESS') {
timeout(time: 3, unit: 'MINUTES') {
//input message:'Approve deployment?', submitter: 'it-ops'
input message: 'Approve deployment to UAT?'
}
timeout(time: 3, unit: 'MINUTES') {
// deployment job which will take the relasesed version
if (releasedVersion != null && !releasedVersion.isEmpty()) {
// make the applciation name for the jar configurable
def jarName = "application-${releasedVersion}.jar"
echo "the application is deploying ${jarName}"
// NOTE : DO NOT FORGET to create your UAT deployment jar , check Job AlertManagerToUAT in Jenkins for reference
// the deployemnt should be based into Nexus repo
build job: 'AApplicationToACC', parameters: [[$class: 'StringParameterValue', name: 'jarName', value: jarName], [$class: 'StringParameterValue', name: 'appVersion', value: releasedVersion]]
echo 'the application is deployed !'
} else {
error 'the application is not deployed as released version is null!'
}
}
}
}
}
}
stage('ACC E2E tests') {
when {
// check if branch is master
branch 'master'
}
steps {
// give some time till the deployment is done, so we wait 45 seconds
sleep(45)
script {
if (currentBuild.result == null || currentBuild.result == 'SUCCESS') {
timeout(time: 1, unit: 'MINUTES') {
script {
def mvnHome = tool 'Maven 3.3.9'
// NOTE : if you change the test class name change it here as well
sh "'${mvnHome}/bin/mvn' -Dtest=ApplicationE2E surefire:test"
}
}
}
}
}
}
}
post {
// Always runs. And it runs before any of the other post conditions.
always {
// Let's wipe out the workspace before we finish!
deleteDir()
}
success {
sendEmail("Successful");
}
unstable {
sendEmail("Unstable");
}
failure {
sendEmail("Failed");
}
}
// The options directive is for configuration that applies to the whole job.
options {
// For example, we'd like to make sure we only keep 10 builds at a time, so
// we don't fill up our storage!
buildDiscarder(logRotator(numToKeepStr: '5'))
// And we'd really like to be sure that this build doesn't hang forever, so
// let's time it out after an hour.
timeout(time: 25, unit: 'MINUTES')
}
}
def developmentArtifactVersion = ''
def releasedVersion = ''
// get change log to be send over the mail
@NonCPS
def getChangeString() {
MAX_MSG_LEN = 100
def changeString = ""
echo "Gathering SCM changes"
def changeLogSets = currentBuild.changeSets
for (int i = 0; i < changeLogSets.size(); i++) {
def entries = changeLogSets[i].items
for (int j = 0; j < entries.length; j++) {
def entry = entries[j]
truncated_msg = entry.msg.take(MAX_MSG_LEN)
changeString += " - ${truncated_msg} [${entry.author}]\n"
}
}
if (!changeString) {
changeString = " - No new changes"
}
return changeString
}
def sendEmail(status) {
mail(
to: "$EMAIL_RECIPIENTS",
subject: "Build $BUILD_NUMBER - " + status + " (${currentBuild.fullDisplayName})",
body: "Changes:\n " + getChangeString() + "\n\n Check console output at: $BUILD_URL/console" + "\n")
}
def getDevVersion() {
def gitCommit = sh(returnStdout: true, script: 'git rev-parse HEAD').trim()
def versionNumber;
if (gitCommit == null) {
versionNumber = env.BUILD_NUMBER;
} else {
versionNumber = gitCommit.take(8);
}
print 'build versions...'
print versionNumber
return versionNumber
}
def getReleaseVersion() {
def pom = readMavenPom file: 'pom.xml'
def gitCommit = sh(returnStdout: true, script: 'git rev-parse HEAD').trim()
def versionNumber;
if (gitCommit == null) {
versionNumber = env.BUILD_NUMBER;
} else {
versionNumber = gitCommit.take(8);
}
return pom.version.replace("-SNAPSHOT", ".${versionNumber}")
}
// if you want parallel execution , check below :
//stage('Quality Gate(Integration Tests and Sonar Scan)') {
// // Run the maven build
// steps {
// parallel(
// IntegrationTest: {
// script {
// def mvnHome = tool 'Maven 3.3.9'
// if (isUnix()) {
// sh "'${mvnHome}/bin/mvn' verify -Dunit-tests.skip=true"
// } else {
// bat(/"${mvnHome}\bin\mvn" verify -Dunit-tests.skip=true/)
// }
//
// }
// },
// SonarCheck: {
// script {
// def mvnHome = tool 'Maven 3.3.9'
// withSonarQubeEnv {
// // sh "'${mvnHome}/bin/mvn' verify sonar:sonar -Dsonar.host.url=http://bicsjava.bc/sonar/ -Dmaven.test.failure.ignore=true"
// sh "'${mvnHome}/bin/mvn' verify sonar:sonar -Dmaven.test.failure.ignore=true"
// }
// }
// },
// failFast: true)
// }
//}
#!/bin/env groovy
/*
Parameters:
GIT_MAVEN_REPOSITORY - Maven registry to be used when pushing artifacts
GIT_MAVEN_CREDENTIALS_ID - Credentials when using GIT_MAVEN_REPOSITORY
DOCKER_PUSH_REGISTRY - Docker registry to be used when pushing image
DOCKER_PUSH_REGISTRY_CREDENTIALS_ID - Credentials when using DOCKER_PUSH_REGISTRY
*/
pipeline {
// parameters {
// string(name: 'PARAM_1', description: 'parameter #1', defaultValue: 'default_a')
// string(name: 'PARAM_2', description: 'parameter #2')
// string(name: 'PARAM_ONLY_IN_JENKINS_BRANCH', description: 'this param is only present in jenkins branch ')
// string(name: 'PARAM_EXTRA', description: 'en extra param ')
// // string(name: 'GIT_MAVEN_REPOSITORY', description: 'Maven registry to be used when pushing artifacts')
// // string(name: 'GIT_MAVEN_CREDENTIALS_ID', description: 'Credentials when using GIT_MAVEN_REPOSITORY')
// // string(name: 'DOCKER_PUSH_REGISTRY', description: 'Docker registry to be used when pushing image')
// // string(name: 'DOCKER_PUSH_REGISTRY_CREDENTIALS_ID', description: 'Credentials when using DOCKER_PUSH_REGISTRY')
// }
agent any
environment {
POM_GROUP_ID = readMavenPom().getGroupId()
POM_VERSION = readMavenPom().getVersion()
BUILD_RELEASE_VERSION = readMavenPom().getVersion().replace("-SNAPSHOT", "")
GIT_TAG_COMMIT = sh (script: 'git describe --tags --always', returnStdout: true).trim()
//IS_SNAPSHOT = readMavenPom().getVersion().endsWith("-SNAPSHOT")
IS_SNAPSHOT = getMavenVersion().endsWith("-SNAPSHOT")
version_a = getMavenVersion()
}
stages {
stage('Init') {
steps {
echo "version_a: ${env.versiona_a}"
script {println type: IS_SNAPSHOT.getClass()}
echo sh(script: 'env|sort', returnStdout: true)
echo "Variable params: ${params}"
//echo "params.PARAM_1: ${params.PARAM_1}"
}
}
stage('Build') {
when {
expression { false } //disable this stage
}
steps {
sh './mvnw -B clean package -DskipTests'
archive includes: '**/target/*.jar'
stash includes: '**/target/*.jar', name: 'jar'
}
}
}
}
def getMavenVersion() {
return sh(script: "./mvnw org.apache.maven.plugins:maven-help-plugin:2.1.1:evaluate -Dexpression=project.version | grep -v '\\[' | tail -1", returnStdout: true).trim()
}
Some Jenkinsfile examples
#!/usr/bin/env groovy
// scan filesystem for vulnerable log4j files
node {
sh '''
cd "$(mktemp -d)"
git clone https://github.com/mergebase/log4j-detector.git
cd log4j-detector/
java -jar log4j-detector-*.jar $JENKINS_HOME
'''
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment