Commit d0e2903f: migrated Jenkinsfile and vars/ shared library to Jenkins repo

migrated Jenkinsfile and vars/ shared library to Jenkins repo

d0e2903f

Hari Sekhon

committed Jan 17, 2022

Files

Details



	vars
	argoDeploy.groovy
	build.groovy
	cloudBuild.groovy
	cloudflarePurgeCache.groovy
	deploy.groovy
	downloadKustomize.groovy
	gitMerge.groovy
	gitMergePipeline.groovy
	gitOpsK8sUpdate.groovy
	grype.groovy
	humanGate.groovy
	liquibaseStatus.groovy
	liquibaseUpdate.groovy
	loadScript.groovy
	parameterizedPipeline.groovy
	printEnv.groovy
	README.md
	solrReIndex.groovy
	terraformApply.groovy
	terraformInit.groovy
	terraformPlan.groovy
	terraformRefreshState.groovy
	terragruntApply.groovy
	terragruntInit.groovy
	terragruntPlan.groovy
	terragruntRefreshState.groovy
	tfsec.groovy
	trivy.groovy
	Jenkinsfile

argoDeploy.groovy

-42

/vars/argoDeploy.groovy

View

// Author: Hari Sekhon

// Date: 2021-09-01 14:07:59 +0100 (Wed, 01 Sep 2021)

// vim:ts=2:sts=2:sw=2:et

// https://github.com/HariSekhon/templates

// License: see accompanying Hari Sekhon LICENSE file

// If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish

// https://www.linkedin.com/in/HariSekhon

// Required Environment Variables to be set in environment{} section of Jenkinsfile, see top level Jenkinsfile template

// APP

// ENVIRONMENT

// ARGOCD_SERVER

// ARGOCD_AUTH_TOKEN

def call(timeoutMinutes=10){

milestone ordinal: 100, label: "Milestone: Argo Deploy"

echo "Deploying app '$APP' via ArgoCD"

String deploymentLock = "Deploying ArgoCD - App '$APP', Environment: " + "$ENVIRONMENT".capitalize()

int timeoutSeconds = timeoutMinutes * 60

lock(resource: deploymentLock, inversePrecedence: true){

label 'ArgoCD Deploy'

container('argocd') {

timeout(time: timeoutMinutes, unit: 'MINUTES') {

sh """#!/bin/bash

set -euxo pipefail

argocd app sync "$APP" --grpc-web --force

argocd app wait "$APP" --grpc-web --timeout "$timeoutSeconds"

"""

}

build.groovy

-31

/vars/build.groovy

View

// Author: Hari Sekhon

// Date: 2021-04-30 15:25:01 +0100 (Fri, 30 Apr 2021)

// vim:ts=2:sts=2:sw=2:et

// https://github.com/HariSekhon/Templates

// License: see accompanying Hari Sekhon LICENSE file

// If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish

// https://www.linkedin.com/in/HariSekhon

def call(){

echo "Building from branch '${env.GIT_BRANCH}' for '" + "${env.ENVIRONMENT}".capitalize() + "' Environment"

milestone ordinal: 10, label: "Milestone: Build"

echo "Running Job '${env.JOB_NAME}' Build ${env.BUILD_ID} on ${env.JENKINS_URL}"

timeout(time: 1, unit: 'MINUTES') {

sh script: 'env | sort', label: 'Environment'

}

retry(2){

timeout(time: 40, unit: 'MINUTES') {

// script from DevOps Bash tools repo

// external script needs to exist in the source repo, not the shared library repo

sh 'gcp_ci_build.sh'

}

cloudBuild.groovy

-46

/vars/cloudBuild.groovy

View

// Author: Hari Sekhon

// Date: 2021-09-01 12:50:03 +0100 (Wed, 01 Sep 2021)

// vim:ts=2:sts=2:sw=2:et

// https://github.com/HariSekhon/templates

// License: see accompanying Hari Sekhon LICENSE file

// If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish

// https://www.linkedin.com/in/HariSekhon

// Required Environment Variables to be set in environment{} section of Jenkinsfile, see top level Jenkinsfile template

// CLOUDSDK_CORE_PROJECT

// GCP_SERVICEACCOUNT_KEY

// GCR_REGISTRY

// DOCKER_IMAGE

// GIT_COMMIT - provided automatically by Jenkins

def call(timeoutMinutes=60){

echo "Building from branch '${env.GIT_BRANCH}' for '" + "${env.ENVIRONMENT}".capitalize() + "' Environment"

milestone ordinal: 10, label: "Milestone: Build"

echo "Running Job '${env.JOB_NAME}' Build ${env.BUILD_ID} on ${env.JENKINS_URL}"

int timeoutSeconds = timeoutMinutes * 60

retry(2){

timeout(time: "$timeoutMinutes", unit: 'MINUTES') {

echo 'Running GCP CloudBuild'

withEnv(["TIMEOUT_SECONDS=$timeoutSeconds"]) {

sh '''#!/bin/bash

set -euxo pipefail

echo "$GCP_SERVICEACCOUNT_KEY" | base64 --decode > credentials.json

gcloud auth activate-service-account --key-file=credentials.json

rm -f credentials.json

if [ -z "$(gcloud container images list-tags "$DOCKER_IMAGE" --filter="tags:$GIT_COMMIT" --format=text)" ]; then

gcloud builds submit --project="$CLOUDSDK_CORE_PROJECT" --substitutions _REGISTRY="$GCR_REGISTRY",_IMAGE_VERSION="$GIT_COMMIT" --timeout=$TIMEOUT_SECONDS

'''

}

cloudflarePurgeCache.groovy

-30

/vars/cloudflarePurgeCache.groovy

View

// Author: Hari Sekhon

// Date: 2021-04-30 15:25:01 +0100 (Fri, 30 Apr 2021)

// vim:ts=2:sts=2:sw=2:et

// https://github.com/HariSekhon/Templates

// License: see accompanying Hari Sekhon LICENSE file

// If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish

// https://www.linkedin.com/in/HariSekhon

def call(){

String cloudflareCachePurgeLock = "Cloudflare Purge Cache - '" + "${env.ENVIRONMENT}".capitalize() + "' Environment"

echo "Acquiring Cloudflare Cache Purge Lock: $cloudflareCachePurgeLock"

lock(resource: cloudflareCachePurgeLock, inversePrecedence: true){

milestone ordinal: 110, label: "Milestone: Cloudflare Purge Cache"

retry(2){

timeout(time: 1, unit: 'MINUTES') {

// script from DevOps Bash tools repo

// external script needs to exist in the source repo, not the shared library repo

sh 'cloudflare_purge_cache.sh'

}

deploy.groovy

-31

/vars/deploy.groovy

View

// Author: Hari Sekhon

// Date: 2021-04-30 15:25:01 +0100 (Fri, 30 Apr 2021)

// vim:ts=2:sts=2:sw=2:et

// https://github.com/HariSekhon/Templates

// License: see accompanying Hari Sekhon LICENSE file

// If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish

// https://www.linkedin.com/in/HariSekhon

def call(){

echo "Deploying '" + "${env.ENVIRONMENT}".capitalize() + "' from branch '${env.GIT_BRANCH}'"

String deploymentLock = "Deploy K8s Apps - " + "${env.ENVIRONMENT}".capitalize() + " Environment"

echo "Acquiring Deployment Lock: $deploymentLock"

lock(resource: deploymentLock, inversePrecedence: true){

milestone ordinal: 30, label: "Milestone: Deploy"

retry(2){

timeout(time: 20, unit: 'MINUTES') {

// script from DevOps Bash tools repo

// external script needs to exist in the source repo, not the shared library repo

sh 'gcp_ci_k8s_deploy.sh'

}

downloadKustomize.groovy

-32

/vars/downloadKustomize.groovy

View

// Author: Hari Sekhon

// Date: 2021-09-01 11:57:48 +0100 (Wed, 01 Sep 2021)

// vim:ts=2:sts=2:sw=2:et

// https://github.com/HariSekhon/Templates

// License: see accompanying Hari Sekhon LICENSE file

// If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish

// https://www.linkedin.com/in/HariSekhon

// There is now a harisekhon/git-kustomize docker image to avoid re-downloading kustomize for every pipeline run and reuse docker image caching

// See top-level Jenkinsfile and adjacent gitOpsK8sUpdate.groovy

def call(version='4.3.0'){

timeout(time: 2, unit: 'MINUTES') {

sh script: """#!/bin/bash

set -euxo pipefail

echo "Downloading Kustomize version $version"

curl -sSL -o /tmp/kustomize.\$\$.tgz https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv${version}/kustomize_v${version}_linux_amd64.tar.gz

tar zxvf /tmp/kustomize.\$\$.tgz kustomize -O > /tmp/kustomize.\$\$

chmod +x /tmp/kustomize.\$\$

mv -iv /tmp/kustomize.\$\$ /usr/local/bin/kustomize

"""

}