-
Notifications
You must be signed in to change notification settings - Fork 15
/
Jenkinsfile-opendata
114 lines (114 loc) · 4.93 KB
/
Jenkinsfile-opendata
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
pipeline {
options {
timestamps()
}
parameters {
string(name: 'BUILD_VERSION', defaultValue: '', description: 'The build version to deploy (optional)')
string(name: 'ENVIRONMENT', defaultValue: 'ci', description: 'Role Name (mandatory)')
}
agent {
label 'ncats && build'
}
triggers {
pollSCM('H/5 * * * *')
}
environment {
PROJECT_NAME = "odp"
DOCKER_REPO_NAME = "registry.ncats.nih.gov:5000/adme"
INIT_TOKEN = credentials('Vault-Access') // OIDC provider this token is Auto Generated //
SPHINX_TOKEN = credentials('ncatssvcdvops-sphinx') // PatToken Read Only Access for the DevOps Artifacts Repo https://github.com/Sphinx-Automation/devops-pipeline-artifacts.git //
ROLE_NAME = "$ENVIRONMENT-$PROJECT_NAME" // Role Name is Mandatory Variable for Vault //
APP_TYPE = "adme"
}
stages {
stage('Docker/Apps getSecrets By Role') {
steps {
cleanWs()
checkout scm
script {
sh '''
### Cloning the repo from DevOps Artifacts Repository Repo ###
git clone https://[email protected]/Sphinx-Automation/devops-pipeline-artifacts.git
### Running the script with Env specific to Authenticate Vault & Get Application Secrets for Docker Token###
cd devops-pipeline-artifacts/application
/bin/bash getNcatsDockerSecretsByRole.sh
/bin/bash getAppSecretsByRole.sh
'''
}
}
}
stage('Build Version') {
when {
expression {
return !params.BUILD_VERSION
}
}
steps{
script {
BUILD_VERSION_GENERATED = VersionNumber(
versionNumberString: 'v${BUILD_YEAR, XX}.${BUILD_MONTH, XX}${BUILD_DAY, XX}.${BUILDS_TODAY}',
projectStartDate: '1970-01-01',
skipFailedBuilds: true)
currentBuild.displayName = BUILD_VERSION_GENERATED
env.BUILD_VERSION = BUILD_VERSION_GENERATED
env.BUILD = 'true'
}
}
}
stage('Build') {
when {
expression {
// Skip build when a specific version is provided
return !params.BUILD_VERSION
}
}
steps {
configFileProvider([
configFile(fileId: 'prepare.sh', targetLocation: 'prepare.sh')
]){
script {
withEnv([
"IMAGE_NAME=adme",
"BUILD_VERSION=" + (params.BUILD_VERSION ?: env.BUILD_VERSION)
]) {
checkout scm
sh '''#!/bin/bash
source prepare.sh
docker login https://registry.ncats.nih.gov:5000 -u "${DOCKERLOGIN}" -p "${DOCKERPASSWORD}"
docker build --no-cache -f ./Dockerfile-opendata --build-arg BUILD_VERSION=${BUILD_VERSION} -t ${DOCKER_REPO_NAME} .
docker tag ${DOCKER_REPO_NAME}:latest ${DOCKER_REPO_NAME}:${BUILD_VERSION}
docker push ${DOCKER_REPO_NAME}:${BUILD_VERSION}
'''
}
}
}
}
}
stage('deploy docker') {
agent {
node { label 'ncats && dpi && ci && odp-api-python'}
}
steps {
//cleanWs()
checkout scm
configFileProvider([
configFile(fileId: 'dev-docker-compose.yaml', targetLocation: 'docker-compose.yaml'),
configFile(fileId: 'config.json', targetLocation: 'config.json'),
configFile(fileId: 'deploy.sh', targetLocation: 'deploy.sh')
]) {
sh """
chmod 755 config.json
/bin/bash deploy.sh
docker-compose -p $PROJECT_NAME down -v --rmi all | xargs echo
docker pull $DOCKER_REPO_NAME:$BUILD_VERSION
docker rmi $DOCKER_REPO_NAME:latest | xargs echo
docker tag $DOCKER_REPO_NAME:$BUILD_VERSION $DOCKER_REPO_NAME:latest
docker-compose -p $PROJECT_NAME up -d
docker start nginx-gen | xargs echo
docker rmi \$(docker images -aq) | xargs echo
"""
}
}
}
}
}