def cicdproject = "${CICD_NAMESPACE}" def appname = "${APP_NAME}" def utv_project = "${UTV_NAMESPACE}" def acc_project = "${ACC_NAMESPACE}" def prod_project = "${PROD_NAMESPACE}" def jenkinsslave = "nodejs15-agent" def dist_path = "dist/apps/mina-sidor-fa" def utilities def REGISTRY = 'nexus.arbetsformedlingen.se:5555' def PROJECT_CONTAINING_IMAGES = "app-af-nexus" def USE_CONFIG_MAP = false def CONFIG_MAP_KEY = "${appname}-config" def CONFIG_MAP_PATH = "./openshift/config-maps/${prod_project}.yaml" pipeline { agent { node {label "${jenkinsslave}"} } environment { CURRENT_COMMIT = getShortCommitHash() BUILD_TAG = "" } stages { stage("Initialize") { steps { echo '### Generating build tag... ###' script { def rootDir = pwd() echo "Current Directory: \"${ rootDir }\"" utilities = load "${ rootDir }/openshift/libs/utilities.groovy" def packageJson = readJSON file: 'package.json' BUILD_TAG = "prod_v${packageJson.version}_${env.BUILD_NUMBER}_${CURRENT_COMMIT}" echo '### Build tag ###' echo "${BUILD_TAG}" } echo '### Build tag generated! ###' } } stage("Install dependencies") { environment { NEXUS_CREDS = "${env.NEXUS_USERNAME}:${env.NEXUS_PASSWORD}" } steps { echo '### Installing dependencies... ###' sh ''' ENCODED=$(echo -n "${NEXUS_CREDS}" | openssl base64) CACHE_DIRECTORY=/home/jenkins/.npm/cache mkdir -p ${CACHE_DIRECTORY} echo "_auth=${ENCODED}" >> .npmrc # set -x cat .npmrc # Pull from cache if it exists ( # Fail if any step fail set -e # Remove line 3 from package-lock, which contain the package.json version. Store backup. # We only care about dependencies, not the version sed -i.bak -e '3d' package-lock.json # Hash the package-lock.json file sha1sum package-lock.json | tr -s " " | awk '{print $1}' > hashed.pkg-lock # Restore package-lock.json with version number intact mv package-lock.json.bak package-lock.json # Try to get the file from cache cp ${CACHE_DIRECTORY}/$(cat hashed.pkg-lock) node_modules.tar.gz 2> /dev/null # Check if we found the cached node_modules test -f node_modules.tar.gz # If we found the cached node_modules, extract the files to node_modules (test -f node_modules.tar.gz && tar -zxf node_modules.tar.gz && echo "Using cached node_modules from ${CACHE_DIRECTORY}/$(cat hashed.pkg-lock)") || echo "No cached node_modules.tar.gz found" # Echo to the logs stating that we are using cache echo "Using cached node_modules from ${CACHE_DIRECTORY}/$(cat hashed.pkg-lock)" ) || true # If we did not find the cached node_modules, install from the lock test -f node_modules.tar.gz || npm ci; # Store cache ( # Fail if any step fail set -e # Only update the cache if we found no previous cache test ! -f node_modules.tar.gz # Tar the cache tar -zcf node_modules.tar.gz node_modules # Clean old cache rm -rf ${CACHE_DIRECTORY}/* # Store the cache cp node_modules.tar.gz ${CACHE_DIRECTORY}/$(cat hashed.pkg-lock) ) || true ''' echo '### Dependencies installed! ###' } } stage("Build application") { environment { NGINX_PATH = "${dist_path}/." BUILD_TAG = "${BUILD_TAG}" } steps { echo '### Building application... ###' sh ''' npm run build:prod -- --version ${BUILD_TAG} cp -r nginx/* ${NGINX_PATH} ''' echo '### Application built! ###' } } stage('App bake') { steps { echo '### Creating image... ###' script { openshift.withCluster() { openshift.withProject(utv_project) { openshift.selector("bc", "${ appname }").startBuild("--from-dir=${dist_path}", "--wait=true") openshift.tag("${ appname }:latest", "${ appname }:${BUILD_TAG}") } } } echo '### Image created! ###' } } stage('Push image to External registry') { agent { label 'skopeo-agent' } steps { echo '### Publishing image to external registry... ###' script { def branchName = GIT_BRANCH.split('/')[1] openshift.withCluster() { openshift.withProject(cicdproject) { def registry = "nexus.arbetsformedlingen.se:5555" withCredentials([usernamePassword(credentialsId: "${openshift.project()}-nexus-secret", usernameVariable: "REG_USER", passwordVariable: "REG_PWD")]) { sh "skopeo copy docker://docker-registry.default.svc:5000/${utv_project}/${appname}:${BUILD_TAG} docker://${registry}/app-af-nexus/${appname}:${BUILD_TAG} --src-creds jenkins:\$(oc whoami -t) --dest-creds \"$REG_USER:$REG_PWD\" --src-tls-verify=false --dest-tls-verify=false --format v2s2" } } } } echo '### Image published to external registry! ###' } } stage('Deploy to production') { steps { echo '### Trying to deploy to prod... ###' script { openshift.withCluster() { utilities.defineAuth() } openshift.withCluster( env.API, env.TOKEN ) { openshift.withProject(prod_project) { // Wait for approval timeout(time:24, unit:'HOURS') { // changed from 1440 input message: "Go Live with ${ appname } in Production?", ok: "Confirm" def label = "${BUILD_TAG}" utilities.rollout("${ appname }", "${ appname }", "${BUILD_TAG}", label, PROJECT_CONTAINING_IMAGES, REGISTRY, USE_CONFIG_MAP, "${ CONFIG_MAP_KEY }", CONFIG_MAP_PATH) } } } } } } } } def getShortCommitHash() { return sh(returnStdout: true, script: "git log -n 1 --pretty=format:'%h'").trim() }