From 176a300735c7a8e2e1981844b0b6f0569f0d56dc Mon Sep 17 00:00:00 2001 From: Rustam Tagaev Date: Sat, 28 Dec 2024 12:05:06 +0300 Subject: [PATCH] [DO-1444] add_sync_job (!61) Co-authored-by: Rustam Tagaev Reviewed-on: https://git.avroid.tech/DevOps/jenkins-pipelines/pulls/61 Reviewed-by: Denis Patrakeev Reviewed-by: Aleksandr Vodyanov --- jobs-dsl/folders/Cloud.groovy | 5 + .../jobs/Cloud/Automation/repo_sync.groovy | 28 ++++ pipelines/Cloud/Automation/repo-sync.groovy | 149 ++++++++++++++++++ 3 files changed, 182 insertions(+) create mode 100644 jobs-dsl/jobs/Cloud/Automation/repo_sync.groovy create mode 100644 pipelines/Cloud/Automation/repo-sync.groovy diff --git a/jobs-dsl/folders/Cloud.groovy b/jobs-dsl/folders/Cloud.groovy index 2f07870..5b8b227 100644 --- a/jobs-dsl/folders/Cloud.groovy +++ b/jobs-dsl/folders/Cloud.groovy @@ -17,3 +17,8 @@ folder('Cloud/Deploy') { displayName('Deploy') description('Deploy jobs') } + +folder('Cloud/Automation') { + displayName('Automation') + description('Automation jobs') +} diff --git a/jobs-dsl/jobs/Cloud/Automation/repo_sync.groovy b/jobs-dsl/jobs/Cloud/Automation/repo_sync.groovy new file mode 100644 index 0000000..efa1b33 --- /dev/null +++ b/jobs-dsl/jobs/Cloud/Automation/repo_sync.groovy @@ -0,0 +1,28 @@ +pipelineJob('Cloud/Automation/repo-sync') { + description("Sync repo") + definition { + cpsScm { + scm { + git { + remote { + url("${JENKINS_GIT_REPOSITORY_URL}/DevOps/jenkins-pipelines.git") + credentials("${JENKINS_GIT_CREDENTIALS_HTTP}") + } + branch('master') + } + } + scriptPath('pipelines/Cloud/Automation/repo-sync.groovy') + } + } + + properties { + disableConcurrentBuilds() + pipelineTriggers { + triggers { + cron { + spec('H * * * *') + } + } + } + } +} diff --git a/pipelines/Cloud/Automation/repo-sync.groovy b/pipelines/Cloud/Automation/repo-sync.groovy new file mode 100644 index 0000000..662e947 --- /dev/null +++ b/pipelines/Cloud/Automation/repo-sync.groovy @@ -0,0 +1,149 @@ +@Library('shared-lib') _ + +import tech.avroid.kube.PodTemplates +import tech.avroid.scm.Git +import tech.avroid.jenkins.Notifications +import tech.avroid.jenkins.Jenkins + +properties([ + buildDiscarder(logRotator(artifactDaysToKeepStr: '', + artifactNumToKeepStr: '10', + daysToKeepStr: '', + numToKeepStr: '10')), + disableConcurrentBuilds(), + pipelineTriggers([ + cron('H * * * *') + ]) + +]) + +String repoOrg = "Apps-Backend" +String gitUserName = 'jenkins' +String gitUserEmail = 'jenkins@avroid.tech' + +// for push to repo add jenkins user to https://git.avroid.tech/org/Apps-Backend/teams/serviceteam-rw/repositories +List repos = [ + [ + projectName: 'avroid-m-docker', + cloudRepoURL: 'git@git.avroid.cloud:messenger/avroid-m-docker.git', + avroidRepoURL: "${env.JENKINS_GIT_REPOSITORY_SSH_URL}/${repoOrg}/avroid-m-docker.git", + origin: 'avroid-m-docker', + branches: ['dev', 'master'], + cloneBranch: 'master' + ], + [ + projectName: 'avroid-m-backend-api', + cloudRepoURL: 'git@git.avroid.cloud:messenger/avroid-m-backend-api.git', + avroidRepoURL: "${env.JENKINS_GIT_REPOSITORY_SSH_URL}/${repoOrg}/avroid-m-backend-api.git", + origin: 'avroid-m-backend-api', + branches: ['dev', 'master'], + cloneBranch: 'master' + ], + [ + projectName: 'avroid-m-backend-upload', + cloudRepoURL: 'git@git.avroid.cloud:messenger/avroid-m-backend-upload.git', + avroidRepoURL: "${env.JENKINS_GIT_REPOSITORY_SSH_URL}/${repoOrg}/avroid-m-backend-upload.git", + origin: 'avroid-m-backend-upload', + branches: ['dev', 'master'], + cloneBranch: 'master' + ], +] + + +Map configuration = [ + vaultUrl: env.JENKINS_VAULT_URL, + vaultCredentialId: 'vault-role', + engineVersion: 2 +] + +List gitCreds = [ + [path: 'team-devops/accounts/ldap[avroid.cloud]/service_accounts/svc.jenkins', engineVersion: 2, + secretValues: + [ + [envVar: 'cloudKey', vaultKey: 'openssh.private.key'], + ] + ], + [path: 'team-devops/accounts/ldap/service_accounts/svc_jenkins', engineVersion: 2, + secretValues: + [ + [envVar: 'avroidKey', vaultKey: 'openssh.private.key'], + ] + ] +] + +Git git = new Git(this, env.JENKINS_GIT_CREDENTIALS_SSH) +PodTemplates slaveTemplates = new PodTemplates(this, env.JENKINS_DOCKER_REGISTRY, ["${env.JENKINS_K8S_HARBOR_SECRET}"]) + +slaveTemplates.jnlp { + slaveTemplates.git { + try { + withVault([configuration: configuration, vaultSecrets: gitCreds]) { + node(POD_LABEL){ + container('git'){ + ansiColor('xterm') { + stage('Prepare ssh config'){ + sh """#!/bin/sh + # mkdir -p /root/.ssh + echo " + Host git.avroid.cloud + Hostname git.avroid.cloud + IdentityFile ~/.ssh/cloudKey + User git + StrictHostKeyChecking no + UserKnownHostsFile=/dev/null + Host git.avroid.tech + Hostname git.avroid.tech + IdentityFile ~/.ssh/avroidKey + User git + StrictHostKeyChecking no + UserKnownHostsFile=/dev/null + " > ~/.ssh/config + + echo "${avroidKey}" > ~/.ssh/avroidKey + echo "${cloudKey}" > ~/.ssh/cloudKey + + chmod 600 ~/.ssh/*Key + """ + } + stage('Sync repo'){ + repos.each { repo -> + dir(repo.projectName) { + git.clone([urlRepo: repo.avroidRepoURL, branch: repo.cloneBranch]) + + println "Start sync repo ${repo.projectName}" + + git.config(gitUserName, gitUserEmail) + git.remote(origin: repo.origin, url: repo.cloudRepoURL) + + repo.branches.each { branch -> + git.fetch(origin: repo.origin, branch: branch) + git.checkout(origin: 'origin', branch: branch) + git.merge(origin: repo.origin, branch: branch) + git.push(origin: 'origin', branch: branch) + } + } + } + } + } + } + } + } + } catch(err) { + errorMessage = err.getMessage() + + println 'ERROR: ' + errorMessage + + currentBuild.result = 'FAILURE' + + String emailSubject = "${currentBuild.currentResult}. Pipeline task: ${currentBuild.fullDisplayName}" + + Notifications.email( + script: this, + subject: emailSubject, + errorString: errorMessage, + recipientProviders: [], + to: "" + ) + } + } +}