From d7cc254692358b7553181b4d6da1e05eef0951bc Mon Sep 17 00:00:00 2001 From: Ilya Zaharenkov Date: Wed, 25 Dec 2024 16:12:32 +0300 Subject: [PATCH] [DO-1357] add deploy job from cloud-messenger-core-api (!57) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - добавлена джоба для деплоя cloud-messenger-core-api Co-authored-by: Ilya Zaharenkov Co-authored-by: Denis Patrakeev Reviewed-on: https://git.avroid.tech/DevOps/jenkins-pipelines/pulls/57 Reviewed-by: Rustam Tagaev Reviewed-by: Denis Patrakeev --- .../cloud_messenger_core_api_deploy.groovy | 87 +++++++++ .../cloud-messenger-core-api.groovy | 14 +- .../cloud-messenger-core-api-deploy.groovy | 169 ++++++++++++++++++ 3 files changed, 269 insertions(+), 1 deletion(-) create mode 100644 jobs-dsl/jobs/Cloud/Deploy/cloud_messenger_core_api_deploy.groovy create mode 100644 pipelines/Cloud/Deploy/cloud-messenger-core-api-deploy.groovy diff --git a/jobs-dsl/jobs/Cloud/Deploy/cloud_messenger_core_api_deploy.groovy b/jobs-dsl/jobs/Cloud/Deploy/cloud_messenger_core_api_deploy.groovy new file mode 100644 index 0000000..a05c340 --- /dev/null +++ b/jobs-dsl/jobs/Cloud/Deploy/cloud_messenger_core_api_deploy.groovy @@ -0,0 +1,87 @@ +pipelineJob('Cloud/Deploy/cloud-messenger-core-api-deploy') { + logRotator { + numToKeep(10) + artifactNumToKeep(10) + } + + parameters { + choice { + name('ENV') + choices(['DEV']) + description('Select one of environments') + } + choiceParameter { + name('APP_VERSION') + randomName('') + filterable(true) + filterLength(1) + script { + groovyScript { + fallbackScript { + script('') + sandbox(false) + } + script { + sandbox(false) + script( +""" +import groovy.json.JsonSlurperClassic +import groovy.json.model.* +import com.cloudbees.plugins.credentials.CredentialsProvider +import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials +import java.util.regex.Pattern + +def createGetHttpClient(String url, String jenkinsCreds) { + def jenkinsCredentials = CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class) + def credentials = jenkinsCredentials.findResult { it.id == jenkinsCreds ? it : null } + String auth = credentials.username + ":" + credentials.password; + String encodedAuth = Base64.getEncoder().encodeToString(auth.getBytes("utf-8")); + String authHeaderValue = "Basic " + encodedAuth; + def httpClient = new URL(url).openConnection() as HttpURLConnection + httpClient.setRequestMethod('GET'); + httpClient.setRequestProperty("Authorization", authHeaderValue); + httpClient.setRequestProperty("Accept", "application/json"); + return httpClient +} + +String harborApiUrl = "https://${JENKINS_DOCKER_REGISTRY}/api/v2.0/projects/cloud/repositories/cloud-messenger-core-api/" + + "artifacts?page=1&page_size=100&with_tag=true&sort=-push_time" + +def httpClientHarbor = createGetHttpClient(harborApiUrl, "${JENKINS_HARBOR_CREDENTIALS}") +httpClientHarbor.connect() + +List imageVersions = [] +def harborResponse = new JsonSlurperClassic().parseText(httpClientHarbor.inputStream.text) + +harborResponse.each { image -> + image.tags.each { tag -> + imageVersions.add(tag.name) + } +} + +return imageVersions +""" + ) + } + } + } + choiceType('PT_SINGLE_SELECT') + } + + } + + definition { + cpsScm { + scm { + git { + remote { + url("${JENKINS_GIT_REPOSITORY_URL}/DevOps/jenkins-pipelines.git") + credentials("${JENKINS_GIT_CREDENTIALS_HTTP}") + } + branch('master') + } + } + scriptPath('pipelines/Cloud/Deploy/cloud-messenger-core-api-deploy.groovy') + } + } +} diff --git a/pipelines/Cloud/Apps-Backend/cloud-messenger-core-api.groovy b/pipelines/Cloud/Apps-Backend/cloud-messenger-core-api.groovy index 9ffb6dc..660feda 100644 --- a/pipelines/Cloud/Apps-Backend/cloud-messenger-core-api.groovy +++ b/pipelines/Cloud/Apps-Backend/cloud-messenger-core-api.groovy @@ -19,6 +19,7 @@ String dockerGroup = 'cloud' String dockerProject = 'cloud-messenger-core-api' String projectSettingFile = 'pyproject.toml' Map gitVars = [:] +String tag = '' Map configuration = [ vaultUrl: env.JENKINS_VAULT_URL, @@ -62,8 +63,9 @@ slaveTemplates.jnlp { Map props = readTOML file: projectSettingFile String version = props.tool.poetry.version + tag = "${version}-${gitVars.GIT_COMMIT.take(5)}" String imageName = "${env.JENKINS_DOCKER_REGISTRY}/" + - "${dockerGroup}/${dockerProject}:${version}-${gitVars.GIT_COMMIT.take(5)}" + "${dockerGroup}/${dockerProject}:${tag}" stage('build image'){ sh """#!/bin/sh @@ -80,6 +82,16 @@ slaveTemplates.jnlp { """ } } + stage('deploy application'){ + if (git.getBranch() == publishBranch){ + build job: 'Cloud/Deploy/cloud-messenger-core-api-deploy', + parameters: [ + string(name: 'ENV', value: 'DEV'), + string(name: 'APP_VERSION', value: tag) + ], + wait: false + } + } } } } diff --git a/pipelines/Cloud/Deploy/cloud-messenger-core-api-deploy.groovy b/pipelines/Cloud/Deploy/cloud-messenger-core-api-deploy.groovy new file mode 100644 index 0000000..e13cbd6 --- /dev/null +++ b/pipelines/Cloud/Deploy/cloud-messenger-core-api-deploy.groovy @@ -0,0 +1,169 @@ +@Library('shared-lib') _ + +import tech.avroid.kube.PodTemplates +import tech.avroid.scm.Git +import tech.avroid.jenkins.Notifications +import tech.avroid.jenkins.Jenkins + +String projectName = 'cloud' // Replace with your Harbor project name +String repositoryName = 'cloud-messenger-core-api' // Replace with your Harbor repository name +String pageSize = 100 // maximum number of artifacts to return 100 +String apiUrl = "https://${JENKINS_DOCKER_REGISTRY}/api/v2.0/projects/${projectName}" + + "/repositories/${repositoryName}/artifacts" +Map queryParams = [ + 'with_tag' : 'true', + 'with_label' : 'false', + 'with_scan_overview' : 'false', + 'with_signature' : 'false', + 'with_immutable_status' : 'false', + 'sort' : '-push_time', + 'page_size' : pageSize.toString(), + 'page' : '1' +] + +String queryString = queryParams.collect { k, v -> "${k}=${v}" }.join('&') +String requestUrl = "${apiUrl}?${queryString}" + + + +withCredentials([usernamePassword(credentialsId: "${JENKINS_HARBOR_CREDENTIALS}", + usernameVariable: 'HARBOR_USER', passwordVariable: 'HARBOR_PASSWORD')]) { + harborLogin = HARBOR_USER.replaceAll('\\$', '\\\\\\$') + harborPassword = HARBOR_PASSWORD +} + + +properties([ + buildDiscarder(logRotator(artifactDaysToKeepStr: '', + artifactNumToKeepStr: '10', + daysToKeepStr: '', + numToKeepStr: '10')), + disableConcurrentBuilds(), + parameters([ + choice( + name: 'ENV', + choices: ['DEV'], + description: 'Select one of environments' + ), + [$class: 'ChoiceParameter', + choiceType: 'PT_SINGLE_SELECT', + filterLength: 1, + filterable: true, + name: 'APP_VERSION', + script: [$class: 'GroovyScript', + script: [sandbox: false, script: """ +import groovy.json.JsonSlurperClassic +import groovy.json.model.* +import com.cloudbees.plugins.credentials.CredentialsProvider +import com.cloudbees.plugins.credentials.common.StandardUsernamePasswordCredentials +import java.util.regex.Pattern + +def createGetHttpClient(String url, String jenkinsCreds) { + def jenkinsCredentials = CredentialsProvider.lookupCredentials(StandardUsernamePasswordCredentials.class) + def credentials = jenkinsCredentials.findResult { it.id == jenkinsCreds ? it : null } + String auth = credentials.username + ":" + credentials.password; + String encodedAuth = Base64.getEncoder().encodeToString(auth.getBytes("utf-8")); + String authHeaderValue = "Basic " + encodedAuth; + def httpClient = new URL(url).openConnection() as HttpURLConnection + httpClient.setRequestMethod('GET'); + httpClient.setRequestProperty("Authorization", authHeaderValue); + httpClient.setRequestProperty("Accept", "application/json"); + return httpClient +} + +String harborApiUrl = "https://${JENKINS_DOCKER_REGISTRY}/api/v2.0/projects/cloud/repositories/cloud-messenger-core-api/" + + "artifacts?page=1&page_size=100&with_tag=true&sort=-push_time" + +def httpClientHarbor = createGetHttpClient(harborApiUrl, "${JENKINS_HARBOR_CREDENTIALS}") +httpClientHarbor.connect() + +List imageVersions = [] +def harborResponse = new JsonSlurperClassic().parseText(httpClientHarbor.inputStream.text) + +harborResponse.each { image -> + image.tags.each { tag -> + imageVersions.add(tag.name) + } +} + +return imageVersions +"""]], + ] + ]) + +]) + + +String repoPath = 'Apps-Backend/cloud-messenger-core-api.git' +String branch = 'develop' +String valuesPath = ".helm/values.${params.ENV.toLowerCase()}.yaml" +String namespace = "cloud-messenger-${params.ENV.toLowerCase()}" + + +String helmChart = 'helm-cloud-messenger-core-api' +String helmRepoPath = 'avroid/helm-cloud-messenger-core-api' +String helmRepo = "${env.JENKINS_NEXUS_URL}/repository/avroid-charts" + + +Map configuration = [ + vaultUrl: env.JENKINS_VAULT_URL, + vaultCredentialId: "${JENKINS_VAULT_TOKEN}", + engineVersion: 2 +] + +List dockerCreds = [ + [path: 'team-devops/services/ci-cd/Jenkins/jenkins.avroid.tech', engineVersion: 2, + secretValues: + [ + [vaultKey: 'k8s_jenkins_deploy_token'], + ] + ] +] + +Git git = new Git(this, env.JENKINS_GIT_CREDENTIALS_SSH) +PodTemplates slaveTemplates = new PodTemplates(this, env.JENKINS_DOCKER_REGISTRY, + ["${env.JENKINS_K8S_HARBOR_SECRET}"]) + +slaveTemplates.jnlp { + slaveTemplates.helm { + try { + node(POD_LABEL){ + withVault([configuration: configuration, vaultSecrets: dockerCreds]) { + stage('get repo with values'){ + gitVars = git.clone([urlRepo: "${env.JENKINS_GIT_REPOSITORY_SSH_URL}/${repoPath}", + branch: branch]) + } + container('helm'){ + stage('deploy'){ + echo "Deploying version ${env.APP_VERSION} to ${namespace} namespace" + sh """#!/bin/sh + helm repo add avroid ${helmRepo} + helm -n ${namespace} upgrade -f ${valuesPath} \ + --set image.tag=${env.APP_VERSION} \ + --install ${helmChart} ${helmRepoPath} + """ + } + } + } + } + } catch(err) { + errorMessage = err.getMessage() + + println 'ERROR: ' + errorMessage + + currentBuild.result = 'FAILURE' + + String currentBuildUser = Jenkins.GetCurrentBuildUser(script: this) + String emailSubject = "${currentBuild.currentResult}. " + + "Pipeline task: ${currentBuild.fullDisplayName}" + + Notifications.email( + script: this, + subject: emailSubject, + errorString: errorMessage, + recipientProviders: [], + to: "${currentBuildUser}@avroid.team" + ) + } + } +} \ No newline at end of file