@Library('shared-lib') _

import tech.avroid.api.Nexus
import tech.avroid.scm.Git

Nexus nexus = new Nexus(this, env.JENKINS_NEXUS_URL, env.JENKINS_NEXUS_CREDENTIALS)
String buildThreads = '16'
String svaceVersion = '3.4.240109'
String svacerVersion = '8-0-0'
String svaceCmd = "/data/opt/svace-${svaceVersion}-x64-linux/bin/svace"
String svacerCmd = "/data/opt/svacer-${svacerVersion}/bin/svacer"
String svaceBuildResult = ''
String commitShortSha = ''
String svaceResultsDir = 'svace_analysis'
String ldapServer = 'FreeIPA'

properties([
    buildDiscarder(logRotator(artifactNumToKeepStr: '50',
                              numToKeepStr: '50')),
    parameters([
        string(name: 'GIT_PROJECT', defaultValue: ''),
        string(name: 'BRANCH', defaultValue: ''),
        string(name: 'COMMIT_SHA', defaultValue: ''),
        string(name: 'SVACE_BUILD_RESULTS_LINK', defaultValue: '')
    ])
])

node('svace') {
    try {
        stage('env') {
            println "Using agent ${env.NODE_NAME} (${env.JENKINS_URL})"
            println "param GIT_PROJECT ${params.GIT_PROJECT}"
            println "param BRANCH ${params.BRANCH}"
            println "param COMMIT_SHA ${params.COMMIT_SHA}"
            println "param SVACE_BUILD_RESULTS_LINK ${params.SVACE_BUILD_RESULTS_LINK}"
            println "WORKSPACE: ${env.WORKSPACE}"
            sh 'printenv'
        }

        stage('download') {
            Git git = new Git(this, env.JENKINS_GIT_CREDENTIALS_SSH)
            
            git.clone([
                       urlRepo: "${env.JENKINS_GIT_REPOSITORY_SSH_URL}/${params.GIT_PROJECT}",
                       branch: params.BRANCH,
                       path: "${env.WORKSPACE}/${params.GIT_PROJECT}",
                       ])
            svaceBuildResults = nexus.download(params.SVACE_BUILD_RESULTS_LINK)
            commitShortSha = (params.COMMIT_SHA) ? params.COMMIT_SHA : git.log([count:1, format: "%h"])
            println "commitShortSha ${commitShortSha}"
            dir("${env.WORKSPACE}/${params.GIT_PROJECT}") {
                git.checkout(commitShortSha)
            }
        }

        stage('Svace analyze') {
            sh """
                tar -xf ${svaceBuildResults}
                ${svaceCmd} config --svace-dir ./${svaceResultsDir} THREAD_NUMBER ${buildThreads}
                ${svaceCmd} analyze --log-level brief --svace-dir ./${svaceResultsDir}
            """
        }
        
        stage('Upload result') {
            withCredentials([usernamePassword(
                                              credentialsId: env.JENKINS_SVACER_CREDENTIALS,
                                              usernameVariable: 'SVACER_USER',
                                              passwordVariable: 'SVACER_PASS'
                                             )]) {
                sh """
                    cd ${svaceResultsDir}
                    ${svacerCmd} import --svace ${svaceCmd} \
                                        --project ${params.GIT_PROJECT} \
                                        --branch ${params.BRANCH} \
                                        --snapshot "${commitShortSha} - `date -R`" \
                                        --source-tree ${env.WORKSPACE}/${params.GIT_PROJECT}

                    ${svacerCmd} upload --ssl \
                                        --user ${SVACER_USER} \
                                        --password ${SVACER_PASS} \
                                        -ldap_server ${ldapServer}
                """
            }
        }
    }
    catch(err) {
        echo 'ERROR: ' + err.getMessage()
        currentBuild.result = 'FAILURE'
    } finally {
        cleanWs()
    }
}