jenkins-pipelines/pipelines/Cloud/Apps-Backend/msg-auth.groovy

@Library('shared-lib') _

import tech.avroid.kube.PodTemplates
import tech.avroid.scm.Git

properties([
    buildDiscarder(logRotator(daysToKeepStr: '10',
                              numToKeepStr: '10')),
    disableConcurrentBuilds()
])

Git git = new Git(this, env.JENKINS_GIT_CREDENTIALS_SSH)

String repoPath = 'Apps-Backend/msg-auth.git'

Map envBranch = [
    'DEV': 'develop',
    // 'TEST': 'test'
]

String dockerGroup = 'cloud'
String dockerProject = 'msg-auth'
String projectSettingFile = 'pyproject.toml'
Map gitVars = [:]
String tag = ''
String branch = git.getBranch()
String publishBranch = envBranch.find { it.value == branch }?.value

Map configuration = [
    vaultUrl: env.JENKINS_VAULT_URL,
    vaultCredentialId: env.JENKINS_VAULT_TOKEN,
    engineVersion: 2
]

List dockerCreds = [
  [path: 'team-devops/services/registry/Harbor/harbor.avroid.tech', engineVersion: 2,
  secretValues:
    [
      [vaultKey: 'service.user.jenkins.ci.login'],
      [vaultKey: 'service.user.ci.token'],
    ]
  ]
]

slaveTemplates = new PodTemplates(this, env.JENKINS_DOCKER_REGISTRY, ["${env.JENKINS_K8S_HARBOR_SECRET}"])

slaveTemplates.jnlp {
    slaveTemplates.poetry {
        slaveTemplates.docker {
            node(POD_LABEL){

                stage('Download sources') {
                    gitVars = git.clone([urlRepo: "${env.JENKINS_GIT_REPOSITORY_SSH_URL}/${repoPath}",
                                        branch: branch])
                }

                stage('prepare app'){
                    container('poetry'){
                        sh 'make setup'
                    }
                }

                withVault([configuration: configuration, vaultSecrets: dockerCreds]) {
                    String ciUser = getProperty('service.user.jenkins.ci.login')
                    String dockerToken = getProperty('service.user.ci.token')

                    container('docker'){
                        Map props = readTOML file: projectSettingFile

                        String version = props.tool.poetry.version
                        tag = "${version}-${gitVars.GIT_COMMIT.take(5)}"
                        currentBuild.description = tag

                        String imageName = "${env.JENKINS_DOCKER_REGISTRY}/" +
                                           "${dockerGroup}/${dockerProject}:${tag}"

                        docker.withRegistry("https://${env.JENKINS_DOCKER_REGISTRY}", env.JENKINS_HARBOR_CREDENTIALS) {
                            stage('build image and push'){
                                Object buildImage = docker.build(imageName,
                                    "--build-arg PIP_INDEX_URL=${env.JENKINS_PIP_INDEX_URL} -f Dockerfile ."
                                )

                                if (publishBranch != null && publishBranch.contains(branch)) {
                                    buildImage.push()
                                }
                            }
                        }

                        stage('deploy application'){
                            if (publishBranch != null && publishBranch.contains(branch)){
                                build job: 'Cloud/Deploy/Backend/msg-auth-deploy',
                                      parameters: [
                                          string(name: 'ENV', value: envBranch.find { it.value == branch }?.key ),
                                          string(name: 'APP_VERSION', value: tag)
                                      ],
                                      wait: false
                            }
                        }
                    }
                }
            }
        }
    }
}