From 040453bd909e10197c8ca6aae96ca167d692af85 Mon Sep 17 00:00:00 2001 From: "aleksandr.vodyanov" Date: Mon, 8 Apr 2024 18:44:28 +0300 Subject: [PATCH] [DO-416] tavro svace analyze (#17) Reviewed-on: https://git.avroid.tech/DevOps/jenkins-shared-lib/pulls/17 Co-authored-by: aleksandr.vodyanov Co-committed-by: aleksandr.vodyanov --- src/tech/avroid/api/Nexus.groovy | 6 ++- vars/getPodTemplate.groovy | 66 ++++++++++++++++++++++++++++++-- 2 files changed, 66 insertions(+), 6 deletions(-) diff --git a/src/tech/avroid/api/Nexus.groovy b/src/tech/avroid/api/Nexus.groovy index 9b39ff5..a093dbd 100644 --- a/src/tech/avroid/api/Nexus.groovy +++ b/src/tech/avroid/api/Nexus.groovy @@ -113,8 +113,10 @@ class Nexus implements Serializable { url: url, authentication: this.credentials, httpMode: "GET", - quiet: true, - outputFile: artifact + outputFile: artifact, + contentType: 'APPLICATION_JSON', + acceptType: 'APPLICATION_JSON', + responseHandle: 'NONE' ) return artifact diff --git a/vars/getPodTemplate.groovy b/vars/getPodTemplate.groovy index 70dae90..e03addc 100644 --- a/vars/getPodTemplate.groovy +++ b/vars/getPodTemplate.groovy @@ -20,7 +20,7 @@ Object alpineTemplate = """ memory: 64Mi """ -Object auroraV4Template = """ +Object tavroAuroraV4Template = """ apiVersion: v1 kind: Pod metadata: @@ -29,7 +29,7 @@ Object auroraV4Template = """ spec: containers: - name: aurora - image: ${env.JENKINS_DOCKER_REGISTRY}/devops/build-aurora-image:4.0.2.249-2 + image: ${env.JENKINS_DOCKER_REGISTRY}/tavro/tavro-build-aurora:4.0.2.249 securityContext: runAsUser: 1000 runAsGroup: 1000 @@ -52,6 +52,38 @@ Object auroraV4Template = """ - name: ${env.JENKINS_K8S_HARBOR_SECRET} """ +Object tavroAuroraV5Template = """ + apiVersion: v1 + kind: Pod + metadata: + annotations: + container.apparmor.security.beta.kubernetes.io/aurora: unconfined + spec: + containers: + - name: aurora + image: ${env.JENKINS_DOCKER_REGISTRY}/tavro/tavro-build-aurora:5.0.0.60 + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + capabilities: + add: + - SYS_ADMIN + tty: true + resources: + limits: + cpu: 15 + memory: 32Gi + requests: + cpu: 15 + memory: 32Gi + volumeMounts: + - mountPath: ${global.AURORA_CUSTOM_WORKSPACE} # Because home path removed within chroot + name: "workspace-volume" + ttyEnabled: true + imagePullSecrets: + - name: ${env.JENKINS_K8S_HARBOR_SECRET} +""" + Object containerAuroraTemplate = """ apiVersion: v1 kind: Pod @@ -109,14 +141,40 @@ Object sonarCubeScannerTemplate = """ name: "workspace-volume" """ +Object tavroLinuxTemplate = """ + apiVersion: v1 + kind: Pod + spec: + containers: + - name: linux + image: ${env.JENKINS_DOCKER_REGISTRY}/tavro/tavro-build-linux:0.2 + command: + - sleep + args: + - 99d + resources: + limits: + cpu: 7 + memory: 16Gi + requests: + cpu: 7 + memory: 4Gi + imagePullSecrets: + - name: ${env.JENKINS_K8S_HARBOR_SECRET} +""" + switch (podTemplateName) { case 'alpine': return alpineTemplate - case 'auroraV4': - return auroraV4Template + case 'tavroAuroraV4': + return tavroAuroraV4Template + case 'tavroAuroraV5': + return tavroAuroraV5Template case 'containerAurora': return containerAuroraTemplate case "sonarCubeScanner": return sonarCubeScannerTemplate + case 'tavroLinux': + return tavroLinuxTemplate } }