#!groovy def repository = "registry.c.test-chamber-13.lan" def repositoryCreds = "harbor-repository-creds" def shortCommit def workspace def dockerFile def label = "kubernetes-${UUID.randomUUID().toString()}" def templateName = "pipeline-worker" pipeline { agent { kubernetes { yaml functions.podYaml( repo: repository, templateName: templateName, kaniko: true, alpine: true, [ [ name: "sonar", path: "${repository}/library/sonarscanner:latest", command: "/bin/sh" ], [ name: "golang", path: "${repository}/dockerhub/library/golang:alpine", command: "/bin/sh" ] ] ) } } stages { stage('Clone Repository') { steps { script { dir("./") { checkout ([ $class: "GitSCM", branches: [ [ name: "refs/heads/main", ], ], userRemoteConfigs: [ [ url: "ssh://git@gitea.smoothnet.org:31822/nhyatt/istheinternetonfire.git", credentialsId: "Gitea-Read-Only-Token", ], ], extensions: [ [ $class: "CloneOption", shallow: true, ], [ $class: "CheckoutOption", timeout: 2, ], ], ]) } } } } stage ('Initalize Jenkins') { parallel { stage ('Set Workspace') { steps { script { workspace = pwd() dockerFile = """FROM registry.c.test-chamber-13.lan/dockerhub/library/golang:alpine AS builder COPY . /go/src/app WORKDIR /go/src/app RUN apk add --no-cache git && \\ git config --global --add safe.directory /go/src/app && \\ GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -v -ldflags="-s -w" -tags timetzdata -o ifire ./ FROM registry.c.test-chamber-13.lan/library/alpine:latest LABEL org.opencontainers.image.title="Is the internet on fire?" RUN addgroup -S -g 1000 app && \\ adduser --disabled-password -G app --gecos "application account" --home "/home/app" --shell "/sbin/nologin" --uid 1000 app && \\ apk add --no-cache bind-tools COPY --from=builder --chown=app:app /go/src/app/ifire /usr/local/bin/ifire USER app:app WORKDIR /home/app ENTRYPOINT ["/bin/sh", "-c", "ifire"] """ } } } stage ('Prepare SonarScanner') { steps { script { def sonarScannerConfig = """ sonar.projectKey=${env.JOB_BASE_NAME.replace(" ", "-")} sonar.projectVersion=${shortCommit} sonar.sources=. sonar.exclusions=**/*_test.go,**/vendor/**,**/testdata/*,html/** sonar.tests=. sonar.test.inclusions=**/*_test.go sonar.test.exclusions=**/vendor/** sonar.go.coverage.reportPaths=cover.out """ writeFile file: 'sonar-project.properties', text: sonarScannerConfig } } } stage ('Run Tests') { steps { container ('golang') { script { writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getCurrentRootCA()) sh """ if [ ! "/usr/bin/curl" ] || [ ! -x "/usr/bin/curl" ]; then apk add --no-cache curl fi if [ ! "/usr/bin/git" ] || [ ! -x "/usr/bin/git" ]; then apk add --no-cache git git config --global --add safe.directory '${workspace}' fi apk add --no-cache gcc musl-dev curl \ --silent \ --location \ --cacert <( printf '%s\\n' "\$(cat "${workspace}/test-chamber-13.lan.root.crt")" ) \ https://nexus.c.test-chamber-13.lan/repository/github-releases/jstemmer/go-junit-report/releases/download/v1.0.0/go-junit-report-v1.0.0-linux-amd64.tar.gz \ | tar -z -x -f - -C /usr/local/bin ln -s "${workspace}" "/go/src/${env.JOB_BASE_NAME}" cd "/go/src/${env.JOB_BASE_NAME}" go test -short -coverprofile=cover.out \$(go list ./... | grep -v vendor/) go test -v ./... 2>&1 | go-junit-report > report.xml """ } } } } } } stage ('SonarQube Analysis') { steps { container ('sonar') { script { try { withSonarQubeEnv('SonarQube') { sh "sonar-scanner --define sonar.host.url=https://sonar.c.test-chamber-13.lan" } } catch(ex) { unstable('Unable to communicate with Sonarqube or Sonarqube sumission failed.') } } } } } stage ('Build & Push') { steps { container ('kaniko') { script { declarativeFunctions.buildContainerMultipleDestinations( dockerFile: dockerFile, repositoryAccess: [ [ repository: "registry.hub.docker.com", credentials: "dockerhub-repository-creds" ], ], destination: [ "registry.hub.docker.com/thespider/istheinternetonfire:latest", ] ) } } } } stage('Submit Testing Report to Jenkins') { steps { script { catchError{ junit 'report.xml' } } } } } }