MLE-24593 Add publishing step and enable scheduled builds (#103)

* Add publishing step and enable scheduled builds

* move blackduck scan after publishing

* Ensure we run container scan when we publish, otherwise just the source

---------

Co-authored-by: Vitaly Korolev <[email protected]>

Author: vitalykorolev

Jenkinsfile

@@ -8,8 +8,12 @@ import groovy.json.JsonSlurperClassic
 emailList = '[email protected], [email protected], [email protected], [email protected], [email protected]'
 emailSecList = '[email protected]'
 gitCredID = 'marklogic-builder-github'
+operatorRegistry = 'ml-marklogic-operator-dev.bed-artifactory.bedford.progress.com'
 JIRA_ID = ''
 JIRA_ID_PATTERN = /(?i)(MLE)-\d{3,6}/
+operatorRepo = 'marklogic-kubernetes-operator'
+timeStamp = new Date().format('yyyyMMdd')
+branchNameTag = env.BRANCH_NAME.replaceAll('/', '-')
 
 // Define local funtions
 void preBuildCheck() {
@@ -126,15 +130,15 @@ void runTests() {
 }
 
 void runMinikubeSetup() {
-    sh '''
-        make e2e-setup-minikube
-    '''
+    sh """
+        make e2e-setup-minikube IMG=${operatorRepo}:${VERSION}
+    """
 }
 
 void runE2eTests() {
-    sh '''
-        make e2e-test
-    '''
+    sh """
+        make e2e-test IMG=${operatorRepo}:${VERSION}
+    """
 }
 
 void runMinikubeCleanup() {
@@ -143,9 +147,43 @@ void runMinikubeCleanup() {
     '''
 }
 
-void runSecurityScan() {
-    build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}") ]
+void runBlackDuckScan() {
+    // Trigger BlackDuck scan job with CONTAINER_IMAGES parameter when params.PUBLISH_IMAGE is true
+    if (params.PUBLISH_IMAGE) {
+        build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}"), string(name: 'CONTAINER_IMAGES', value: "${operatorRepo}:${VERSION}-${branchNameTag}") ]
+    } else {
+        build job: 'securityscans/Blackduck/KubeNinjas/kubernetes-operator', wait: false, parameters: [ string(name: 'branch', value: "${env.BRANCH_NAME}") ]
+    }
+}
+
+/**
+ * Publishes the built Docker image to the internal Artifactory registry.
+ * Tags the image with multiple tags (version-specific, branch-specific, latest).
+ * Requires Artifactory credentials.
+ */
+void publishToInternalRegistry() {
+    withCredentials([usernamePassword(credentialsId: 'builder-credentials-artifactory', passwordVariable: 'docker_password', usernameVariable: 'docker_user')]) {
+        
+        sh """
+            # make sure to logout first to avoid issues with cached credentials
+            docker logout ${operatorRegistry}
+            echo "${docker_password}" | docker login --username ${docker_user} --password-stdin ${operatorRegistry}
+
+            # Create tags
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:${VERSION}
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}-${timeStamp}
+            docker tag ${operatorRepo}:${VERSION} ${operatorRegistry}/${operatorRepo}:latest
+
+            # Push images to internal registry
+            docker push ${operatorRegistry}/${operatorRepo}:${VERSION}
+            docker push ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}
+            docker push ${operatorRegistry}/${operatorRepo}:${VERSION}-${branchNameTag}-${timeStamp}
+            docker push ${operatorRegistry}/${operatorRepo}:latest
+        """
+    }
 }
+
 pipeline {
     agent {
         label {
@@ -157,16 +195,17 @@ pipeline {
         buildDiscarder logRotator(artifactDaysToKeepStr: '20', artifactNumToKeepStr: '', daysToKeepStr: '30', numToKeepStr: '')
         skipStagesAfterUnstable()
     }
-    // triggers {
-    //     //TODO: add scheduled runs
-    // }
-    // environment {
-    //     //TODO
-    // }
+    
+    triggers {
+        // Trigger nightly builds on the develop branch
+        parameterizedCron( env.BRANCH_NAME == 'develop' ? '''00 05 * * * % E2E_MARKLOGIC_IMAGE_VERSION=ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi-rootless:latest-12
+                                                             00 05 * * * % E2E_MARKLOGIC_IMAGE_VERSION=ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi-rootless:latest-11; PUBLISH_IMAGE=false''' : '')
+    }
 
     parameters {
         string(name: 'E2E_MARKLOGIC_IMAGE_VERSION', defaultValue: 'ml-docker-db-dev-tierpoint.bed-artifactory.bedford.progress.com/marklogic/marklogic-server-ubi-rootless:latest-12', description: 'Docker image to use for tests.', trim: true)
-        string(name: 'IMG', defaultValue: 'testrepo/marklogic-operator-image-dev:internal', description: 'Docker image for Running Operator Container', trim: true)
+        string(name: 'VERSION', defaultValue: '1.1.0', description: 'Version to tag the image with.', trim: true)
+        booleanParam(name: 'PUBLISH_IMAGE', defaultValue: false, description: 'Publish image to internal registry')
         string(name: 'emailList', defaultValue: emailList, description: 'List of email for build notification', trim: true)
     }
 
@@ -177,12 +216,6 @@ pipeline {
             }
         }
 
-        stage('Run-Security-Scan') {
-            steps {
-                runSecurityScan()
-            }
-        }
-
         stage('Run-tests') {
             steps {
                 runTests()
@@ -206,6 +239,26 @@ pipeline {
                 runMinikubeCleanup()
             }
         }
+
+        // Publish image to internal registries (conditional)
+        stage('Publish Image') {
+            when {
+                    anyOf {
+                        branch 'develop'
+                        expression { return params.PUBLISH_IMAGE }
+                    }
+            }
+            steps {
+                publishToInternalRegistry()
+            }
+        }
+
+        stage('Run-BlackDuck-Scan') {
+
+            steps {
+                runBlackDuckScan()
+            }
+        }
 
     }
 

Makefile

@@ -66,7 +66,7 @@ OPERATOR_SDK_VERSION ?= v1.34.2
 # Image URL to use all building/pushing image targets
 # Image for dev: ml-marklogic-operator-dev.bed-artifactory.bedford.progress.com/marklogic-operator-kubernetes
 # IMG ?= progressofficial/marklogic-operator-kubernetes:$(VERSION)
-IMG = "testrepo/marklogic-operator-image-dev:1.0.0"
+IMG ?= "testrepo/marklogic-operator-image-dev:1.0.0"
 
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)