forked from cyberark/conjur-base-image
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathJenkinsfile
More file actions
88 lines (82 loc) · 2.66 KB
/
Jenkinsfile
File metadata and controls
88 lines (82 loc) · 2.66 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
pipeline {
agent { label 'executor-v2' }
parameters {
booleanParam(name: 'FORCE_OPENSSL_BUILDER', defaultValue: false, description: 'Forces build of openssl-builder docker image')
booleanParam(name: 'FORCE_RUBY_BUILDERS', defaultValue: false, description: 'Forces build of *-ruby-builder docker image')
}
triggers {
cron(getDailyCronString())
}
environment {
TAG = sh(returnStdout: true, script: "git rev-parse --short HEAD | tr -d '\n'")
}
stages {
stage ('Build and push openssl-builder image') {
steps {
sh "./openssl-builder/build.sh ${params.FORCE_OPENSSL_BUILDER}"
sh "./openssl-builder/push.sh ${params.FORCE_OPENSSL_BUILDER}"
}
}
stage ('Build and push subsequent builder images') {
parallel {
stage ('Build and push phusion-ruby-builder image') {
steps {
sh "./phusion-ruby-builder/build.sh ${params.FORCE_RUBY_BUILDERS}"
sh "./phusion-ruby-builder/push.sh ${params.FORCE_RUBY_BUILDERS}"
}
}
stage ('Build and push ubuntu-ruby-builder image') {
steps {
sh "./ubuntu-ruby-builder/build.sh ${params.FORCE_RUBY_BUILDERS}"
sh "./ubuntu-ruby-builder/push.sh ${params.FORCE_RUBY_BUILDERS}"
}
}
stage ('Build and tag postgres-client-builder image') {
steps {
sh "./postgres-client-builder/build.sh"
sh "./postgres-client-builder/tag.sh"
}
}
}
}
stage ('Build and Test fips base images') {
parallel {
stage ('Build and Test phusion-ruby-fips image') {
steps {
buildAndTestImage('phusion-ruby-fips')
}
}
stage ('Build and Test ubuntu-ruby-fips image') {
steps {
buildAndTestImage('ubuntu-ruby-fips')
}
}
}
}
stage ('Push images') {
steps {
sh "./phusion-ruby-fips/push.sh ${TAG} registry.tld"
sh "./ubuntu-ruby-fips/push.sh ${TAG} registry.tld"
}
}
stage ('Publish images') {
when { triggeredBy 'TimerTrigger' }
steps {
sh "./phusion-ruby-fips/push.sh ${TAG}"
sh "./ubuntu-ruby-fips/push.sh ${TAG}"
}
}
}
post {
always {
archiveArtifacts allowEmptyArchive: true, artifacts: 'test-results/**/*.json', fingerprint: true
cleanupAndNotify(currentBuild.currentResult, "#development")
}
}
}
def buildAndTestImage(name) {
sh "./${name}/build.sh ${TAG}"
sh "./test.sh --full-image-name ${name}:${TAG} --test-file-name test.yml"
scanAndReport("${name}:${TAG}", "HIGH", false)
scanAndReport("${name}:${TAG}", "NONE", true)
}