-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathJenkinsfile
150 lines (138 loc) · 5.81 KB
/
Jenkinsfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
pipeline {
agent any
environment {
GITHUB_CREDENTIALS_ID = 'github-pat'
HELM_VERSION = '3.5.4'
}
options {
skipDefaultCheckout(true)
}
triggers {
githubPush()
}
stages {
stage('Checkout') {
steps {
script {
// Checkout the code
git credentialsId: GITHUB_CREDENTIALS_ID, url: 'https://github.com/csye7125-su24-team17/helm-webapp-cve-consumer.git', branch: 'main'
}
}
}
stage('Fetch and Checkout PR Branch') {
when {
expression {
return env.CHANGE_ID != null
}
}
steps {
script {
// Fetch the latest changes from the origin using credentials
withCredentials([usernamePassword(credentialsId: GITHUB_CREDENTIALS_ID, usernameVariable: 'GITHUB_USER', passwordVariable: 'GITHUB_TOKEN')]) {
sh 'git config --global credential.helper store'
sh 'echo "https://${GITHUB_USER}:${GITHUB_TOKEN}@github.com" > ~/.git-credentials'
// Fetch all branches including PR branches
sh 'git fetch origin +refs/pull/*/head:refs/remotes/origin/pr/*'
// Dynamically fetch the current PR branch name using environment variables
def prBranch = env.CHANGE_BRANCH
echo "PR Branch: ${prBranch}"
// Checkout the PR branch
sh "git checkout -B ${prBranch} origin/pr/${env.CHANGE_ID}"
}
}
}
}
stage('Lint Commit Messages') {
when {
expression {
return env.CHANGE_ID != null
}
}
steps {
script {
// Fetch the latest commit message in the PR branch
def latestCommitMessage = sh(script: "git log -1 --pretty=format:%s", returnStdout: true).trim()
echo "Latest commit message: ${latestCommitMessage}"
// Regex for Conventional Commits
def pattern = ~/^\s*(feat|fix|docs|style|refactor|perf|test|chore|revert|ci|build)(\(.+\))?: .+\s*$/
// Check the latest commit message
if (!pattern.matcher(latestCommitMessage).matches()) {
error "Commit message does not follow Conventional Commits: ${latestCommitMessage}"
}
}
}
}
stage('Helm Lint and Template') {
when {
expression {
return env.CHANGE_ID != null
}
}
steps {
script {
// Run helm lint
def lintResult = sh(script: 'helm lint .', returnStatus: true)
if (lintResult != 0) {
error 'Helm lint failed'
}
// Run helm template
def templateResult = sh(script: 'helm template .', returnStatus: true)
if (templateResult != 0) {
error 'Helm template failed'
}
}
}
}
stage('Semantic-Release') {
when {
allOf {
branch 'main'
not { changeRequest() }
}
}
steps {
script {
withCredentials([usernamePassword(credentialsId: 'github-pat', usernameVariable: 'GH_USERNAME', passwordVariable: 'GH_TOKEN')]) {
env.GIT_LOCAL_BRANCH = 'main'
sh 'git config --global user.email "jenkins@jenkins.hemanthnvd.com"'
sh 'git config --global user.name "Jenkins CI"'
def releaseOutput = sh(script: 'npx semantic-release --dry-run --json', returnStdout: true).trim()
def versionLine = releaseOutput.find(/Published release (\d+\.\d+\.\d+) on default channel/)
if (versionLine) {
// Extract the new version
def newVersion = (versionLine =~ /(\d+\.\d+\.\d+)/)[0][0]
echo "New version: v${newVersion}"
// Update Chart.yaml with the new version
sh """
sed -i 's/version:.*/version: ${newVersion}/' Chart.yaml
git add Chart.yaml
git commit -m "chore: update Chart.yaml version to v${newVersion}"
git push --force origin ${GIT_LOCAL_BRANCH}
"""
// Package and release Helm chart
sh """
helm package --version ${newVersion} .
gh release create 'v${newVersion}' *${newVersion}.tgz
rm *.tgz
"""
} else {
error "Failed to capture the new version from semantic-release."
}
}
}
}
}
}
post {
failure {
script {
echo "Pipeline failed."
}
}
success {
script {
echo "Pipeline succeeded."
}
}
}
}