From c793295bc8f74fda11fdd2c3d7ae2f60cd8799a6 Mon Sep 17 00:00:00 2001 From: Maria Bermudez Date: Fri, 31 May 2019 09:36:45 -0700 Subject: [PATCH] make jenkinsfile serve private and public docs After a couple of Jenkins-based mix-ups it became obvious we needed a Jenkinsfile that would serve both public and private projects, that we could move between repos without worry. This Jenkinsfile knows which images to build and push and which swarm services to update because of the use of git_url and branch conditions. --- Jenkinsfile | 132 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) diff --git a/Jenkinsfile b/Jenkinsfile index 06000a75f2..da2b07e51c 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -17,11 +17,108 @@ pipeline { } stages { stage( 'docker.github.io' ) { +<<<<<<< HEAD +======= + agent { + label 'ubuntu-1604-aufs-stable' + } + environment { + DTR_VPN_ADDRESS = credentials('dtr-vpn-address') + DOCKER_HOST_STRING = credentials('docker-host') + UCP_BUNDLE = credentials('ucp-bundle') + SLACK = credentials('slack-docs-webhook') + } +>>>>>>> d2e9df79bd... make jenkinsfile serve private and public docs when { expression { env.GIT_URL == 'https://github.com/Docker/docker.github.io.git' } } stages { +<<<<<<< HEAD stage( 'build + push stage image, update stage swarm' ) { +======= + stage( 'build and push stage image' ) { + when { + branch 'master' + } + steps { + withDockerRegistry(reg) { + sh """ + docker image build --tag docs/docker.github.io:stage-${env.BUILD_NUMBER} . && \ + docker image push docs/docker.github.io:stage-${env.BUILD_NUMBER} + """ + } + } + } + stage( 'build and push prod image' ) { + when { + branch 'published' + } + steps { + withDockerRegistry(reg) { + sh """ + docker image build --tag docs/docker.github.io:prod-${env.BUILD_NUMBER} . && \ + docker image push docs/docker.github.io:prod-${env.BUILD_NUMBER} + """ + } + } + } + stage( 'update docs stage' ) { + when { + branch 'master' + } + steps { + withVpn("$DTR_VPN_ADDRESS") { + sh "unzip -o $UCP_BUNDLE" + withDockerRegistry(reg) { + sh """ + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image docs/docker.github.io:stage-${env.BUILD_NUMBER} docs-stage-docker-com_docs --with-registry-auth + """ + } + } + } + } + stage( 'update docs prod' ) { + when { + branch 'published' + } + steps { + withVpn("$DTR_VPN_ADDRESS") { + sh "unzip -o $UCP_BUNDLE" + withDockerRegistry(reg) { + sh """ + cd ucp-bundle-success_bot + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image docs/docker.github.io:prod-${env.BUILD_NUMBER} docs-docker-com_docs --with-registry-auth + curl -X POST -H 'Content-type: application/json' --data '{"text":"Successfully published docs. https://docs.docker.com/"}' $SLACK + """ + } + } + } + } + } + } + stage( 'docs-private' ) { + agent { + label 'ubuntu-1604-aufs-stable' + } + environment { + DTR_VPN_ADDRESS = credentials('dtr-vpn-address') + DOCKER_HOST_STRING = credentials('docker-host') + UCP_BUNDLE = credentials('ucp-bundle') + } + when { + expression { env.GIT_URL == "https://github.com/docker/docs-private.git" } + } + stages { + stage( 'build and push new beta stage image' ) { +>>>>>>> d2e9df79bd... make jenkinsfile serve private and public docs when { branch 'master' } @@ -46,7 +143,25 @@ pipeline { branch 'published' } steps { +<<<<<<< HEAD withVpn("$DTR_VPN_ADDRESS") { +======= + withDockerRegistry(reg) { + sh """ + docker image build --tag docs/docs-private:beta-${env.BUILD_NUMBER} . && \ + docker image push docs/docs-private:beta-${env.BUILD_NUMBER} + """ + } + } + } + stage( 'update beta stage service' ) { + when { + branch 'amberjack' + } + steps { + withVpn("$DTR_VPN_ADDRESS") { + sh "unzip -o $UCP_BUNDLE" +>>>>>>> d2e9df79bd... make jenkinsfile serve private and public docs withDockerRegistry(reg) { sh """ docker build -t docs/docker.github.io:prod-${env.BUILD_NUMBER} . @@ -57,8 +172,12 @@ pipeline { export COMPOSE_TLS_VERSION=TLSv1_2 export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot export DOCKER_HOST=$DOCKER_HOST_STRING +<<<<<<< HEAD docker service update --detach=false --force --image docs/docker.github.io:prod-${env.BUILD_NUMBER} docs-docker-com_docs --with-registry-auth curl -X POST -H 'Content-type: application/json' --data '{"text":"Successfully published docs. https://docs.docker.com/"}' $SLACK +======= + docker service update --detach=false --force --image docs/docs-private:beta-stage-${env.BUILD_NUMBER} docs-beta-stage-docker-com_docs --with-registry-auth +>>>>>>> d2e9df79bd... make jenkinsfile serve private and public docs """ } } @@ -97,6 +216,7 @@ pipeline { } steps { withVpn("$DTR_VPN_ADDRESS") { +<<<<<<< HEAD sh """ cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin docker build -t $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} . @@ -108,6 +228,18 @@ pipeline { export DOCKER_HOST=$DOCKER_HOST_STRING docker service update --detach=false --force --image $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth """ +======= + sh "unzip -o $UCP_BUNDLE" + withDockerRegistry(reg) { + sh """ + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image docs/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth + """ + } +>>>>>>> d2e9df79bd... make jenkinsfile serve private and public docs } } }