From 773b3b360ab12180ad88d200c01779111aebddc9 Mon Sep 17 00:00:00 2001 From: Ally Smith Date: Fri, 31 May 2019 10:37:45 +0100 Subject: [PATCH] refactor Jenkinsfile - use DTR images for all but `docker.github.io:published` - use environment variables instead of credentials - build and push all images inside VPN container - combine build + image and update swarm stages - remove repetitive steps / stages --- Jenkinsfile | 156 +++++++++++++++++----------------------------------- 1 file changed, 51 insertions(+), 105 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 3b54bd3e61..06000a75f2 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,79 +1,57 @@ def reg = [credentialsId: 'csebuildbot', url: 'https://index.docker.io/v1/'] pipeline { - agent none + agent { + label 'ubuntu-1604-aufs-stable' + } + environment { + DTR_VPN_ADDRESS = credentials('dtr-vpn-address') + DTR_URL = credentials('dtr-url') + DOCKER_HOST_STRING = credentials('docker-host') + UCP_BUNDLE = credentials('ucp-bundle') + SUCCESS_BOT_TOKEN = credentials('success-bot-token') + SLACK = credentials('slack-docs-webhook') + } options { timeout(time: 1, unit: 'HOURS') } stages { stage( 'docker.github.io' ) { - agent { - label 'ubuntu-1604-aufs-stable' - } - environment { - DTR_VPN_ADDRESS = credentials('dtr-vpn-address') - DOCKER_HOST_STRING = credentials('docker-host') - UCP_BUNDLE = credentials('ucp-bundle') - SLACK = credentials('slack-docs-webhook') - } when { expression { env.GIT_URL == 'https://github.com/Docker/docker.github.io.git' } } stages { - stage( 'build and push stage image' ) { - when { - branch 'master' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docker.github.io:stage-${env.BUILD_NUMBER} . && \ - docker image push docs/docker.github.io:stage-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'build and push prod image' ) { - when { - branch 'published' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docker.github.io:prod-${env.BUILD_NUMBER} . && \ - docker image push docs/docker.github.io:prod-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'update docs stage' ) { + stage( 'build + push stage image, update stage swarm' ) { when { branch 'master' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" - withDockerRegistry(reg) { - sh """ - export DOCKER_TLS_VERIFY=1 - export COMPOSE_TLS_VERSION=TLSv1_2 - export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot - export DOCKER_HOST=$DOCKER_HOST_STRING - docker service update --detach=false --force --image docs/docker.github.io:stage-${env.BUILD_NUMBER} docs-stage-docker-com_docs --with-registry-auth - """ - } + sh """ + cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin + docker build -t $DTR_URL/docker/docker.github.io:stage-${env.BUILD_NUMBER} . + docker push $DTR_URL/docker/docker.github.io:stage-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image $DTR_URL/docker/docker.github.io:stage-${env.BUILD_NUMBER} docs-stage-docker-com_docs --with-registry-auth + """ } } } - stage( 'update docs prod' ) { + stage( 'build + push prod image, update prod swarm' ) { when { branch 'published' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" withDockerRegistry(reg) { sh """ + docker build -t docs/docker.github.io:prod-${env.BUILD_NUMBER} . + docker push docs/docker.github.io:prod-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE cd ucp-bundle-success_bot export DOCKER_TLS_VERIFY=1 export COMPOSE_TLS_VERSION=TLSv1_2 @@ -89,79 +67,47 @@ pipeline { } } stage( 'docs-private' ) { - agent { - label 'ubuntu-1604-aufs-stable' - } - environment { - DTR_VPN_ADDRESS = credentials('dtr-vpn-address') - DOCKER_HOST_STRING = credentials('docker-host') - UCP_BUNDLE = credentials('ucp-bundle') - } when { expression { env.GIT_URL == "https://github.com/docker/docs-private.git" } } stages { - stage( 'build and push new beta stage image' ) { - when { - branch 'amberjack' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docs-private:beta-stage-${env.BUILD_NUMBER} . && \ - docker image push docs/docs-private:beta-stage-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'build and push new beta image' ) { - when { - branch 'published' - } - steps { - withDockerRegistry(reg) { - sh """ - docker image build --tag docs/docs-private:beta-${env.BUILD_NUMBER} . && \ - docker image push docs/docs-private:beta-${env.BUILD_NUMBER} - """ - } - } - } - stage( 'update beta stage service' ) { + stage( 'build + push beta-stage image, update beta-stage swarm' ) { when { branch 'amberjack' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" - withDockerRegistry(reg) { - sh """ - export DOCKER_TLS_VERIFY=1 - export COMPOSE_TLS_VERSION=TLSv1_2 - export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot - export DOCKER_HOST=$DOCKER_HOST_STRING - docker service update --detach=false --force --image docs/docs-private:beta-stage-${env.BUILD_NUMBER} docs-beta-stage-docker-com_docs --with-registry-auth - """ - } + sh """ + cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin + docker build -t $DTR_URL/docker/docs-private:beta-stage-${env.BUILD_NUMBER} . + docker push $DTR_URL/docker/docs-private:beta-stage-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image $DTR_URL/docker/docs-private:beta-stage-${env.BUILD_NUMBER} docs-beta-stage-docker-com_docs --with-registry-auth + """ } } } - stage( 'update beta service' ) { + stage( 'build + push beta image, update beta swarm' ) { when { branch 'published' } steps { withVpn("$DTR_VPN_ADDRESS") { - sh "unzip -o $UCP_BUNDLE" - withDockerRegistry(reg) { - sh """ - export DOCKER_TLS_VERIFY=1 - export COMPOSE_TLS_VERSION=TLSv1_2 - export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot - export DOCKER_HOST=$DOCKER_HOST_STRING - docker service update --detach=false --force --image docs/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth - """ - } + sh """ + cat $SUCCESS_BOT_TOKEN | docker login $DTR_URL --username 'success_bot' --password-stdin + docker build -t $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} . + docker push $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} + unzip -o $UCP_BUNDLE + export DOCKER_TLS_VERIFY=1 + export COMPOSE_TLS_VERSION=TLSv1_2 + export DOCKER_CERT_PATH=${WORKSPACE}/ucp-bundle-success_bot + export DOCKER_HOST=$DOCKER_HOST_STRING + docker service update --detach=false --force --image $DTR_URL/docker/docs-private:beta-${env.BUILD_NUMBER} docs-beta-docker-com_docs --with-registry-auth + """ } } }