Jenkinsfile_nightly

#!groovy

properties([
  // H allow predefined but random minute see https://en.wikipedia.org/wiki/Cron#Non-standard_characters
  pipelineTriggers([cron('07 07 * * 1-5')]),
  parameters([
          string(name: 'URL_TO_TEST', defaultValue: 'http://am-org-role-mapping-service-aat.service.core-compute-aat.internal',
                  description: 'The URL you want to run these tests against'),
          string(name: 'SecurityRules',
                  defaultValue: 'http://raw.githubusercontent.com/hmcts/security-test-rules/master/conf/security-rules.conf',
                  description: 'The URL you want to run these tests against'),
  ])
  ])
@Library("Infrastructure")

def type = "java"
def product = "am"
def component = "org-role-mapping-service"

static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
  [$class     : 'AzureKeyVaultSecret',
   secretType : 'Secret',
   name       : secretName,
   version    : '',
   envVariable: envVar
  ]
}

def vaultOverrides = [
  'preview' : 'aat',
  'spreview': 'saat'
]

def secrets = [
    's2s-${env}': [
      secret('microservicekey-am-org-role-mapping-service', 'BEFTA_S2S_CLIENT_SECRET'),
      secret('microservicekey-am-org-role-mapping-service', 'AM_ORG_ROLE_MAPPING_SERVICE_SECRET'),
      secret('microservicekey-xui-webapp', 'XUI_WEBAPP_S2S_SECRET')
    ],
    'am-${env}': [
      secret('orm-IDAM-CLIENT-ID', 'ORM_IDAM_CLIENT_ID'),
      secret('orm-IDAM-CLIENT-ID', 'OAUTH2_CLIENT_ID'),
      secret('orm-IDAM-CLIENT-SECRET', 'ORG_ROLE_MAPPING_IDAM_CLIENT_SECRET'),
      secret('orm-IDAM-CLIENT-SECRET', 'OAUTH2_CLIENT_SECRET'),
      secret('role-assignment-service-LD-SDK-KEY', 'LD_SDK_KEY'),
      secret('test-am-user2-befta-pwd', 'TEST_AM_USER2_BEFTA_PWD'),
      secret('test-am-crd-user1-befta', 'TEST_AM_CRD_USER1_BEFTA'),
      secret('test-am-crd-user1-befta-password', 'TEST_AM_CRD_USER1_BEFTA_PASSWORD'),
      secret('test-am-jrd-user1-befta', 'TEST_AM_JRD_USER1_BEFTA'),
      secret('test-am-jrd-user1-befta-password', 'TEST_AM_JRD_USER1_BEFTA_PASSWORD'),
      secret('caseworker-topic-primary-send-listen-shared-access-key', 'AMQP_CRD_SHARED_ACCESS_KEY_VALUE'),
      secret('judicial-topic-primary-send-listen-shared-access-key', 'AMQP_JRD_SHARED_ACCESS_KEY_VALUE')
    ]
]

withNightlyPipeline(type, product, component) {

// Vars needed for functional and smoke tests run against AKS
env.IDAM_URL = "https://idam-api.aat.platform.hmcts.net"
env.IDAM_API_URL_BASE = "https://idam-api.aat.platform.hmcts.net"
env.IDAM_S2S_URL = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.BEFTA_S2S_CLIENT_ID = "am_org_role_mapping_service"
env.OAUTH2_REDIRECT_URI = "http://am-role-assignment-service-aat.service.core-compute-aat.internal/oauth2redirect"
env.OAUTH2_ACCESS_TOKEN_TYPE = "OIDC"
env.BEFTA_RESPONSE_HEADER_CHECK_POLICY = "JUST_WARN"
env.S2S_URL = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.S2S_URL_BASE = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.OAUTH2_SCOPE_VARIABLES = "openid%20profile%20roles%20authorities"
env.OPENID_SCOPE_VARIABLES = "openid+profile+roles+authorities"
env.MICROSERVICE_NAME = "am_org_role_mapping_service"
env.EXTERNAL_FLAG_QUERY_PATH = "am/role-mapping/fetchFlagStatus?flagName="
env.DEFINITION_STORE_HOST = "http://ccd-definition-store-api-pr-575.service.core-compute-preview.internal"
env.DEFINITION_STORE_URL_BASE = "http://ccd-definition-store-api-aat.service.core-compute-aat.internal"
env.CRD_URL = "http://rd-caseworker-ref-api-aat.service.core-compute-aat.internal"
// Vars for Kubernetes PACT
env.PACT_BROKER_FULL_URL = "https://pact-broker.platform.hmcts.net"
env.AMQP_HOST = "rd-servicebus-aat.servicebus.windows.net"
env.CRD_TOPIC_NAME = "rd-caseworker-topic-aat"
env.JRD_TOPIC_NAME = "rd-judicial-topic-aat"
env.ROLE_ASSIGNMENT_URL = "http://am-role-assignment-service-aat.service.core-compute-aat.internal"
env.TEST_URL = "http://am-org-role-mapping-service-aat.service.core-compute-aat.internal"
env.LAUNCH_DARKLY_ENV = "aat"
env.JUDICIAL_BOOKING_URL = "http://am-judicial-booking-service-aat.service.core-compute-aat.internal"

// Var to turn on CRD/JRD FTAs: DTSAM-336 (NB: only disable temporarily if an RD service is unavailable)
env.CASEWORKER_FTA_ENABLED = "true"
env.JUDICIAL_FTA_ENABLED = "true"

// Var to turn FTA on for azure-messaging-servicebus DTSAM-150
env.AZURE_SERVICE_BUS_FTA_ENABLED = "true"

// Don't run refresh FTAs on AAT DTSAM-173
env.REFRESH_FTA_ENABLED = "false"

// Vars for Azure Container Registries DTSAM-370
env.TESTCONTAINERS_HOST_OVERRIDE="localhost"
env.TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX="hmctspublic.azurecr.io/imported/"

  overrideVaultEnvironments(vaultOverrides)
  loadVaultSecrets(secrets)

  enableMutationTest()
  enableFullFunctionalTest()
  enableFortifyScan()

    before('fullFunctionalTest') {
        steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'build/reports/tests/integration/**/*'
    }

    afterSuccess('build') {
        stage("integration tests") {
            sh "./gradlew integration"
            steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'build/reports/tests/integration/**/*'
        }
    }

    afterAlways('fullFunctionalTest') {
        steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/target/cucumber/**/*'

        publishHTML target: [
                allowMissing         : true,
                alwaysLinkToLastBuild: true,
                keepAll              : true,
                reportDir            : "target/cucumber/functional-html-reports",
                reportFiles          : "overview-features.html,overview-failures.html,",
                reportTitles         : "Features,Failures",
                reportName           : "Functional Test Report"
        ]
    }

    afterAlways('fortify-scan') {
      steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/Fortify Scan/**/*'
    }
}