-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathJenkinsfile.meta
99 lines (92 loc) · 2.76 KB
/
Jenkinsfile.meta
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
properties([
disableConcurrentBuilds(),
disableResume(),
durabilityHint('PERFORMANCE_OPTIMIZED'),
pipelineTriggers([
cron('@hourly'),
]),
])
node {
stage('Checkout') {
checkout(scmGit(
userRemoteConfigs: [[
url: 'git@github.com:docker-library/meta.git',
credentialsId: 'docker-library-bot',
name: 'origin',
]],
branches: [[name: '*/main']],
extensions: [
cloneOption(
noTags: true,
shallow: true,
depth: 1,
),
submodule(
recursiveSubmodules: true,
parentCredentials: true,
),
cleanBeforeCheckout(),
cleanAfterCheckout(),
[$class: 'RelativeTargetDirectory', relativeTargetDir: 'meta'],
],
))
sh '''
git -C meta config user.name 'Docker Library Bot'
git -C meta config user.email 'doi+docker-library-bot@docker.com'
'''
}
env.BASHBREW_LIBRARY = workspace + '/meta/.doi/library'
dir('meta') {
// we *should* update .scripts (since that's where Jenkinsfile.* comes from, so it doesn't really make sense to update our Jenkinsfile and not have it use updated scripts), but it probably should update explicitly to the commit that the Jenkinsfile itself is coming from, if that's possible? ("latest" is probably fine)
stage('Update DOI') {
sh '''
git submodule update --remote --merge .doi
git submodule update --remote --merge .scripts
'''
}
withCredentials([
// thanks to rate limits, we either have to "docker login" or look things up via our proxy
string(credentialsId: 'dockerhub-public-proxy', variable: 'DOCKERHUB_PUBLIC_PROXY'),
string(credentialsId: 'dockerhub-public-proxy-host', variable: 'DOCKERHUB_PUBLIC_PROXY_HOST'),
]) {
stage('Fetch') {
sh 'bashbrew --library .doi/library fetch --all'
}
stage('Sources') {
sh '''
# we only need to regenerate "sources.json" if ".doi" or ".scripts" have changed since we last generated it
needsBuild=
if [ ! -s commits.json ] || [ ! -s sources.json ]; then
needsBuild=1
fi
doi="$(git -C .doi log -1 --format='format:%H')"
scripts="$(git -C .scripts log -1 --format='format:%H')"
export doi scripts
jq -n '{ doi: env.doi, scripts: env.scripts }' | tee commits.json
if [ -z "$needsBuild" ] && ! git diff --exit-code commits.json; then
needsBuild=1
fi
if [ -n "$needsBuild" ]; then
.scripts/sources.sh --all > sources.json
fi
'''
}
stage('Builds') {
sh '.scripts/builds.sh --cache cache-builds.json sources.json > builds.json'
}
}
stage('Commit') {
sh '''
git add -A .
if ! git diff --staged --exit-code; then # commit fails if there's nothing to commit
git commit -m 'Update and regenerate'
fi
'''
}
sshagent(['docker-library-bot']) {
stage('Push') {
sh 'git push origin HEAD:main'
}
}
}
}