Jenkinsfile_CNP

#!groovy @Library("Infrastructure") @Library("Infrastructure")
@Library("Infrastructure")

import uk.gov.hmcts.contino.DockerImage
import uk.gov.hmcts.contino.GradleBuilder
import uk.gov.hmcts.contino.Kubectl
import uk.gov.hmcts.pipeline.TeamConfig

def type = "java"
def product = "reform-scan"
def component = "notification-service"

def channel = '#bsp-build-notices'

env.TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX = 'hmctspublic.azurecr.io/imported/'

GradleBuilder builder = new GradleBuilder(this, product)

def nonPrSecrets = [
  'reform-scan-${env}': [
    secret('notification-staging-queue-send-shared-access-key', 'NOTIFICATION_QUEUE_ACCESS_KEY_WRITE'),
    secret('test-s2s-secret', 'TEST_S2S_SECRET'),
    secret('launch-darkly-sdk-key', 'LAUNCH_DARKLY_SDK_KEY'),
    secret('launch-darkly-offline-mode', 'LAUNCH_DARKLY_OFFLINE_MODE')
  ]
]

def prSecrets = [
  'reform-scan-${env}': [
    secret('test-s2s-secret', 'TEST_S2S_SECRET'),
    secret('launch-darkly-sdk-key', 'LAUNCH_DARKLY_SDK_KEY'),
    secret('launch-darkly-offline-mode', 'LAUNCH_DARKLY_OFFLINE_MODE')
  ]
]

static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
  [ $class: 'AzureKeyVaultSecret',
    secretType: 'Secret',
    name: secretName,
    version: '',
    envVariable: envVar
  ]
}

withPipeline(type, product, component) {
  afterSuccess('test') {
    builder.gradle('integration')
  }

  afterSuccess('akschartsinstall') {
    // Vars needed for AKS testing
    env.TEST_S2S_URL = 'http://rpe-service-auth-provider-aat.service.core-compute-aat.internal'
    env.JMS_ENABLED = false
    env.SPRING_PROFILES_ACTIVE = 'default'
    env.NOTIFICATION_QUEUE_NAME = "notifications-staging"
    env.NOTIFICATION_QUEUE_NAMESPACE = "reform-scan-servicebus-aat-premium"
    env.NOTIFICATION_QUEUE_ACCESS_KEY_NAME_WRITE = "SendSharedAccessKey"
  }

  before('smoketest:preview') {
    withAksClient('nonprod', product) {
      // Notifications queue connection string is needed by the functional tests.
      // The following code (as ugly as it looks!) gets it from the k8s cluster
      def dockerImage = new DockerImage(product, component, null, env.BRANCH_NAME, env.GIT_COMMIT, env.LAST_COMMIT_TIMESTAMP)
      def subscription = env.SUBSCRIPTION_NAME
      def aksServiceName = dockerImage.getAksServiceName().toLowerCase()
      def serviceBusSecret = "reform-scan-sb-preview"
      def namespace = new TeamConfig(this).getNameSpace(product)

      def kubectl = new Kubectl(this, subscription, namespace)
      kubectl.login()

      env.NOTIFICATION_QUEUE_NAME = "${aksServiceName}-servicebus-notifications"
      env.NOTIFICATION_QUEUE_NAMESPACE = "reform-scan-sb-preview"
      env.NOTIFICATION_QUEUE_ACCESS_KEY_WRITE = kubectl.getSecret(serviceBusSecret, namespace, "{.data.primaryKey}")
      env.NOTIFICATION_QUEUE_ACCESS_KEY_NAME_WRITE = "RootManageSharedAccessKey"
    }
  }

  enableDbMigration('reform-scan') // vault 'prefix'
  enableAksStagingDeployment()
  enableSlackNotifications(channel)
  disableLegacyDeployment()

  onNonPR() {
    loadVaultSecrets(nonPrSecrets)
  }

  onPR() {
    loadVaultSecrets(prSecrets)
  }
  def branchesToSync = ['demo', 'perftest']
  syncBranchesWithMaster(branchesToSync)
}