From 6e47c6065a94f8b1c53660518e9e39a709128649 Mon Sep 17 00:00:00 2001 From: Julian Bermudez Date: Thu, 9 May 2024 09:59:12 -0500 Subject: [PATCH] NEXUS-42658 - Refactoring Jenkinsfiles --- Jenkinsfile-Internal-Release | 50 ++++++++----- Jenkinsfile-Release | 116 +++++++++++++++--------------- Jenkinsfile.rh | 20 ++++-- build_red_hat_image.sh | 21 ++++-- build_red_hat_image_for_java11.sh | 56 --------------- 5 files changed, 124 insertions(+), 139 deletions(-) delete mode 100755 build_red_hat_image_for_java11.sh diff --git a/Jenkinsfile-Internal-Release b/Jenkinsfile-Internal-Release index 0c5e42b0..3fe6ec7e 100644 --- a/Jenkinsfile-Internal-Release +++ b/Jenkinsfile-Internal-Release @@ -25,6 +25,14 @@ node('ubuntu-zion') { def imageName = 'sonatype/nexus3', archiveName = 'docker-nexus3' + def JAVA_8 = 'java8' + def JAVA_11 = 'java11' + def JAVA_17 = 'java17' + + def DOCKERFILE_JAVA_8 = 'Dockerfile' + def DOCKERFILE_JAVA_11 = 'Dockerfile.java11' + def DOCKERFILE_JAVA_17 = 'Dockerfile.java17' + try { stage('Preparation') { deleteDir() @@ -44,20 +52,25 @@ node('ubuntu-zion') { if (params.nexus_repository_manager_version) { stage('Update Repository Manager Version') { OsTools.runSafe(this, "git checkout ${branch}") - updateRepositoryManagerVersion("${pwd()}/Dockerfile", 'java8') - updateRepositoryManagerVersion("${pwd()}/Dockerfile.java11", 'java11') - updateRepositoryManagerVersion("${pwd()}/Dockerfile.java17", 'java17') + def javaVersionsDockerfilesMap = [ + (JAVA_8): DOCKERFILE_JAVA_8, + (JAVA_11): DOCKERFILE_JAVA_11, + (JAVA_17): DOCKERFILE_JAVA_17 + ] + javaVersionsDockerfilesMap.each { javaVersion, dockerfile -> + updateRepositoryManagerVersion("${pwd()}/${dockerfile}", javaVersion) + } version = getShortVersion(params.nexus_repository_manager_version) } } } stage('Build') { - def dockerfilePath = 'Dockerfile' - if (params.java_version == OPENJDK11) { - dockerfilePath = 'Dockerfile.java11' - } else if (params.java_version == OPENJDK17) { - dockerfilePath = 'Dockerfile.java17' - } + def dockerfilesMap = [ + (OPENJDK8): DOCKERFILE_JAVA_8, + (OPENJDK11): DOCKERFILE_JAVA_11, + (OPENJDK17): DOCKERFILE_JAVA_17 + ] + def dockerfilePath = dockerfilesMap.get(params.java_version) def baseImage = extractBaseImage(dockerfilePath) def baseImageRefFactory = load 'scripts/BaseImageReference.groovy' def baseImageReference = baseImageRefFactory.build(this, baseImage as String) @@ -88,17 +101,18 @@ node('ubuntu-zion') { if (branch == 'main') { stage('Push image to RSC') { withSonatypeDockerRegistry() { - if (params.java_version == OPENJDK11) { - sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java11" - sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java11" - } else if (params.java_version == OPENJDK17) { - sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java17" - sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java17" - } else { + def javaVersionSuffixesMap = [ + (OPENJDK8): JAVA_8, + (OPENJDK11): JAVA_11, + (OPENJDK17): JAVA_17 + ] + def javaVersionSuffix = javaVersionSuffixesMap.get(params.java_version) + + sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-${javaVersionSuffix}" + sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-${javaVersionSuffix}" + if (params.java_version == OPENJDK8) { sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}" sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}" - sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java8" - sh "docker push docker-all.repo.sonatype.com/sonatype-internal/nexus3:${version}-java8" } } } diff --git a/Jenkinsfile-Release b/Jenkinsfile-Release index 653cddd8..6e011f97 100644 --- a/Jenkinsfile-Release +++ b/Jenkinsfile-Release @@ -31,12 +31,13 @@ node('ubuntu-zion') { credentialsId = 'jenkins-github', imageName = 'sonatype/nexus3', archiveName = 'docker-nexus3', - dockerHubRepository = 'nexus3', - java8 = 'java8', - java11 = 'java11', - java17 = 'java17' + dockerHubRepository = 'nexus3' GitHub gitHub + def JAVA_8 = 'java8' + def JAVA_11 = 'java11' + def JAVA_17 = 'java17' + try { stage('Preparation') { deleteDir() @@ -71,48 +72,43 @@ node('ubuntu-zion') { version = readVersion() def apiToken - withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: credentialsId, - usernameVariable: 'GITHUB_API_USERNAME', passwordVariable: 'GITHUB_API_PASSWORD']]) { + withCredentials([[$class: 'UsernamePasswordMultiBinding', + credentialsId: credentialsId, + usernameVariable: 'GITHUB_API_USERNAME', + passwordVariable: 'GITHUB_API_PASSWORD']]) { apiToken = env.GITHUB_API_PASSWORD } gitHub = new GitHub(this, "${organization}/${gitHubRepository}", apiToken) + def dockerfileLocationsMap = [ + (OPENJDK8): dockerFileLocations, + (OPENJDK11): dockerJava11FileLocations, + (OPENJDK17): dockerJava17FileLocations + ] + def chosenDockerfileLocations = dockerfileLocationsMap.get(params.java_version) + if (params.nexus_repository_manager_version && params.nexus_repository_manager_version_sha) { stage('Update Repository Manager Version') { OsTools.runSafe(this, "git checkout ${branch}") - - if (params.java_version == OPENJDK11) { - dockerJava11FileLocations.each { updateRepositoryManagerVersion(it) } - } else if (params.java_version == OPENJDK17) { - dockerJava17FileLocations.each { updateRepositoryManagerVersion(it) } - } else { - dockerFileLocations.each { updateRepositoryManagerVersion(it) } - } + chosenDockerfileLocations.each { updateRepositoryManagerVersion(it) } version = getShortVersion(params.nexus_repository_manager_version) } } if (params.nexus_repository_manager_cookbook_version) { stage('Update Repository Manager Cookbook Version') { OsTools.runSafe(this, "git checkout ${branch}") - if (params.java_version == OPENJDK11) { - dockerJava11FileLocations.each { updateRepositoryCookbookVersion(it) } - } else if (params.java_version == OPENJDK17) { - dockerJava17FileLocations.each { updateRepositoryCookbookVersion(it) } - } else { - dockerFileLocations.each { updateRepositoryCookbookVersion(it) } - } + chosenDockerfileLocations.each { updateRepositoryCookbookVersion(it) } } } } stage('Build') { gitHub.statusUpdate commitId, 'pending', 'build', 'Build is running' - - def dockerfilePath = 'Dockerfile' - if (params.java_version == OPENJDK11) { - dockerfilePath = 'Dockerfile.java11' - } else if (params.java_version == OPENJDK17) { - dockerfilePath = 'Dockerfile.java17' - } + def dockerfilesMap = [ + (OPENJDK8): 'Dockerfile', + (OPENJDK11): 'Dockerfile.java11', + (OPENJDK17): 'Dockerfile.java17' + ] + def dockerfilePath = dockerfilesMap.get(params.java_version) def baseImage = extractBaseImage(dockerfilePath) def baseImageRefFactory = load 'scripts/BaseImageReference.groovy' def baseImageReference = baseImageRefFactory.build(this, baseImage as String) @@ -190,27 +186,36 @@ node('ubuntu-zion') { input 'Push image and tags?' stage('Push image') { def dockerhubApiToken - withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'docker-hub-credentials', - usernameVariable: 'DOCKERHUB_API_USERNAME', passwordVariable: 'DOCKERHUB_API_PASSWORD']]) { - if (params.java_version == OPENJDK11) { - OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${java11}") - } else if (params.java_version == OPENJDK17) { - OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${java17}") - } else { + + withCredentials([[$class: 'UsernamePasswordMultiBinding', + credentialsId: 'docker-hub-credentials', + usernameVariable: 'DOCKERHUB_API_USERNAME', + passwordVariable: 'DOCKERHUB_API_PASSWORD']]) { + def javaVersionSuffixesMap = [ + (OPENJDK8): JAVA_8, + (OPENJDK11): JAVA_11, + (OPENJDK17): JAVA_17 + ] + def javaVersionSuffix = javaVersionSuffixesMap.get(params.java_version) + + OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${javaVersionSuffix}") + if (params.java_version == OPENJDK8) { OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}") - OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:${version}-${java8}") OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:latest") } + OsTools.runSafe(this, """ docker login --username ${env.DOCKERHUB_API_USERNAME} --password ${env.DOCKERHUB_API_PASSWORD} """) - if (params.java_version == OPENJDK11) { - OsTools.runSafe(this, "docker push ${organization}/${dockerHubRepository}:${version}-${java11}") - } else if (params.java_version == OPENJDK17) { - OsTools.runSafe(this, "docker push ${organization}/${dockerHubRepository}:${version}-${java17}") - } else { - OsTools.runSafe(this, "docker push --all-tags ${organization}/${dockerHubRepository}") - } + + def dockerPushCmdsMap = [ + (OPENJDK8): "docker push --all-tags ${organization}/${dockerHubRepository}", + (OPENJDK11): "docker push ${organization}/${dockerHubRepository}-${JAVA_11}", + (OPENJDK17): "docker push ${organization}/${dockerHubRepository}-${JAVA_17}" + ] + def dockerPushCmd = dockerPushCmdsMap.get(params.java_version) + + OsTools.runSafe(this, dockerPushCmd) response = OsTools.runSafe(this, """ curl -X POST https://hub.docker.com/v2/users/login/ \ @@ -231,24 +236,21 @@ node('ubuntu-zion') { // push to internal repos withSonatypeDockerRegistry() { - if (params.java_version == OPENJDK11) { - sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java11}" - sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java11}" - } else if (params.java_version == OPENJDK17) { - sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java17}" - sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java17}" - } else { + sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${javaVersionSuffix}" + sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${javaVersionSuffix}" + + if (params.java_version == OPENJDK8) { sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}" sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}" - sh "docker tag ${imageId} docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java8}" - sh "docker push docker-all.repo.sonatype.com/sonatype-internal/${dockerHubRepository}:${version}-${java8}" } } } } stage('Push tags') { - withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: credentialsId, - usernameVariable: 'GITHUB_API_USERNAME', passwordVariable: 'GITHUB_API_PASSWORD']]) { + withCredentials([[$class: 'UsernamePasswordMultiBinding', + credentialsId: credentialsId, + usernameVariable: 'GITHUB_API_USERNAME', + passwordVariable: 'GITHUB_API_PASSWORD']]) { OsTools.runSafe(this, "git tag ${version}") OsTools.runSafe(this, """ git push \ @@ -261,8 +263,10 @@ node('ubuntu-zion') { } else if(params.update_latest_only) { stage('Push tags') { - withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'docker-hub-credentials', - usernameVariable: 'DOCKERHUB_API_USERNAME', passwordVariable: 'DOCKERHUB_API_PASSWORD']]) { + withCredentials([[$class: 'UsernamePasswordMultiBinding', + credentialsId: 'docker-hub-credentials', + usernameVariable: 'DOCKERHUB_API_USERNAME', + passwordVariable: 'DOCKERHUB_API_PASSWORD']]) { OsTools.runSafe(this, "docker tag ${imageId} ${organization}/${dockerHubRepository}:latest") OsTools.runSafe(this, """ docker login --username ${env.DOCKERHUB_API_USERNAME} --password ${env.DOCKERHUB_API_PASSWORD} diff --git a/Jenkinsfile.rh b/Jenkinsfile.rh index cd0594b3..44357914 100644 --- a/Jenkinsfile.rh +++ b/Jenkinsfile.rh @@ -18,6 +18,10 @@ properties([ ]) node('ubuntu-zion') { + def JAVA_8 = 'java8' + def JAVA_11 = 'java11' + def JAVA_17 = 'java17' + try { stage('Preparation') { deleteDir() @@ -41,11 +45,17 @@ node('ubuntu-zion') { credentialsId: 'red-hat-api-token', variable: 'API_TOKEN') ]) { - if (params.java_version == OPENJDK11) { - sh 'PATH="$PATH:." VERSION=$version ./build_red_hat_image_for_java11.sh' - } else { - sh 'PATH="$PATH:." VERSION=$version ./build_red_hat_image.sh' - } + def javaVersionsMap = [ + (OPENJDK8): JAVA_8, + (OPENJDK11): JAVA_11, + (OPENJDK17): JAVA_17 + ] + def javaVersion = javaVersionsMap.get(params.java_version) + + def buildRedhatImageShCmd = 'PATH="$PATH:." VERSION=$version ' + + "JAVA_VERSION=${javaVersion} " + + './build_red_hat_image.sh' + sh buildRedhatImageShCmd } } } finally { diff --git a/build_red_hat_image.sh b/build_red_hat_image.sh index eed577aa..eae0f5aa 100755 --- a/build_red_hat_image.sh +++ b/build_red_hat_image.sh @@ -24,30 +24,43 @@ # * REGISTRY_LOGIN from Red Hat config page for image # * REGISTRY_PASSWORD from Red Hat config page for image # * API_TOKEN from red hat token/account page for API access +# * JAVA_VERSION java version to version docker images (e.g.: "java8", "java11", "java17") set -x # log commands as they execute set -e # stop execution on the first failed command -DOCKERFILE=Dockerfile.rh.ubi +JAVA_8="java8" + +DOCKERFILE="Dockerfile.rh.ubi" # from config/scanning page at red hat CERT_PROJECT_ID=5e61d90a38776799eb517bd2 REPOSITORY="quay.io" -IMAGE_TAG="${REPOSITORY}/redhat-isv-containers/${CERT_PROJECT_ID}:${VERSION}" IMAGE_LATEST="${REPOSITORY}/redhat-isv-containers/${CERT_PROJECT_ID}:latest" +IMAGE_TAG="${REPOSITORY}/redhat-isv-containers/${CERT_PROJECT_ID}:${VERSION}" +DOCKER_TAG_CMD="${IMAGE_TAG} ${IMAGE_LATEST}" + +if [[ $JAVA_VERSION != $JAVA_8 ]]; then + DOCKERFILE="Dockerfile.rh.ubi.${JAVA_VERSION}" + IMAGE_TAG="${REPOSITORY}/redhat-isv-containers/${CERT_PROJECT_ID}:${VERSION}-${JAVA_VERSION}" + DOCKER_TAG_CMD="${IMAGE_TAG}" +fi AUTHFILE="${HOME}/.docker/config.json" docker build -f "${DOCKERFILE}" -t "${IMAGE_TAG}" . -docker tag "${IMAGE_TAG}" "${IMAGE_LATEST}" +docker tag "${DOCKER_TAG_CMD}" docker login "${REPOSITORY}" \ -u "${REGISTRY_LOGIN}" \ --password "${REGISTRY_PASSWORD}" docker push "${IMAGE_TAG}" -docker push "${IMAGE_LATEST}" + +if [[ $JAVA_VERSION == $JAVA_8 ]]; then + docker push "${IMAGE_LATEST}" +fi preflight check container \ "${IMAGE_TAG}" \ diff --git a/build_red_hat_image_for_java11.sh b/build_red_hat_image_for_java11.sh deleted file mode 100755 index f48de3fc..00000000 --- a/build_red_hat_image_for_java11.sh +++ /dev/null @@ -1,56 +0,0 @@ -#!/usr/bin/env bash -# -# Copyright (c) 2017-present Sonatype, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# prerequisites: -# * software: -# * https://github.com/redhat-openshift-ecosystem/openshift-preflight -# * https://podman.io/ -# * environment variables: -# * VERSION of the docker image to build for the red hat registry -# * REGISTRY_LOGIN from Red Hat config page for image -# * REGISTRY_PASSWORD from Red Hat config page for image -# * API_TOKEN from red hat token/account page for API access - -set -x # log commands as they execute -set -e # stop execution on the first failed command - -DOCKERFILE=Dockerfile.rh.ubi.java11 -JAVA_VERSION="java11" - -# from config/scanning page at red hat -CERT_PROJECT_ID=5e61d90a38776799eb517bd2 - -REPOSITORY="quay.io" -IMAGE_TAG="${REPOSITORY}/redhat-isv-containers/${CERT_PROJECT_ID}:${VERSION}-${JAVA_VERSION}" - -AUTHFILE="${HOME}/.docker/config.json" - -docker build -f "${DOCKERFILE}" -t "${IMAGE_TAG}" . -docker tag "${IMAGE_TAG}" - -docker login "${REPOSITORY}" \ - -u "${REGISTRY_LOGIN}" \ - --password "${REGISTRY_PASSWORD}" - -docker push "${IMAGE_TAG}" - -preflight check container \ - "${IMAGE_TAG}" \ - --docker-config="${AUTHFILE}" \ - --submit \ - --certification-project-id="${CERT_PROJECT_ID}" \ - --pyxis-api-token="${API_TOKEN}"