From a29bc775e6db13d4af34ce0170b70a7fe962d84e Mon Sep 17 00:00:00 2001 From: cschabert Date: Wed, 3 Aug 2022 15:01:59 +0200 Subject: [PATCH] RED-4758: Adjust buildjob --- .../src/main/java/buildjob/PlanSpec.java | 106 +++++++++--------- .../main/resources/scripts/docker-build.sh | 40 ++++++- .../src/main/resources/scripts/git-tag.sh | 9 -- .../src/test/java/buildjob/PlanSpecTest.java | 6 + version.yaml | 2 + 5 files changed, 101 insertions(+), 62 deletions(-) delete mode 100755 bamboo-specs/src/main/resources/scripts/git-tag.sh create mode 100644 version.yaml diff --git a/bamboo-specs/src/main/java/buildjob/PlanSpec.java b/bamboo-specs/src/main/java/buildjob/PlanSpec.java index cb0e5c1..2b1e23f 100644 --- a/bamboo-specs/src/main/java/buildjob/PlanSpec.java +++ b/bamboo-specs/src/main/java/buildjob/PlanSpec.java @@ -1,5 +1,9 @@ package buildjob; +import static com.atlassian.bamboo.specs.builders.task.TestParserTask.createJUnitParserTask; + +import java.time.LocalTime; + import com.atlassian.bamboo.specs.api.BambooSpec; import com.atlassian.bamboo.specs.api.builders.BambooKey; import com.atlassian.bamboo.specs.api.builders.docker.DockerConfiguration; @@ -20,6 +24,7 @@ import com.atlassian.bamboo.specs.builders.task.VcsCheckoutTask; import com.atlassian.bamboo.specs.builders.task.CleanWorkingDirectoryTask; import com.atlassian.bamboo.specs.builders.task.VcsTagTask; import com.atlassian.bamboo.specs.builders.trigger.BitbucketServerTrigger; +import com.atlassian.bamboo.specs.builders.trigger.ScheduledTrigger; import com.atlassian.bamboo.specs.model.task.InjectVariablesScope; import com.atlassian.bamboo.specs.api.builders.Variable; import com.atlassian.bamboo.specs.util.BambooServer; @@ -48,6 +53,11 @@ public class PlanSpec { bambooServer.publish(plan); PlanPermissions planPermission = new PlanSpec().createPlanPermission(plan.getIdentifier()); bambooServer.publish(planPermission); + + Plan secPlan = new PlanSpec().createSecBuild(); + bambooServer.publish(secPlan); + PlanPermissions secPlanPermission = new PlanSpec().createPlanPermission(secPlan.getIdentifier()); + bambooServer.publish(secPlanPermission); } private PlanPermissions createPlanPermission(PlanIdentifier planIdentifier) { @@ -94,49 +104,7 @@ public class PlanSpec { .description("Build Docker container.") .location(Location.FILE) .fileFromPath("bamboo-specs/src/main/resources/scripts/docker-build.sh") - .argument(SERVICE_NAME)) - .dockerConfiguration( - new DockerConfiguration() - .image("nexus.iqser.com:5001/infra/release_build:4.5.0") - .volume("/var/run/docker.sock", "/var/run/docker.sock")), - new Job("Sonar Job", new BambooKey("SONAR")) - .tasks( - new CleanWorkingDirectoryTask() - .description("Clean working directory.") - .enabled(true), - new VcsCheckoutTask() - .description("Checkout default repository.") - .checkoutItems(new CheckoutItem().defaultRepository()), - new ScriptTask() - .description("Set config and keys.") - .inlineBody("mkdir -p ~/.ssh\n" + - "echo \"${bamboo.bamboo_agent_ssh}\" | base64 -d >> ~/.ssh/id_rsa\n" + - "echo \"host vector.iqser.com\" > ~/.ssh/config\n" + - "echo \" user bamboo-agent\" >> ~/.ssh/config\n" + - "chmod 600 ~/.ssh/config ~/.ssh/id_rsa"), - new ScriptTask() - .description("Run Sonarqube scan.") - .location(Location.FILE) - .fileFromPath("bamboo-specs/src/main/resources/scripts/sonar-scan.sh") - .argument(SERVICE_NAME)) - .dockerConfiguration( - new DockerConfiguration() - .image("nexus.iqser.com:5001/infra/release_build:4.2.0") - .volume("/var/run/docker.sock", "/var/run/docker.sock"))), - new Stage("Licence Stage") - .jobs( - new Job("Git Tag Job", new BambooKey("GITTAG")) - .tasks( - new CleanWorkingDirectoryTask() - .description("Clean working directory.") - .enabled(true), - new VcsCheckoutTask() - .description("Checkout default repository.") - .checkoutItems(new CheckoutItem().defaultRepository()), - new ScriptTask() - .description("Build git tag.") - .location(Location.FILE) - .fileFromPath("bamboo-specs/src/main/resources/scripts/git-tag.sh"), + .argument(SERVICE_NAME), new InjectVariablesTask() .description("Inject git tag.") .path("git.tag") @@ -148,7 +116,8 @@ public class PlanSpec { .defaultRepository()) .dockerConfiguration( new DockerConfiguration() - .image("nexus.iqser.com:5001/infra/release_build:4.5.0")), + .image("nexus.iqser.com:5001/infra/release_build:4.5.0") + .volume("/var/run/docker.sock", "/var/run/docker.sock")), new Job("Licence Job", new BambooKey("LICENCE")) .enabled(false) .tasks( @@ -165,13 +134,48 @@ public class PlanSpec { .volume("/etc/maven/settings.xml", "/usr/share/maven/ref/settings.xml") .volume("/var/run/docker.sock", "/var/run/docker.sock")))) .linkedRepositories("RR / " + SERVICE_NAME) - .triggers(new BitbucketServerTrigger()) - .planBranchManagement(new PlanBranchManagement() - .createForVcsBranch() - .delete(new BranchCleanup() - .whenInactiveInRepositoryAfterDays(14)) - .notificationForCommitters()); + .triggers( + new BitbucketServerTrigger()) + .planBranchManagement( + new PlanBranchManagement() + .createForVcsBranch() + .delete( + new BranchCleanup() + .whenInactiveInRepositoryAfterDays(14)) + .notificationForCommitters()); } - + public Plan createSecBuild() { + return new Plan(project(), SERVICE_NAME + "-Sec", new BambooKey(SERVICE_KEY + "SEC")).description("Security Analysis Plan") + .stages(new Stage("Default Stage").jobs( + new Job("Sonar Job", new BambooKey("SONAR")) + .tasks( + new CleanWorkingDirectoryTask() + .description("Clean working directory.") + .enabled(true), + new VcsCheckoutTask() + .description("Checkout default repository.") + .checkoutItems(new CheckoutItem().defaultRepository()), + new ScriptTask() + .description("Set config and keys.") + .location(Location.FILE) + .fileFromPath("bamboo-specs/src/main/resources/scripts/key-prepare.sh"), + new ScriptTask() + .description("Run Sonarqube scan.") + .location(Location.FILE) + .fileFromPath("bamboo-specs/src/main/resources/scripts/sonar-scan.sh") + .argument(SERVICE_NAME)) + .dockerConfiguration( + new DockerConfiguration() + .image("nexus.iqser.com:5001/infra/release_build:4.2.0") + .volume("/var/run/docker.sock", "/var/run/docker.sock")))) + .linkedRepositories("RR / " + SERVICE_NAME) + .triggers( + new ScheduledTrigger() + .scheduleOnceDaily(LocalTime.of(23, 00))) + .planBranchManagement( + new PlanBranchManagement() + .createForVcsBranchMatching("release.*") + .notificationForCommitters()); + } } diff --git a/bamboo-specs/src/main/resources/scripts/docker-build.sh b/bamboo-specs/src/main/resources/scripts/docker-build.sh index 8b6ab98..9b6757f 100755 --- a/bamboo-specs/src/main/resources/scripts/docker-build.sh +++ b/bamboo-specs/src/main/resources/scripts/docker-build.sh @@ -3,6 +3,42 @@ set -e SERVICE_NAME=$1 +if [[ "$bamboo_planRepository_branchName" == "master" ]] +then + branchVersion=$(cat version.yaml | grep -Eo "version: .*" | sed -s 's|version: \(.*\)\..*\..*|\1|g') + latestVersion=$( semver $(git tag -l "${branchVersion}.*" ) | tail -n1 ) + newVersion="$(semver $latestVersion -p -i minor)" + echo "new release on master with version $newVersion" +elif [[ "$bamboo_planRepository_branchName" == release* ]] +then + branchVersion=$(echo $bamboo_planRepository_branchName | sed -s 's|release\/\([0-9]\+\.[0-9]\+\)\.x|\1|') + latestVersion=$( semver $(git tag -l "${branchVersion}.*" ) | tail -n1 ) + newVersion="$(semver $latestVersion -p -i patch)" + echo "new release on $bamboo_planRepository_branchName with version $newVersion" +elif [[ "${bamboo_version_tag}" != "dev" ]] +then + newVersion="${bamboo_version_tag}" + echo "new special version bild with $newVersion" +else + newVersion="${bamboo_planRepository_1_branch}_${bamboo_buildNumber}" + echo "gitTag=${newVersion}" > git.tag + echo "dev build with tag ${newVersion}" + python3 -m venv build_venv + source build_venv/bin/activate + python3 -m pip install --upgrade pip + + pip install dvc + pip install 'dvc[ssh]' + dvc pull + + echo "index-url = https://${bamboo_nexus_user}:${bamboo_nexus_password}@nexus.iqser.com/repository/python-combind/simple" >> pip.conf + echo "${bamboo_nexus_password}" | docker login --username "${bamboo_nexus_user}" --password-stdin nexus.iqser.com:5001 + docker build -f Dockerfile . + exit 0 +fi + +echo "gitTag=${newVersion}" > git.tag + python3 -m venv build_venv source build_venv/bin/activate python3 -m pip install --upgrade pip @@ -12,6 +48,6 @@ pip install 'dvc[ssh]' dvc pull echo "index-url = https://${bamboo_nexus_user}:${bamboo_nexus_password}@nexus.iqser.com/repository/python-combind/simple" >> pip.conf +docker build -f Dockerfile -t nexus.iqser.com:5001/red/$SERVICE_NAME:${newVersion} . echo "${bamboo_nexus_password}" | docker login --username "${bamboo_nexus_user}" --password-stdin nexus.iqser.com:5001 -docker build -f Dockerfile -t nexus.iqser.com:5001/red/$SERVICE_NAME:${bamboo_version_tag} --build-arg VERSION_TAG=${bamboo_version_tag} . -docker push nexus.iqser.com:5001/red/$SERVICE_NAME:${bamboo_version_tag} +docker push nexus.iqser.com:5001/red/$SERVICE_NAME:${newVersion} diff --git a/bamboo-specs/src/main/resources/scripts/git-tag.sh b/bamboo-specs/src/main/resources/scripts/git-tag.sh deleted file mode 100755 index 2005666..0000000 --- a/bamboo-specs/src/main/resources/scripts/git-tag.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -set -e - -if [[ "${bamboo_version_tag}" = "dev" ]] -then - echo "gitTag=${bamboo_planRepository_1_branch}_${bamboo_buildNumber}" > git.tag -else - echo "gitTag=${bamboo_version_tag}" > git.tag -fi \ No newline at end of file diff --git a/bamboo-specs/src/test/java/buildjob/PlanSpecTest.java b/bamboo-specs/src/test/java/buildjob/PlanSpecTest.java index fada379..0496152 100644 --- a/bamboo-specs/src/test/java/buildjob/PlanSpecTest.java +++ b/bamboo-specs/src/test/java/buildjob/PlanSpecTest.java @@ -13,4 +13,10 @@ public class PlanSpecTest { EntityPropertiesBuilders.build(plan); } + + @Test + public void checkYourSecPlanOffline() throws PropertiesValidationException { + Plan secPlan = new PlanSpec().createSecBuild(); + EntityPropertiesBuilders.build(secPlan); + } } \ No newline at end of file diff --git a/version.yaml b/version.yaml new file mode 100644 index 0000000..44549af --- /dev/null +++ b/version.yaml @@ -0,0 +1,2 @@ +name: cv-analysis +version: 1.x.x \ No newline at end of file