PR#138: Introducing CI for STR. - standard-test-roles

standard-test-roles

#138 Introducing CI for STR.

Merged 6 years ago by astepano. Opened 6 years ago by astepano.

cipipeline into master

Introducing CI for STR.

Andrei Stepanov • 6 years ago

01c25c4

ci/Dockerfile

file added

+12

		`@@ -0,0 +1,12 @@`
		`+ FROM docker.io/centos:latest`
		`+ LABEL maintainer "Andrei Stepanov <astepano@redhat.com>"`
		`+ ENV PARAM_WDIR="/var"`
		`+ RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm`
		`+ RUN sed -i -e '/\[main\]/aip_resolve=4' /etc/yum.conf`
		`+ RUN yum install -y copr-cli nss_wrapper fedora-packager wget rpmdevtools; \`
		`+ yum clean all; \`
		`+ rm -rf /var/cache/yum`
		`+ WORKDIR "$PARAM_WDIR"`
		`+ VOLUME [$PARAM_WDIR]`
		`+ RUN chgrp -R 0 "$PARAM_WDIR" && chmod -R g+rwX "$PARAM_WDIR"`
		`+ USER 1001`

ci/Jenkinsfile

file added

+135

		`@@ -0,0 +1,135 @@`
		`+ #!/usr/bin/env groovy`
		`+ /*`
		`+ https://jenkins.io/doc/pipeline/steps/`
		`+ https://jenkins-fedora-atomic-process.apps.ci.centos.org/pipeline-syntax/`
		`+ */`
		`+`
		`+ env.DOCKER_REPO_URL = env.DOCKER_REPO_URL ?: '172.30.254.79:5000'`
		`+ env.OPENSHIFT_NAMESPACE = env.OPENSHIFT_NAMESPACE ?: 'fedora-atomic-process'`
		`+ env.OPENSHIFT_SERVICE_ACCOUNT = env.OPENSHIFT_SERVICE_ACCOUNT ?: 'jenkins'`
		`+ env.ghprbActualCommit = env.ghprbActualCommit ?: 'master'`
		`+ openshiftProject = "fedora-atomic-process"`
		`+ STABLE_LABEL = "1.0"`
		`+`
		`+ pipeline {`
		`+ agent {`
		`+ kubernetes {`
		`+ cloud 'openshift'`
		`+ // label for pod`
		`+ label 'str-tester-' + env.ghprbActualCommit`
		`+ containerTemplate {`
		`+ name 'tester'`
		`+ image DOCKER_REPO_URL + '/' + openshiftProject + '/str-tester:' + STABLE_LABEL`
		`+ ttyEnabled true`
		`+ command 'cat'`
		`+ }`
		`+ }`
		`+ }`
		`+ options {`
		`+ buildDiscarder(logRotator(numToKeepStr:'10'))`
		`+ disableConcurrentBuilds()`
		`+ }`
		`+ parameters {`
		`+ string(name: 'PULLREQNUM', defaultValue: '', description: 'Optional. Pull request number.')`
		`+ string(name: 'REFSPEC', defaultValue: '', description: 'Optional. Git refspec.')`
		`+ string(name: 'REPO', defaultValue: '', description: 'Pagure parameter. https://docs.pagure.org/pagure/usage/pagure_ci.html')`
		`+ string(name: 'BRANCH', defaultValue: '', description: 'Pagure parameter.')`
		`+ }`
		`+ stages {`
		`+ stage('Info') {`
		`+ steps {`
		`+ echo "Running ${env.BUILD_ID} on ${env.JENKINS_URL}"`
		`+ container('tester') {`
		`+ // You can skip container() {} than all steps will go to 'tester'`
		`+ sh 'cat /etc/os-release'`
		`+ }`
		`+ container('jnlp') {`
		`+ sh 'cat /etc/os-release'`
		`+ }`
		`+ }`
		`+ }`
		`+ stage('Source') {`
		`+ environment {`
		`+ PULLREQNUM = "${params.PULLREQNUM}"`
		`+ }`
		`+ steps {`
		`+ git branch: 'master', url: 'https://pagure.io/standard-test-roles.git'`
		`+ // withEnv doesn't work with kubernetes plugin`
		`+ // https://issues.jenkins-ci.org/browse/JENKINS-40647`
		`+ sh """`
		`+ echo \$PWD`
		`+ echo PULLREQNUM="${env.PULLREQNUM}" >> "\$PWD/jenv"`
		`+ echo REFSPEC="${env.REFSPEC}" >> "\$PWD/jenv"`
		`+ echo REPO="${env.REPO}" >> "\$PWD/jenv"`
		`+ echo BRANCH="${env.BRANCH}" >> "\$PWD/jenv"`
		`+ """`
		`+ sh '''`
		`+ set -efux`
		`+ source "$PWD/jenv"`
		`+ cp -f /etc/passwd "$HOME"`
		`+ echo "osci:x:$(id -u):$(id -g):OSCI team:${HOME}:/bin/bash" >> $HOME/passwd`
		`+ export LD_PRELOAD=libnss_wrapper.so`
		`+ export NSS_WRAPPER_PASSWD=$HOME/passwd`
		`+ export NSS_WRAPPER_GROUP=/etc/group`
		`+ env`
		`+ git config --global user.email "ci@lists.fedoraproject.org"`
		`+ git config --global user.name "OSCI team"`
		`+ if [ -n "${REPO:-}" -a -n "${BRANCH:-}" ]; then`
		`+ echo "Use repo: ${REPO} and branch: ${BRANCH}"`
		`+ git remote rm proposed \|\| true`
		`+ git remote add proposed "$REPO"`
		`+ git fetch proposed`
		`+ git checkout origin/master`
		`+ git merge --no-ff "proposed/$BRANCH" -m "Merge PR"`
		`+ elif [ -n "${REFSPEC:-}" ]; then`
		`+ echo "Use refspec: ${REFSPEC}"`
		`+ git merge --no-ff "${REFSPEC}"`
		`+ elif [ -n "${PULLREQNUM:-}" ]; then`
		`+ echo "Use PR number: ${PULLREQNUM}"`
		`+ git fetch origin "refs/pull/${PULLREQNUM}/head:refs/remotes/origin/pr/${PULLREQNUM}"`
		`+ git merge --no-ff "remotes/origin/pr/${PULLREQNUM}"`
		`+ fi`
		`+ echo "Test next changes:"`
		`+ git show HEAD^2`
		`+ '''`
		`+ }`
		`+ }`
		`+ stage('SRPM') {`
		`+ steps {`
		`+ sh '''`
		`+ set -efux`
		`+ export LD_PRELOAD=libnss_wrapper.so`
		`+ export NSS_WRAPPER_PASSWD=$HOME/passwd`
		`+ export NSS_WRAPPER_GROUP=/etc/group`
		`+ wget 'https://src.fedoraproject.org/rpms/standard-test-roles/raw/master/f/standard-test-roles.spec'`
		`+ # Take hash for merged branch`
		`+ COMMIT_HASH="$(git log --pretty=format:%h -n 1 HEAD^2)"`
		`+ rpmdev-bumpspec --comment="Temporary build based on $COMMIT_HASH" --userstring='OSCI Team <ci@lists.fedoraproject.org>' -s "${COMMIT_HASH}." standard-test-roles.spec`
		+ SOURCE0="$(basename -a `spectool -s 0 standard-test-roles.spec` \| tail -n 1)"
		`+ ARC_FORMAT="tar.gz"`
		`+ ARC_PREFIX="$(basename "$SOURCE0" ".${ARC_FORMAT}")/"`
		`+ GIT_DIR=./.git/ git archive --format="$ARC_FORMAT" --prefix "$ARC_PREFIX" -o "$SOURCE0" -v "$COMMIT_HASH"`
		`+ ls -l "$SOURCE0"`
		`+ export GROUP="$(id -g)"`
		`+ export USER="$(id -u)"`
		`+ chown "$USER"."$GROUP" "$SOURCE0"`
		`+ chown "$USER"."$GROUP" standard-test-roles.spec`
		`+ rpmbuild --undefine="dist" --define="_sourcedir $PWD" --define="%_srcrpmdir $PWD" -bs standard-test-roles.spec`
		`+ '''`
		`+ }`
		`+ }`
		`+ stage('COPR') {`
		`+ steps {`
		`+ withCredentials([file(credentialsId: 'secret_id_for_copr_config', variable: 'COPRCONFIG')]) {`
		`+ sh """`
		`+ set -efux`
		`+ SRPMFILE="\$(find . -name '*src.rpm' \| head -n 1)"`
		`+ mkdir -p ~/.config`
		`+ cp -f "$COPRCONFIG" ~/.config/copr`
		`+ copr-cli build @osci/standard-test-roles "\$SRPMFILE" 2>&1`
		`+ """`
		`+ }`
		`+ }`
		`+ }`
		`+ }`
		`+ }`

ci/readme.md

file added

+48

		`@@ -0,0 +1,48 @@`
		`+ # Jenkins configure`
		`+`
		`+ Job runs at: [Centos OpenShift](https://jenkins-fedora-atomic-process.apps.ci.centos.org/credentials/)`
		`+`
		`+ In job configure:`
		`+`
		`+ * At Job Notifications add Notification Endpoints.`
		`+ * At Build Triggers add Trigger builds remotely (e.g., from scripts)`
		`+`
		`+ More at: [Pagure CI for Jenkins](https://docs.pagure.org/pagure/usage/pagure_ci_jenkins.html)`
		`+`
		`+ #### Grant to Anonymous user Read access`
		`+`
		`+ "Manage Jenkins" -> "Configure Global Security" and for "Anonymous Users" check:`
		`+`
		`+ * Overall = Read`
		`+ * Job = Read`
		`+`
		`+ #### Copr config`
		`+`
		`+ Jenkins -> Credentials -> System -> Global credentials (unrestricted) -> Add Credentials`
		`+`
		`+ Type: Secret file.`
		`+`
		+ Assign `secret_id_for_copr_config` for ID.
		`+`
		`+ # OpenShift`
		`+`
		`+ Create an image with:`
		`+`
		`+ cat Dockerfile \| oc new-build -D - --name='str-tester'`
		`+`
		`+ This image will be used as Jenkins slave for testing needs.`
		`+ Workflow is based on Kubernetes plugin:`
		`+`
		`+ * [Jenkins portal page](https://jenkins.io/doc/pipeline/steps/kubernetes/)`
		`+ * [Github project](https://github.com/jenkinsci/kubernetes-plugin)`
		`+`
		`+ # Useful links`
		`+`
		`+ * [Jenkinsfile](https://jenkins.io/doc/book/pipeline/jenkinsfile/)`
		`+ * [Groovy syntax](http://groovy-lang.org/syntax.html)`
		`+ * [Pipeline](https://jenkins.io/doc/book/pipeline/)`
		`+ * [Pipeline syntax](https://jenkins.io/doc/book/pipeline/syntax/)`
		`+ * [Pipeline steps](https://jenkins.io/doc/pipeline/steps/)`
		`+ * [Pipeline workflow](https://jenkins.io/doc/pipeline/steps/workflow-basic-steps/)`
		`+ * [Tutorial pipeline](https://github.com/jenkinsci/pipeline-plugin/blob/master/TUTORIAL.md)`
		`+`