152 lines
5.1 KiB
Groovy
Executable File
152 lines
5.1 KiB
Groovy
Executable File
pipeline {
|
|
agent any
|
|
|
|
environment {
|
|
TS = credentials('jc_turnstile')
|
|
DISCORD = credentials('jc_discord')
|
|
DISCORD_ERR_STAGING = credentials('jc_discord_err_staging')
|
|
DISCORD_ERR_PROD = credentials('jc_discord_err_prod')
|
|
}
|
|
|
|
stages{
|
|
stage ('Set up parameters') {
|
|
steps {
|
|
script{
|
|
properties ([
|
|
parameters([
|
|
booleanParam(defaultValue: true, description: 'Build from source', name: 'Build'),
|
|
booleanParam(defaultValue: true, description: 'Deploy to servers', name: 'Deploy'),
|
|
booleanParam(defaultValue: true, description: 'Update posts', name: 'Update'),
|
|
])
|
|
])
|
|
}
|
|
}
|
|
}
|
|
stage('Build') {
|
|
when {
|
|
expression {
|
|
return params.Build == true
|
|
}
|
|
}
|
|
steps {
|
|
git branch: 'master',
|
|
credentialsId: 'Git',
|
|
url: 'git@git.jakecharman.co.uk:jake/jc-ng.git'
|
|
|
|
sh "./build.sh git.jakecharman.co.uk/jake/jakecharman.co.uk $BUILD_NUMBER"
|
|
sh "./build.sh europe-west2-docker.pkg.dev/jakecharman/web/jakecharman.co.uk $BUILD_NUMBER"
|
|
}
|
|
}
|
|
|
|
stage('Security scan') {
|
|
when {
|
|
expression {
|
|
return params.Build == true
|
|
}
|
|
}
|
|
steps {
|
|
sh "docker kill sectest || true"
|
|
sh "docker rm sectest || true"
|
|
sh "docker run -d --name sectest git.jakecharman.co.uk/jake/jakecharman.co.uk:$BUILD_NUMBER"
|
|
sh "docker exec sectest pip3 install pip-audit --break-system-packages"
|
|
sh "docker exec sectest pip-audit"
|
|
sh "docker stop sectest"
|
|
sh "docker rm sectest"
|
|
}
|
|
}
|
|
|
|
stage('Push to local registry') {
|
|
when {
|
|
expression {
|
|
return params.Build == true
|
|
}
|
|
}
|
|
steps {
|
|
sh "docker push git.jakecharman.co.uk/jake/jakecharman.co.uk:$BUILD_NUMBER"
|
|
sh "docker push git.jakecharman.co.uk/jake/jakecharman.co.uk:latest"
|
|
}
|
|
}
|
|
|
|
stage('Deploy to staging server') {
|
|
when {
|
|
expression {
|
|
return params.Deploy == true
|
|
}
|
|
}
|
|
steps{
|
|
node('web-staging') {
|
|
sh "docker pull git.jakecharman.co.uk/jake/jakecharman.co.uk:latest"
|
|
sh "docker stop jake || true"
|
|
sh "docker rm jake || true"
|
|
sh "docker run --name jake -e DISCORD_ERR_HOOK=$DISCORD_ERR_STAGING -e DISCORD_WEBHOOK=$DISCORD -e TURNSTILE_SECRET=$TS --restart always --network containers_default -v /opt/containers/jc/projects/:/var/www/jc/projects/ -d git.jakecharman.co.uk/jake/jakecharman.co.uk:latest"
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Update content on staging server') {
|
|
when {
|
|
expression {
|
|
return params.Update == true
|
|
}
|
|
}
|
|
steps {
|
|
node('web-staging') {
|
|
git branch: 'master',
|
|
credentialsId: 'Git',
|
|
url: 'git@git.jakecharman.co.uk:jake/jc-content.git'
|
|
sh "rsync -rv --delete ./ /opt/containers/jc/projects/"
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Wait for confirmation to push to prod') {
|
|
steps {
|
|
timeout(time: 30, unit: 'MINUTES') {
|
|
input "Deploy to production?"
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Push to GCP registry') {
|
|
when {
|
|
expression {
|
|
return params.Build == true
|
|
}
|
|
}
|
|
steps {
|
|
sh "docker push europe-west2-docker.pkg.dev/jakecharman/web/jakecharman.co.uk:latest"
|
|
}
|
|
}
|
|
|
|
stage('Deploy to production') {
|
|
when {
|
|
expression {
|
|
return params.Deploy == true
|
|
}
|
|
}
|
|
steps{
|
|
sh "gcloud run deploy --project jakecharman --region europe-west1 --image europe-west2-docker.pkg.dev/jakecharman/web/jakecharman.co.uk:latest jakecharman-co-uk"
|
|
}
|
|
}
|
|
|
|
stage('Update content on production server') {
|
|
when {
|
|
expression {
|
|
return params.Update == true
|
|
}
|
|
}
|
|
steps {
|
|
git branch: 'master',
|
|
credentialsId: 'Git',
|
|
url: 'git@git.jakecharman.co.uk:jake/jc-content.git'
|
|
sh "gsutil rsync -rcd . gs://jakecharman.co.uk"
|
|
}
|
|
}
|
|
|
|
stage('Clear cache') {
|
|
steps{
|
|
sh "/var/lib/jenkins/clearCFCache/clearCache.py a514fb61e1413b88aabbb19df16b8508"
|
|
}
|
|
}
|
|
}
|
|
} |