Skip to content

Commit

Permalink
jobs: Add a bump-jenkins-plugins job
Browse files Browse the repository at this point in the history
We are creating this bump-jenkins-job in order to periodically update the latest plugins and the version of jenkins offered by https://github.com/openshift/jenkins.

bump-jenkins-job automates the process of checking for updates to Jenkins plugins, updating the plugin versions in a configuration file, pushing the changes to a Git repository, and opening a pull request for review.

Plugin Update Process:

The script reads a list of plugins from a file (jenkins/controller/plugins.txt) in the repository.
It iterates over each plugin, checks for updates, and if a newer version is available, it updates the version in the file.
For each plugin, it fetches the latest version by querying a URL constructed based on the Jenkins plugin repository structure.
If an update is found, it modifies the plugins.txt file to reflect the new version.
If any updates were made, it commits the changes to the plugins.txt file and pushes the changes to the pr_branch.
It also opens a pull request with the updated plugin versions.

Ref: #562

Co-authored-by: Michael Armijo <[email protected]>
  • Loading branch information
aaradhak and marmijo committed May 3, 2024
1 parent aa70ee8 commit a2f5d3a
Showing 1 changed file with 142 additions and 0 deletions.
142 changes: 142 additions & 0 deletions jobs/bump-jenkins-plugins.Jenkinsfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
repo = "coreos/fedora-coreos-pipeline"
fork_repo = "coreosbot-releng/fedora-coreos-pipeline"
botCreds = "github-coreosbot-releng-token-username-password"
pr_branch = "JenkinsPluginsUpdate"

/* Function to extract the plugin version from the plugin URL */
def getVersionFromPluginUrl(pluginUrl) {
/* example url : https://updates.jenkins.io/download/plugins/${pluginName}/latest/${pluginName}.hpi */
def parts = pluginUrl.split("/")
def pluginVersion
if (parts.size() >= 4) {
def groupId = parts[-3]
pluginVersion = parts[-2]
} else {
error("Unable to extract plugin version from the URL.")
}
return pluginVersion
}

node {
checkout scm: [
$class: 'GitSCM',
branches: [[name: "${pr_branch}"]],
userRemoteConfigs: [[url: "https://github.com/${fork_repo}.git"]],
extensions: [[$class: 'WipeWorkspace']]
]
/* Load utility functions */
pipeutils = load("utils.groovy")

properties([
pipelineTriggers([
/* Schedule to check once a month */
pollSCM('H H 1 * *')
]),
buildDiscarder(logRotator(
numToKeepStr: '100',
artifactNumToKeepStr: '100'
)),
durabilityHint('PERFORMANCE_OPTIMIZED')
])

try {
shwrap("""
git config --global user.name "CoreOS Bot"
git config --global user.email "[email protected]"
""")

def pluginslist
def pluginsToUpdate = [:]
def plugins_lockfile = "jenkins/controller/plugins.txt"

stage("Read plugins.txt") {
/* Clone the repository and switch to the '${pr_branch}' branch */
shwrapCapture("""
git clone --depth=1 --branch ${pr_branch} https://github.com/${fork_repo}.git
cd fedora-coreos-pipeline
git remote add upstream https://github.com/${repo}.git
git fetch upstream
git reset --hard upstream/main
""")

/* Read the plugins from the lockfile */
pluginslist = shwrapCapture("grep -v ^# ${plugins_lockfile}").split('\n')
}

stage("Check for plugin updates") {
def pluginUrl
def pluginsUpdateList = []
pluginslist.each { plugin ->
def parts = plugin.split(':')
if (parts.size() != 2) {
error("Invalid plugin format: ${plugin}")
} else {
def pluginName = parts[0]
def currentVersion = parts[1]

/* Retrieve the download URL for the most recent version of a Jenkins plugin from the Jenkins update center.
After following all redirects, curl prints the final URL to stdout. The final URL is captured in the pluginUrl variable for further use. */
pluginUrl = shwrapCapture("curl -Ls -I -f -o /dev/null -w '%{url_effective}' https://updates.jenkins.io/download/plugins/${pluginName}/latest/${pluginName}.hpi")

def latestVersion = getVersionFromPluginUrl(pluginUrl)
if (latestVersion.toString() != currentVersion.toString()) {

/* Update the plugin version in the lockfile */
pluginsToUpdate["${pluginName}"] = [currentVersion, latestVersion]
println("Plugin: ${pluginName} current version is ${currentVersion}, it will be updated to latest version: ${latestVersion}")

/* Construct Plugins List to update for find/replace operations */
pluginsUpdateList.add("-e s/${pluginName}:${currentVersion}/${pluginName}:${latestVersion}/g")

} else {
println("The latest version of ${pluginName} is already installed: ${currentVersion}")
}
}
}
if (!pluginsUpdateList.isEmpty()) {
def pluginUpdate = "sed -i " + pluginsUpdateList.join(' ')
shwrap("""
cd fedora-coreos-pipeline
${pluginUpdate} ${plugins_lockfile}
""")
}
}

stage("Open a PR") {
if (shwrap("git diff --exit-code") != 0){
/* Commit and push changes, and open a PR */
def message = "jenkins/plugins: update to latest versions"
shwrap("""
cd fedora-coreos-pipeline
git status
git diff
git add jenkins/controller/plugins.txt
git commit -m '${message}' -m 'Job URL: ${env.BUILD_URL}' -m 'Job definition: https://github.com/coreos/fedora-coreos-pipeline/blob/main/jobs/bump-jenkins-plugins.Jenkinsfile'
""")
withCredentials([usernamePassword(credentialsId: botCreds,
usernameVariable: 'GHUSER',
passwordVariable: 'GHTOKEN')]) {
shwrap("""
cd fedora-coreos-pipeline
git push -f https://\${GHUSER}:\${GHTOKEN}@github.com/${fork_repo} ${pr_branch}
curl -H "Authorization: token ${GHTOKEN}" -X POST -d '{ "title": "${message}", "head": "${pr_branch}", "base": "main" }' https://api.github.com/repos/${fork_repo}/pulls
""")
}
}
}
currentBuild.result = 'SUCCESS'
} catch (e) {
currentBuild.result = 'FAILURE'
throw e
} finally {
if (currentBuild.result == 'SUCCESS') {
currentBuild.description = "bump-jenkins-plugins ⚡"
} else {
currentBuild.description = "bump-jenkins-plugins ❌"
}
if (currentBuild.result != 'SUCCESS') {
message = "bump-jenkins-plugins #${env.BUILD_NUMBER} <${env.BUILD_URL}|:jenkins:> <${env.RUN_DISPLAY_URL}|:ocean:>"
pipeutils.trySlackSend(message: message)
}
}
}

0 comments on commit a2f5d3a

Please sign in to comment.