From fd798ec4f51f72605a2b83c659a5f4aac2c8ce78 Mon Sep 17 00:00:00 2001 From: Dusty Mabe Date: Wed, 11 Sep 2019 15:47:47 -0400 Subject: [PATCH] Jenkinsfile.release: make AWS AMI replication optional And default to true, but make the pipeline default to not replicate for non-production streams. We use strings and not boolean parameters because passing booleans via `oc start-build -e` is non-trivial. --- Jenkinsfile | 16 ++++++++++++-- Jenkinsfile.release | 53 ++++++++++++++++++++++++++++----------------- 2 files changed, 47 insertions(+), 22 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index b631a2515..550900a1e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -54,7 +54,13 @@ properties([ description: 'Whether to force a rebuild'), booleanParam(name: 'MINIMAL', defaultValue: (official ? false : true), - description: 'Whether to only build the OSTree and qemu images') + description: 'Whether to only build the OSTree and qemu images'), + // use a string here because passing booleans via `oc start-build -e` + // is non-trivial + choice(name: 'AWS_REPLICATION', + choices: (['false', 'true']), + defaultValue: 'false', + description: 'Force AWS AMI replication for non-production') ]), buildDiscarder(logRotator( numToKeepStr: '60', @@ -305,6 +311,11 @@ podTemplate(cloud: 'openshift', label: 'coreos-assembler', yaml: pod, defaultCon // For now, we auto-release all non-production streams builds. That // way, we can e.g. test testing-devel AMIs easily. + // + // Since we are only running this stage for non-production (i.e. mechanical + // and development) builds we'll default to not doing AWS AMI replication. + // That can be overridden by the user setting the AWS_REPLICATION parameter + // to true, overriding the default (false). if (official && !(params.STREAM in streams.production)) { stage('Publish') { // use jnlp container in our pod, which has `oc` in it already @@ -312,7 +323,8 @@ podTemplate(cloud: 'openshift', label: 'coreos-assembler', yaml: pod, defaultCon utils.shwrap(""" oc start-build --wait fedora-coreos-pipeline-release \ -e STREAM=${params.STREAM} \ - -e VERSION=${newBuildID} + -e VERSION=${newBuildID} \ + -e AWS_REPLICATION=${params.AWS_REPLICATION} """) } } diff --git a/Jenkinsfile.release b/Jenkinsfile.release index d1f5fa105..bd8a7d155 100644 --- a/Jenkinsfile.release +++ b/Jenkinsfile.release @@ -19,7 +19,18 @@ properties([ string(name: 'VERSION', description: 'Fedora CoreOS version to release', defaultValue: '', - trim: true) + trim: true), + // Default to true for AWS_REPLICATION because the only case + // where we are running the job by hand is when we're doing a + // production release and we want to replicate there. Defaulting + // to true means there is less opportunity for human error. + // + // use a string here because passing booleans via `oc start-build -e` + // is non-trivial + choice(name: 'AWS_REPLICATION', + choices: (['true', 'false']), + defaultValue: 'true', + description: 'Force AWS AMI replication') ]) ]) @@ -30,25 +41,27 @@ pod = pod.replace("COREOS_ASSEMBLER_IMAGE", "coreos-assembler:master") podTemplate(cloud: 'openshift', label: 'coreos-assembler', yaml: pod, defaultContainer: 'jnlp') { node('coreos-assembler') { container('coreos-assembler') { - // Replicate the newly uploaded AMI to other regions. Intentionally - // split out from the 'Upload AWS' stage to allow for tests to be added - // at a later date before replicating said image. - // - // We have to re-run the coreos-meta-translator as aws-replicate - // only modifies the meta.json - stage('Replicate AWS AMI') { - s3_stream_dir = "${s3_bucket}/prod/streams/${params.STREAM}" - // TODO: Once buildprep supports pulling specific builds - // operate on the specific build rather than the most - // recent build - utils.shwrap(""" - export AWS_CONFIG_FILE=\${AWS_FCOS_BUILDS_BOT_CONFIG} - coreos-assembler buildprep s3://${s3_stream_dir}/builds - coreos-assembler aws-replicate --build=${params.VERSION} - git clone https://github.com/coreos/fedora-coreos-releng-automation /var/tmp/fcos-releng - /var/tmp/fcos-releng/coreos-meta-translator/trans.py --workdir . - coreos-assembler buildupload --skip-builds-json s3 --acl=public-read ${s3_stream_dir}/builds - """) + if (params.AWS_REPLICATION == 'true') { + // Replicate the newly uploaded AMI to other regions. Intentionally + // split out from the 'Upload AWS' stage to allow for tests to be added + // at a later date before replicating said image. + // + // We have to re-run the coreos-meta-translator as aws-replicate + // only modifies the meta.json + stage('Replicate AWS AMI') { + s3_stream_dir = "${s3_bucket}/prod/streams/${params.STREAM}" + // TODO: Once buildprep supports pulling specific builds + // operate on the specific build rather than the most + // recent build + utils.shwrap(""" + export AWS_CONFIG_FILE=\${AWS_FCOS_BUILDS_BOT_CONFIG} + coreos-assembler buildprep s3://${s3_stream_dir}/builds + coreos-assembler aws-replicate --build=${params.VERSION} + git clone https://github.com/coreos/fedora-coreos-releng-automation /var/tmp/fcos-releng + /var/tmp/fcos-releng/coreos-meta-translator/trans.py --workdir . + coreos-assembler buildupload --skip-builds-json s3 --acl=public-read ${s3_stream_dir}/builds + """) + } } stage('Publish') {