generated from hmcts/spring-boot-template
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Jenkinsfile_CNP
188 lines (161 loc) · 9.67 KB
/
Jenkinsfile_CNP
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
#!groovy
@Library("Infrastructure")
import uk.gov.hmcts.contino.GradleBuilder
import uk.gov.hmcts.contino.AppPipelineDsl
import uk.gov.hmcts.contino.GithubAPI
def product = "aac"
def component = "manage-case-assignment"
def branchesToSync = ['demo', 'ithc', 'perftest', 'develop']
GradleBuilder builder = new GradleBuilder(this, product)
// Variables to switch pipeline logic and wiring per type of build
def definitionStoreDevelopPr = "PR-575" // This doesn't change frequently, but when it does, only change this value.
def dataStoreApiDevelopPr = "PR-1260" // This doesn't change frequently, but when it does, only change this value.
def prsToUseAat = "PR-148,PR-161,PR-167,PR-259,PR-264" // Set this value to a PR number, or add it as a comma-separated value, if it's to follow CI/CD.
def prsRunningInIsolation = "PR-463" // Set this value to a PR number, or add it as a comma-separated value, if PRs for MCA, Data-Store and Def-Store are all configured to run in isolation from other PRs.
def secrets = [
'rpx-${env}': [
secret('mc-idam-client-secret', 'BEFTA_OAUTH2_CLIENT_SECRET_OF_XUIWEBAPP')
],
'ccd-${env}': [
secret('ccd-caseworker-autotest-email', 'CCD_CASEWORKER_AUTOTEST_EMAIL'),
secret('ccd-caseworker-autotest-password', 'CCD_CASEWORKER_AUTOTEST_PASSWORD'),
secret('ccd-api-gateway-oauth2-client-secret', 'CCD_API_GATEWAY_OAUTH2_CLIENT_SECRET'),
secret('definition-importer-username', 'DEFINITION_IMPORTER_USERNAME'),
secret('definition-importer-password', 'DEFINITION_IMPORTER_PASSWORD'),
secret('ccd-befta-caseworker-2-solicitor-1-pwd', 'CCD_BEFTA_CASEWORKER_2_SOLICITOR_1_PWD'),
secret('ccd-befta-master-solicitor1-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_1_PWD'),
secret('ccd-befta-master-solicitor2-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_2_PWD'),
secret('ccd-befta-master-solicitor3-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_3_PWD'),
secret('ccd-befta-master-solicitor4-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_4_PWD'),
secret('ccd-befta-master-solicitor5-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_5_PWD'),
secret('ccd-befta-master-solicitor6-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_6_PWD'),
secret('ccd-befta-master-solicitor-mutlu-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_MUTLU_PWD'),
secret('ccd-befta-master-solicitor-richard-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_RICHARD_PWD'),
secret('ccd-befta-master-solicitor-tony-pwd', 'CCD_BEFTA_MASTER_SOLICITOR_TONY_PWD'),
secret('ccd-befta-jurisdiction3-solicitor1-pwd', 'CCD_BEFTA_JURISDICTION_3_SOLICITOR_1_PWD'),
secret('ccd-befta-solicitor-4-pwd', 'CCD_BEFTA_SOLICITOR_4_PWD'),
secret('ccd-befta-citizen-2-pwd', 'CCD_BEFTA_CITIZEN_2_PWD'),
secret('ccd-befta-pui-caa-1-pwd', 'CCD_BEFTA_PUI_CAA_1_PWD')
],
's2s-${env}': [
secret('microservicekey-ccd-gw', 'CCD_API_GATEWAY_S2S_KEY'),
secret('microservicekey-ccd-gw', 'BEFTA_S2S_CLIENT_SECRET'),
secret('microservicekey-xui-webapp', 'BEFTA_S2S_CLIENT_SECRET_OF_XUI_WEBAPP'),
secret('microservicekey-ccd-data', 'BEFTA_S2S_CLIENT_SECRET_OF_CCD_DATA'),
secret('microservicekey-aac-manage-case-assignment', 'BEFTA_S2S_CLIENT_SECRET_OF_AAC_MANAGE_CASE_ASSIGNMENT')
],
'aac-${env}': [
secret('idam-mca-system-user-username', 'BEFTA_IDAM_CAA_USERNAME'),
secret('idam-mca-system-user-password', 'BEFTA_IDAM_CAA_PASSWORD'),
secret('idam-noc-approver-username', 'BEFTA_IDAM_NOC_APPROVER_USERNAME'),
secret('idam-noc-approver-password', 'BEFTA_IDAM_NOC_APPROVER_PASSWORD')
]
]
static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
[$class : 'AzureKeyVaultSecret',
secretType : 'Secret',
name : secretName,
version : '',
envVariable: envVar
]
}
def vaultOverrides = [
'preview' : 'aat'
]
// vars needed for functional tests
// Assume a feature build branched off 'develop', with dependencies develop-to-develop, and URLs below represent jenkins-to-preview.
env.DEFINITION_STORE_URL_BASE = "https://ccd-definition-store-api-${definitionStoreDevelopPr}.preview.platform.hmcts.net".toLowerCase()
env.CCD_DATA_STORE_API_BASE_URL = "https://ccd-data-store-api-${dataStoreApiDevelopPr}.preview.platform.hmcts.net".toLowerCase()
if (prsRunningInIsolation.toLowerCase().contains(env.BRANCH_NAME.toLowerCase())) {
// NB: should only enable CALLBACK tests if PRs for MCA, Data-Store and Def-Store are all configured to run as one isolated group.
env.CALLBACK_FTA_ENABLED = "true"
// NB: this is the callback URL used when testing NOC so its an internal call: data-store.preview -> mca.preview.
env.MCA_API_BASE_URL = "http://aac-manage-case-assignment-${env.BRANCH_NAME}-java.aac"
} else {
env.CALLBACK_FTA_ENABLED = "false" // in PREVIEW turn off the callback tests as other running pipelines may reset the published callback URLs.
}
// Other env variables needed for BEFTA.
env.S2S_URL_BASE = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.IDAM_API_URL_BASE = "https://idam-api.aat.platform.hmcts.net"
env.BEFTA_S2S_CLIENT_ID = "xui_webapp"
env.CCD_API_GATEWAY_OAUTH2_CLIENT_ID = "ccd_gateway"
env.CCD_API_GATEWAY_OAUTH2_REDIRECT_URL = "https://www-ccd.aat.platform.hmcts.net/oauth2redirect"
env.DM_STORE_BASE_URL = "http://dm-store-aat.service.core-compute-aat.internal"
env.RD_PROFESSIONAL_API_BASE_URL = "http://rd-professional-api-aat.service.core-compute-aat.internal"
env.CCD_API_GATEWAY_S2S_ID = "ccd_gw"
env.BEFTA_S2S_CLIENT_ID = "ccd_gw"
env.BEFTA_S2S_CLIENT_ID_OF_XUI_WEBAPP = "xui_webapp"
env.BEFTA_S2S_CLIENT_ID_OF_CCD_DATA = "ccd_data"
env.BEFTA_OAUTH2_CLIENT_ID_OF_XUIWEBAPP = "xuiwebapp"
env.BEFTA_OAUTH2_REDIRECT_URI_OF_XUIWEBAPP = "https://www-ccd.aat.platform.hmcts.net/oauth2redirect"
env.BEFTA_OAUTH2_ACCESS_TOKEN_TYPE_OF_XUIWEBAPP = "OIDC"
env.BEFTA_OAUTH2_SCOPE_VARIABLES_OF_XUIWEBAPP = "profile openid roles manage-user create-user search-user"
// temporary workaround for platform changes: turn BEFTA header checks to warning mode
env.BEFTA_RESPONSE_HEADER_CHECK_POLICY="JUST_WARN"
env.PACT_BROKER_FULL_URL = "https://pact-broker.platform.hmcts.net"
env.PACT_BROKER_URL = "pact-broker.platform.hmcts.net"
env.PACT_BROKER_PORT = "443"
env.PACT_BROKER_SCHEME = "https"
// Prevent Docker hub rate limit errors by ensuring that testcontainers uses images from hmctspublic ACR
env.TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX = "hmctspublic.azurecr.io/imported/"
withPipeline("java", product, component) {
afterAlways('test') {
builder.gradle('integration')
// hmcts/cnp-jenkins-library may fail to copy artifacts after checkstyle error so repeat command (see /src/uk/gov/hmcts/contino/GradleBuilder.groovy)
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/reports/checkstyle/*.html'
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/reports/pmd/*.html'
}
onMaster {
enableSlackNotifications('#ccd-master-builds')
enablePactAs([AppPipelineDsl.PactRoles.PROVIDER])
}
onDemo {
enableSlackNotifications('#ccd-demo-builds')
}
onPR {
enableSlackNotifications('#ccd-pr-builds')
enablePactAs([AppPipelineDsl.PactRoles.PROVIDER])
}
// Check if the build should be wired to an environment higher than 'preview'.
if (env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'demo' || env.BRANCH_NAME == 'perftest' || env.BRANCH_NAME == 'ithc' || prsToUseAat.toLowerCase().contains(env.BRANCH_NAME.toLowerCase())) {
environmentOfDependencies = env.BRANCH_NAME
// use aat environment for dependencies of master and CI/CD builds.
if (env.BRANCH_NAME.startsWith("PR") || env.BRANCH_NAME == 'master') {
environmentOfDependencies = "aat"
}
env.CCD_DATA_STORE_API_BASE_URL = "http://ccd-data-store-api-${environmentOfDependencies}.service.core-compute-${environmentOfDependencies}.internal"
env.DEFINITION_STORE_URL_BASE = "http://ccd-definition-store-api-${environmentOfDependencies}.service.core-compute-${environmentOfDependencies}.internal"
env.MCA_API_BASE_URL = "http://aac-manage-case-assignment-${environmentOfDependencies}.service.core-compute-${environmentOfDependencies}.internal"
env.CALLBACK_FTA_ENABLED = "true" // NB: safe to enable outside of preview as the above URLs provide a naturally isolated set of services.
}
echo "FTA will use Definition Store: ${env.DEFINITION_STORE_URL_BASE}"
echo " ... published with MCA URL: ${env.MCA_API_BASE_URL}"
echo "CALLBACK FTA Enabled = ${env.CALLBACK_FTA_ENABLED} on branch ${env.BRANCH_NAME}"
syncBranchesWithMaster(branchesToSync)
overrideVaultEnvironments(vaultOverrides)
loadVaultSecrets(secrets)
enableAksStagingDeployment()
disableLegacyDeployment()
afterAlways('smoketest:preview') {
copyIgnore('./build/reports/tests/befta/smoke/cucumber-html-reports', './BEFTA Report for Smoke Tests/')
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/BEFTA Report for Smoke Tests/**/*'
}
afterAlways('smoketest:aat') {
copyIgnore('./build/reports/tests/befta/smoke/cucumber-html-reports', './BEFTA Report for Smoke Tests/')
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/BEFTA Report for Smoke Tests/**/*'
}
afterAlways('functionalTest:preview') {
copyIgnore('./build/reports/tests/befta/functional/cucumber-html-reports', './BEFTA Report for Functional Tests/')
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/BEFTA Report for Functional Tests/**/*'
}
afterAlways('functionalTest:aat') {
copyIgnore('./build/reports/tests/befta/functional/cucumber-html-reports', './BEFTA Report for Functional Tests/')
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/BEFTA Report for Functional Tests/**/*'
}
}
/**
* Forces a recursive copy by always returning 0 regardless of errors
*/
def copyIgnore(filePath, destinationDir) {
steps.sh("cp -R '${filePath}' '${destinationDir}' || :")
}