forked from coreos/fedora-coreos-pipeline
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Jenkinsfile.release
151 lines (134 loc) · 6.28 KB
/
Jenkinsfile.release
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
def utils, streams, s3_bucket
node {
checkout scm
utils = load("utils.groovy")
streams = load("streams.groovy")
pod = readFile(file: "manifests/pod.yaml")
s3_bucket = utils.get_pipeline_annotation('s3-bucket')
}
properties([
pipelineTriggers([]),
parameters([
choice(name: 'STREAM',
// list devel first so that it's the default choice
choices: (streams.development + streams.production + streams.mechanical),
description: 'Fedora CoreOS stream to release'),
string(name: 'VERSION',
description: 'Fedora CoreOS version to release',
defaultValue: '',
trim: true),
// Default to true for AWS_REPLICATION because the only case
// where we are running the job by hand is when we're doing a
// production release and we want to replicate there. Defaulting
// to true means there is less opportunity for human error.
//
// use a string here because passing booleans via `oc start-build -e`
// is non-trivial
choice(name: 'AWS_REPLICATION',
choices: (['true', 'false']),
description: 'Force AWS AMI replication'),
string(name: 'COREOS_ASSEMBLER_IMAGE',
description: 'Override coreos-assembler image to use',
defaultValue: "coreos-assembler:master",
trim: true)
])
])
// no way to make a parameter required directly so manually check
// https://issues.jenkins-ci.org/browse/JENKINS-3509
if (params.VERSION == "") {
throw new Exception("Missing VERSION parameter!")
}
currentBuild.description = "[${params.STREAM}] - ${params.VERSION}"
// substitute the right COSA image into the pod definition before spawning it
pod = pod.replace("COREOS_ASSEMBLER_IMAGE", params.COREOS_ASSEMBLER_IMAGE)
// shouldn't need more than 256Mi for this job
pod = pod.replace("COREOS_ASSEMBLER_MEMORY_REQUEST", "256Mi")
echo "Final podspec: ${pod}"
// use a unique label to force Kubernetes to provision a separate pod per run
def pod_label = "cosa-${UUID.randomUUID().toString()}"
// We just lock here out of an abundance of caution in case somehow two release
// jobs run for the same stream, but that really shouldn't happen. Anyway, if it
// *does*, this makes sure they're run serially.
lock(resource: "release-${params.STREAM}") {
podTemplate(cloud: 'openshift', label: pod_label, yaml: pod) {
node(pod_label) { container('coreos-assembler') {
def s3_stream_dir = "${s3_bucket}/prod/streams/${params.STREAM}"
def gcp_image = ""
// Clone the automation repo, which contains helper scripts. In the
// future, we'll probably want this either part of the cosa image, or
// in a derivative of cosa for pipeline needs.
utils.shwrap("""
git clone --depth=1 https://github.com/coreos/fedora-coreos-releng-automation /var/tmp/fcos-releng
""")
// Fetch metadata for the build we are interested in
stage('Fetch Metadata') {
utils.shwrap("""
export AWS_CONFIG_FILE=\${AWS_FCOS_BUILDS_BOT_CONFIG}
cosa init --branch ${params.STREAM} https://github.com/coreos/fedora-coreos-config
cosa buildprep --build=${params.VERSION} s3://${s3_stream_dir}/builds
""")
def basearch = utils.shwrap_capture("cosa basearch")
meta_json = "builds/${params.VERSION}/${basearch}/meta.json"
def meta = readJSON file: meta_json
if (meta.gcp.image) {
gcp_image = meta.gcp.image
}
}
// For production streams, import the OSTree into the prod
// OSTree repo.
if ((params.STREAM in streams.production) && utils.path_exists("/etc/fedora-messaging-cfg/fedmsg.toml")) {
stage("OSTree Import: Prod Repo") {
utils.shwrap("""
/var/tmp/fcos-releng/coreos-ostree-importer/send-ostree-import-request.py \
--build=${params.VERSION} --s3=${s3_stream_dir} --repo=prod \
--fedmsg-conf=/etc/fedora-messaging-cfg/fedmsg.toml
""")
}
}
// For production streams, promote the GCP image so that it
// will be the chosen image in an image family and deprecate
// all others. `ore gcloud promote-image` does this for us.
if (params.STREAM in streams.production) {
stage('GCP: Image Promotion') {
utils.shwrap("""
# pick up the project to use from the config
gcp_project=\$(jq -r .project_id \${GCP_IMAGE_UPLOAD_CONFIG})
ore gcloud promote-image \
--log-level=INFO \
--project=\${gcp_project} \
--json-key \${GCP_IMAGE_UPLOAD_CONFIG} \
--family fedora-coreos-${params.STREAM} \
--image "${gcp_image}"
""")
}
}
if (params.AWS_REPLICATION == 'true') {
// Replicate the newly uploaded AMI to other regions. Intentionally
// split out from the 'Upload AWS' stage to allow for tests to be added
// at a later date before replicating said image.
//
// We have to re-run the coreos-meta-translator as aws-replicate
// only modifies the meta.json
stage('Replicate AWS AMI') {
utils.shwrap("""
export AWS_CONFIG_FILE=\${AWS_FCOS_BUILDS_BOT_CONFIG}
cosa aws-replicate --build=${params.VERSION} --log-level=INFO
/var/tmp/fcos-releng/coreos-meta-translator/trans.py --build-id ${params.VERSION} --workdir .
cosa buildupload --build=${params.VERSION} --skip-builds-json s3 --acl=public-read ${s3_stream_dir}/builds
""")
}
}
stage('Publish') {
// Run plume to publish official builds; This will handle modifying
// object ACLs, modifying AMI image attributes,
// and creating/modifying the releases.json metadata index
utils.shwrap("""
export AWS_CONFIG_FILE=\${AWS_FCOS_BUILDS_BOT_CONFIG}
plume release --distro fcos \
--version ${params.VERSION} \
--stream ${params.STREAM} \
--bucket ${s3_bucket}
""")
}
}}
}}