1 .. _lf-global-jjb-release:
3 #######################
4 Self Serve Release Jobs
5 #######################
7 Self serve release jobs allow a project to create a releases/ or .releases/ directory and then place a release yaml file in it.
8 Jenkins will pick this up and sign the ref extrapolated by log_dir and promote the artifact, whether maven or container.
10 Maven release jobs can also trigger via "Build with parameters" negating the need for a release file.
11 The parameters will need to be filled out in the same was as a release file's would, excepting the special
12 USE_RELEASE_FILE and DRY_RUN check boxes. The USE_RELEASE_FILE check box will need to be unchecked, if the job
13 is expected to run with a release file, while passing the required information as build parameters.
14 Similarly, the DRY_RUN check box will need to be unchecked, if the job needs to be tested while skipping
15 repository promotion to Nexus.
17 The Special Parameters are as follows:
19 GERRIT_BRANCH = master
21 LOG_DIR = example-project-maven-stage-master/17/
22 DISTRIBUTION_TYPE = maven
23 USE_RELEASE_FILE = false
28 Example of a maven release file:
32 Release files regex: (releases\/.*\.yaml|\.releases\/.*\.yaml)
33 directory can be .releases/ or releases/
34 file can be ANYTHING.yaml
39 $ cat releases/maven-1.0.0.yaml
41 distribution_type: 'maven'
43 project: 'example-project'
44 log_dir: 'example-project-maven-stage-master/17/'
47 Example of a container release file:
51 $ cat releases/container-1.0.0.yaml
53 distribution_type: 'container'
58 version: 1.0.0-20190806T184921Z
60 version: 1.0.0-20190806T184921Z
65 Job should be appended under gerrit-maven-stage
66 Example of a terse Jenkins job to call global-jjb macro:
72 build-node: centos7-docker-8c-8g
73 maven-versions-plugin: true
74 - '{project-name}-gerrit-release-jobs':
75 build-node: centos7-docker-8c-8g
79 Release Engineers Please follow the setup guide before adding the job definition:
82 Setup for LFID Nexus Jenkins and Gerrit:
83 ========================================
88 Create an ``lfid`` and an ``ssh-key``
90 ``YOUR_RELEASE_USERNAME`` for example: onap-release
91 ``YOUR_RELEASE_EMAIL`` for example: collab-it+onap-release@linuxfoundation.org
97 ssh-keygen -t rsa -C "collab-it+odl-release@linuxfoundation.org" -f /tmp/odl-release
100 `Create an LFID with the above values <https://identity.linuxfoundation.org>`_
106 Create a Nexus account called ``'jenkins-release'`` with promote privileges.
108 .. image:: ../_static/nexus-promote-privs.png
113 Log into your Gerrit with ``YOU_RELEASE_USERNAME``, upload the publick part of the ``ssh-key`` you created earlier.
114 Log out of Gerrit and log in again with your normal account for the next steps.
117 In Gerrit create a new group called ``self-serve-release`` and give it direct push rights via ``All-Projects``
118 Add ``YOUR_RELEASE_USERNAME`` to group ``self-serve-release`` and group ``Non-Interactive Users``
121 In All project, grant group self-serve-release the following:
125 [access "refs/heads/*"]
126 push = group self-serve-release
127 [access "refs/tags/*"]
128 createTag = group self-serve-release
129 createSignedTag = group self-serve-release
130 forgeCommitter = group self-serve-release
131 push = group self-serve-release
137 Add a global credential to Jenkins called ``jenkins-release`` and set the ID: ``'jenkins-release'``
138 as its value insert the private half of the ``ssh-key`` that you created for your Gerrit user.
140 Add Global vars in Jenkins:
141 Jenkins configure -> Global properties -> Environment variables
143 ``RELEASE_USERNAME = YOUR_RELEASE_USERNAME``
144 ``RELEASE_EMAIL = YOUR_RELEASE_EMAIL``
146 Jenkins configure -> Managed Files -> Add a New Config -> Custom File
149 Name: SIGNING_PUBKEY (optional)
150 Comment: SIGNING_PUBKEY (optional)
152 Content: (Ask Andy for the public signing key)
153 -----BEGIN PGP PUBLIC KEY BLOCK-----
156 Add or edit the managed file in Jenkins called ``lftoolsini``, appending a nexus section:
157 Jenkins Settings -> Managed files -> Add (or edit) -> Custom file
162 username=jenkins-release
163 password=<plaintext password>
168 Upgrade your projects global-jjb if needed
169 add this to your global defaults file (eg: jjb/defaults.yaml).
173 jenkins-ssh-release-credential: 'jenkins-release'
181 Release verify and merge jobs are the same except for their scm, trigger, and
182 builders definition. This anchor is the common template.
191 - {project-name}-release-merge
193 :Comment Trigger: remerge
195 :Required parameters:
197 :build-node: The node to run build on.
198 :jenkins-ssh-release-credential: Credential to use for SSH. (Generally set
200 :stream: run this job against: **
202 :Optional parameters:
204 :branch: Git branch to fetch for the build. (default: all)
205 :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
206 :build-timeout: Timeout in minutes before aborting build. (default: 15)
207 :project-pattern: Project to trigger build against. (default: \*\*)
209 :gerrit_merge_triggers: Override Gerrit Triggers.
210 :gerrit_trigger_file_paths: Override file paths filter which checks which
211 file modifications will trigger a build.
214 - compare-type: REG_EXP
215 pattern: '(releases\/.*\.yaml|\.releases\/.*\.yaml)'
222 - {project-name}-release-verify
224 :Comment Trigger: recheck|reverify
226 :Required Parameters:
228 :build-node: The node to run build on.
229 :jenkins-ssh-credential: Credential to use for SSH. (Generally set
231 :stream: run this job against: **
233 :Optional Parameters:
235 :branch: Git branch to fetch for the build. (default: all)
236 :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
237 :build-node: The node to run build on.
238 :build-timeout: Timeout in minutes before aborting build. (default: 15)
239 :doc-dir: Directory where tox will place built docs.
240 as defined in the tox.ini (default: docs/_build/html)
241 :gerrit-skip-vote: Skip voting for this job. (default: false)
242 :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
243 :project-pattern: Project to trigger build against. (default: \*\*)
245 :gerrit_verify_triggers: Override Gerrit Triggers.
246 :gerrit_trigger_file_paths: Override file paths filter which checks which
247 file modifications will trigger a build.
250 - compare-type: REG_EXP
251 pattern: '(releases\/.*\.yaml|\.releases\/.*\.yaml)'