Code Review / releng / global-jjb.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Verify JJB when global-jjb is updated
[releng/global-jjb.git] / jjb / lf-ci-jobs.yaml
diff --git a/jjb/lf-ci-jobs.yaml b/jjb/lf-ci-jobs.yaml
index cc87260..115ba6c 100644 (file)
--- a/jjb/lf-ci-jobs.yaml
+++ b/jjb/lf-ci-jobs.yaml
@@ -20,12 +20,37 @@
     jjb-version: 1.6.2
 
     jobs:
-      - 'github-jjb-merge'
-      - 'github-jjb-verify'
+      - github-jjb-merge
+      - github-jjb-verify
 
 
+- job-group:
+    name: '{project-name}-packer-jobs'
+
+    # This job group contains all the recommended jobs that should be deployed
+    # for any project ci that is using packer.
+
+    packer-version: 1.0.2
+
+    jobs:
+      - gerrit-packer-merge
+      - gerrit-packer-verify
+
+
+- job-group:
+    name: '{project-name}-github-packer-jobs'
+
+    # This job group contains all the recommended jobs that should be deployed
+    # for any project ci that is using packer.
+
+    packer-version: 1.0.2
+
+    jobs:
+      - github-packer-merge
+      - github-packer-verify
+
 ####################
-# Anchors & Macros #
+# COMMON FUNCTIONS #
 ####################
 
 - builder:
@@ -36,31 +61,42 @@
             - file-id: jjbini
               target: '$HOME/.config/jenkins_jobs/jenkins_jobs.ini'
 
-- lf_jjb_file_paths: &lf_jjb_file_paths
-    name: lf-jjb-file-paths
+- lf_packer_file_paths: &lf_packer_file_paths
+    name: lf-packer-file-paths
     file-paths:
+      # Common files for all projects
       - compare-type: ANT
-        pattern: '**/*.sh'
+        pattern: 'packer/vars/{platforms}.json'
       - compare-type: ANT
-        pattern: '**/*.yaml'
+        pattern: 'packer/templates/{templates}.json'
+      - compare-type: ANT
+        pattern: 'packer/provision/{templates}.sh'
+      - compare-type: ANT
+        pattern: 'packer/provision/lib/**'
 
-- lf_jjb_merge_builders: &lf_jjb_merge_builders
-    name: lf-jjb-merge-builders
-    builders:
-      - lf-infra-jjbini
-      - shell: !include-raw-escape:
-          - ../shell/jjb-install.sh
-          - ../shell/jjb-merge-job.sh
+- lf_packer: &lf_packer_common
+    name: lf-packer-common
+    # Adds wrappers and parameters sections common to packer jobs.
 
-- lf_jjb_verify_builders: &lf_jjb_verify_builders
-    name: lf-jjb-verfy-builders
-    builders:
-      - lf-infra-jjbini
-      - shell: !include-raw-escape:
-          - ../shell/jjb-install.sh
-          - ../shell/jjb-verify-job.sh
-          - ../shell/jjb-check-unicode.sh
-      - lf-infra-gpg-verify-git-signature
+    ######################
+    # Default parameters #
+    ######################
+
+    build-timeout: 45
+    packer-cloud-settings: packer-cloud-env
+
+    wrappers:
+      - lf-infra-wrappers:
+          build-timeout: '{build-timeout}'
+          jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+    parameters:
+      - lf-infra-parameters:
+          project: '{project}'
+          stream: '{stream}'
+          branch: '{branch}'
+      - lf-infra-packer-parameters:
+          packer-version: '{packer-version}'
 
 - parameter:
     name: lf-infra-jjb-parameters
@@ -70,29 +106,41 @@
           default: '{jjb-version}'
           description: Jenkins Job Builder version to download and install.
 
-#################
-# Job Templates #
-#################
-
-# JJB verify and merge jobs are the same except for their scm, trigger, and
-# builders definition. This anchor is the common template
-- lf_jjb_verify_merge: &lf_jjb_verify_merge
-    name: lf-jjb-verify-merge
-    project-type: freestyle
+- parameter:
+    name: lf-infra-packer-parameters
+    parameters:
+      - string:
+          name: PACKER_VERSION
+          default: '{packer-version}'
+          description: Packer version to download and install.
 
-    node: '{build-node}'
+- lf_jjb_common: &lf_jjb_common
+    name: lf-jjb-common
 
     ######################
     # Default parameters #
     ######################
 
     branch: master
+    build-timeout: 10
+    stream: master
     submodule-recursive: true
 
+    gerrit_trigger_file_paths:
+      - compare-type: ANT
+        pattern: '**/*.sh'
+      - compare-type: ANT
+        pattern: '**/*.yaml'
+      - compare-type: ANT
+        pattern: '**/global-jjb'
+
     #####################
     # Job Configuration #
     #####################
 
+    project-type: freestyle
+    node: '{build-node}'
+
     properties:
       - lf-infra-properties:
           project: '{project}'
@@ -101,35 +149,80 @@
     parameters:
       - lf-infra-parameters:
           project: '{project}'
+          stream: '{stream}'
           branch: '{branch}'
       - lf-infra-jjb-parameters:
           jjb-version: '{jjb-version}'
 
     wrappers:
       - lf-infra-wrappers:
-          build-timeout: 10
+          build-timeout: '{build-timeout}'
           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 
     publishers:
       - lf-infra-publish
 
-- job-template:
-    name: '{project-name}-jjb-merge'
-    id: gerrit-jjb-merge
-    <<: *lf_jjb_verify_merge
-    # yamllint disable-line rule:key-duplicates
-    <<: *lf_jjb_merge_builders
+#############
+# JJB Merge #
+#############
+
+- lf_jjb_merge: &lf_jjb_merge
+    name: lf-jjb-merge
+
+    # JJB Merge job runs `jenkins-jobs update` to update production job configuration
+    #
+    # Required parameters:
+    #
+    #     :build-node: The node to run build on.
+    #     :jenkins-ssh-credential: Credential to use for SSH. (Generally should
+    #         be configured in defaults.yaml)
+    #     :mvn-settings: The name of settings file containing credentials for
+    #         the project.
+    #
+    # Optional parameters:
+    #
+    #     :branch: Git branch to fetch for the build. (default: master)
+    #     :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+    #     :build-timeout: Timeout in seconds before aborting build. (default: 10)
+    #     :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+    #     :stream: Keyword that can be used to represent a release code-name.
+    #         Often the same as the branch. (default: master)
+    #     :submodule-recursive: Whether to checkout submodules recursively.
+    #         (default: true)
+    #
+    #     :gerrit_merge_triggers: Override Gerrit Triggers.
+    #     :gerrit_trigger_file_paths: Override file paths which can be used to
+    #         filter which file modifications will trigger a build.
+    #         (default defined by lf_jjb_common)
 
     ######################
     # Default parameters #
     ######################
 
-    git-url: '$GIT_URL/$GERRIT_PROJECT'
+    gerrit_merge_triggers:
+      - change-merged-event
+      - comment-added-contains-event:
+          comment-contains-value: remerge$
 
     #####################
     # Job Configuration #
     #####################
 
+    builders:
+      - lf-infra-jjbini
+      - shell: !include-raw-escape:
+          - ../shell/jjb-install.sh
+          - ../shell/jjb-merge-job.sh
+
+- job-template:
+    name: '{project-name}-jjb-merge'
+    id: gerrit-jjb-merge
+    <<: *lf_jjb_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_jjb_merge
+
+    git-url: '$GIT_URL/$GERRIT_PROJECT'
+
     scm:
       - lf-infra-gerrit-scm:
           git-url: '{git-url}'
@@ -142,25 +235,208 @@
     triggers:
       - gerrit:
           server-name: '{gerrit-server-name}'
-          trigger-on:
-            - change-merged-event
-            - comment-added-contains-event:
-                comment-contains-value: remerge$
+          trigger-on: '{obj:gerrit_merge_triggers}'
           projects:
             - project-compare-type: ANT
               project-pattern: '{project}'
               branches:
                 - branch-compare-type: ANT
                   branch-pattern: '**/{branch}'
-              <<: *lf_jjb_file_paths
+              file-paths: '{obj:gerrit_trigger_file_paths}'
+
+- job-template:
+    name: '{project-name}-jjb-merge'
+    id: github-jjb-merge
+    <<: *lf_jjb_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_jjb_merge
+
+    properties:
+      - github:
+          url: '{git-url}/{github-org}/{project}'
+
+    scm:
+      - lf-infra-github-scm:
+          url: '{git-clone-url}{github-org}/{project}'
+          refspec: ''
+          branch: '{branch}'
+          submodule-recursive: '{submodule-recursive}'
+          choosing-strategy: default
+          jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+    triggers:
+      - github
+      - pollscm:
+          cron: ''
+      - lf-infra-github-pr-trigger:
+          trigger-phrase: '^remerge$'
+          only-trigger-phrase: true
+          status-context: 'JJB Merge'
+          permit-all: false
+          github-hooks: true
+          github-org: '{github-org}'
+          github_pr_whitelist: '{obj:github_pr_whitelist}'
+          github_pr_admin_list: '{obj:github_pr_admin_list}'
+
+##############
+# JJB Verify #
+##############
+
+- lf_jjb_verify: &lf_jjb_verify
+    name: lf-jjb-verify
+
+    # JJB Verify job runs `jenkins-jobs test` to validate JJB syntax
+    #
+    # Required parameters:
+    #
+    #     :build-node: The node to run build on.
+    #     :jenkins-ssh-credential: Credential to use for SSH. (Generally should
+    #         be configured in defaults.yaml)
+    #     :mvn-settings: The name of settings file containing credentials for
+    #         the project.
+    #
+    # Optional parameters:
+    #
+    #     :branch: Git branch to fetch for the build. (default: master)
+    #     :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
+    #     :build-timeout: Timeout in seconds before aborting build. (default: 10)
+    #     :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
+    #     :stream: Keyword that can be used to represent a release code-name.
+    #         Often the same as the branch. (default: master)
+    #     :submodule-recursive: Whether to checkout submodules recursively.
+    #         (default: true)
+    #
+    #     :gerrit_verify_triggers: Override Gerrit Triggers.
+    #     :gerrit_trigger_file_paths: Override file paths which can be used to
+    #         filter which file modifications will trigger a build.
+    #         (default defined by lf_jjb_common)
+
+    ######################
+    # Default parameters #
+    ######################
+
+    gerrit_verify_triggers:
+      - patchset-created-event:
+          exclude-drafts: false
+          exclude-trivial-rebase: false
+          exclude-no-code-change: false
+      - draft-published-event
+      - comment-added-contains-event:
+          comment-contains-value: recheck$
+
+    #####################
+    # Job Configuration #
+    #####################
+
+    concurrent: true
+
+    builders:
+      - lf-infra-jjbini
+      - shell: !include-raw-escape:
+          - ../shell/git-validate-jira-urls.sh
+          - ../shell/jjb-install.sh
+          - ../shell/jjb-verify-job.sh
+          - ../shell/jjb-check-unicode.sh
+      - lf-infra-gpg-verify-git-signature
 
 - job-template:
     name: '{project-name}-jjb-verify'
     id: gerrit-jjb-verify
+    <<: *lf_jjb_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_jjb_verify
+
+    git-url: '$GIT_URL/$GERRIT_PROJECT'
+
+    scm:
+      - lf-infra-gerrit-scm:
+          git-url: '{git-url}'
+          refspec: '$GERRIT_REFSPEC'
+          branch: '$GERRIT_BRANCH'
+          submodule-recursive: '{submodule-recursive}'
+          choosing-strategy: gerrit
+          jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+    triggers:
+      - gerrit:
+          server-name: '{gerrit-server-name}'
+          trigger-on: '{obj:gerrit_verify_triggers}'
+          projects:
+            - project-compare-type: ANT
+              project-pattern: '{project}'
+              branches:
+                - branch-compare-type: ANT
+                  branch-pattern: '**/{branch}'
+              file-paths: '{obj:gerrit_trigger_file_paths}'
+
+- job-template:
+    name: '{project-name}-jjb-verify'
+    id: github-jjb-verify
+    <<: *lf_jjb_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_jjb_verify
+
+    properties:
+      - github:
+          url: '{git-url}/{github-org}/{project}'
+
+    scm:
+      - lf-infra-github-scm:
+          url: '{git-clone-url}{github-org}/{project}'
+          refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
+          branch: '{branch}'
+          submodule-recursive: '{submodule-recursive}'
+          choosing-strategy: default
+          jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+    triggers:
+      - lf-infra-github-pr-trigger:
+          trigger-phrase: '^recheck$'
+          only-trigger-phrase: false
+          status-context: 'JJB Verify'
+          permit-all: true
+          github-hooks: true
+          github-org: ''
+          github_pr_whitelist:
+            - ''
+          github_pr_admin_list:
+            - ''
+
+################
+# Packer Merge #
+################
+
+- lf_packer_merge_builders: &lf_packer_merge_builders
+    name: lf-packer-merge-builders
+
+    # Adds builders section common to merge packer jobs.
+    # {packer-cloud-settings} is passed from the project, defines the managed
+    #                   file-id name created in Jenkins
+    #                   (default: packer-cloud-env)
+    # {packer-version}: is global defined in job group level, the version number
+    #                   can be updated to install the latest version of packer.
+    # {platforms}:      defines the packer platform file, passed from the project.
+    # {template}:       defines the packer template file, passed from the project.
+
+    builders:
+      - lf-infra-packer-validate:
+          packer-cloud-settings: '{packer-cloud-settings}'
+          packer-version: '{packer-version}'
+      - lf-infra-packer-build:
+          packer-cloud-settings: '{packer-cloud-settings}'
+          packer-version: '{packer-version}'
+          platform: '{platforms}'
+          template: '{templates}'
+
+- job-template:
+    name: '{project-name}-packer-merge-{platforms}-{templates}'
+    id: gerrit-packer-merge
     concurrent: true
-    <<: *lf_jjb_verify_merge
+    <<: *lf_jjb_common
     # yamllint disable-line rule:key-duplicates
-    <<: *lf_jjb_verify_builders
+    <<: *lf_packer_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_packer_merge_builders
 
     ######################
     # Default parameters #
@@ -168,6 +444,11 @@
 
     git-url: '$GIT_URL/$GERRIT_PROJECT'
 
+    gerrit_merge_triggers:
+      - change-merged-event
+      - comment-added-contains-event:
+          comment-contains-value: remerge$
+
     #####################
     # Job Configuration #
     #####################
@@ -182,30 +463,27 @@
           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 
     triggers:
+      - timed: '00 10 1 * *'
       - gerrit:
           server-name: '{gerrit-server-name}'
-          trigger-on:
-            - patchset-created-event:
-                exclude-drafts: false
-                exclude-trivial-rebase: false
-                exclude-no-code-change: false
-            - draft-published-event
-            - comment-added-contains-event:
-                comment-contains-value: recheck$
+          trigger-on: '{obj:gerrit_merge_triggers}'
           projects:
             - project-compare-type: ANT
               project-pattern: '{project}'
               branches:
                 - branch-compare-type: ANT
                   branch-pattern: '**/{branch}'
-              <<: *lf_jjb_file_paths
+              <<: *lf_packer_file_paths
 
 - job-template:
-    name: '{project-name}-jjb-merge'
-    id: github-jjb-merge
-    <<: *lf_jjb_verify_merge
+    name: '{project-name}-packer-merge-{platforms}-{templates}'
+    id: github-packer-merge
+    concurrent: true
+    <<: *lf_jjb_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_packer_common
     # yamllint disable-line rule:key-duplicates
-    <<: *lf_jjb_merge_builders
+    <<: *lf_packer_merge_builders
 
     #####################
     # Job Configuration #
@@ -217,7 +495,7 @@
 
     scm:
       - lf-infra-github-scm:
-          url: '${{GIT_CLONE_URL}}{github-org}/{project}'
+          url: '{git-clone-url}{github-org}/{project}'
           refspec: ''
           branch: '{branch}'
           submodule-recursive: '{submodule-recursive}'
@@ -225,26 +503,105 @@
           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 
     triggers:
+      - timed: '00 10 1 * *'
       - github
       - pollscm:
           cron: ''
-      - github-pull-request:
+      - lf-infra-github-pr-trigger:
           trigger-phrase: '^remerge$'
           only-trigger-phrase: true
-          status-context: 'JJB Merge'
+          status-context: 'Packer {platforms}-${templates} Merge'
           permit-all: false
           github-hooks: true
-          auto-close-on-fail: false
-          org-list:
-            - '{github-org}'
+          github-org: '{github-org}'
+          github_pr_whitelist: '{obj:github_pr_whitelist}'
+          github_pr_admin_list: '{obj:github_pr_admin_list}'
+
+#################
+# Packer Verify #
+#################
+
+- lf_packer_verify_builders: &lf_packer_verify_builders
+    name: lf-packer-verify-builders
+
+    # Adds builders section common to verify packer jobs.
+    # {packer-cloud-settings} is passed from the project, defines the managed
+    #                   file-id name created in Jenkins
+    #                   (default: packer-cloud-env)
+    # {packer-version}: is global defined in job group level, the version number
+    #                   can be updated to install the latest version of packer.
+
+    builders:
+      - lf-infra-packer-validate:
+          packer-cloud-settings: '{packer-cloud-settings}'
+          packer-version: '{packer-version}'
 
 - job-template:
-    name: '{project-name}-jjb-verify'
-    id: github-jjb-verify
+    name: '{project-name}-packer-verify'
+    id: gerrit-packer-verify
+    concurrent: true
+    <<: *lf_jjb_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_packer_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_packer_verify_builders
+
+    ######################
+    # Default parameters #
+    ######################
+
+    build-timeout: 10
+    git-url: '$GIT_URL/$GERRIT_PROJECT'
+
+    gerrit_verify_triggers:
+      - patchset-created-event:
+          exclude-drafts: false
+          exclude-trivial-rebase: false
+          exclude-no-code-change: false
+      - draft-published-event
+      - comment-added-contains-event:
+          comment-contains-value: recheck$
+
+    #####################
+    # Job Configuration #
+    #####################
+
+    scm:
+      - lf-infra-gerrit-scm:
+          git-url: '{git-url}'
+          refspec: '$GERRIT_REFSPEC'
+          branch: '$GERRIT_BRANCH'
+          submodule-recursive: '{submodule-recursive}'
+          choosing-strategy: gerrit
+          jenkins-ssh-credential: '{jenkins-ssh-credential}'
+
+    triggers:
+      - gerrit:
+          server-name: '{gerrit-server-name}'
+          trigger-on: '{obj:gerrit_verify_triggers}'
+          projects:
+            - project-compare-type: ANT
+              project-pattern: '{project}'
+              branches:
+                - branch-compare-type: ANT
+                  branch-pattern: '**/{branch}'
+              <<: *lf_packer_file_paths
+
+- job-template:
+    name: '{project-name}-packer-verify'
+    id: github-packer-verify
     concurrent: true
-    <<: *lf_jjb_verify_merge
+    <<: *lf_jjb_common
     # yamllint disable-line rule:key-duplicates
-    <<: *lf_jjb_merge_builders
+    <<: *lf_packer_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_packer_verify_builders
+
+    ######################
+    # Default parameters #
+    ######################
+
+    build-timeout: 10
 
     #####################
     # Job Configuration #
@@ -256,7 +613,7 @@
 
     scm:
       - lf-infra-github-scm:
-          url: '${{GIT_CLONE_URL}}{github-org}/{project}'
+          url: '{git-clone-url}{github-org}/{project}'
           refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
           branch: '{branch}'
           submodule-recursive: '{submodule-recursive}'
@@ -264,10 +621,14 @@
           jenkins-ssh-credential: '{jenkins-ssh-credential}'
 
     triggers:
-      - github-pull-request:
+      - lf-infra-github-pr-trigger:
           trigger-phrase: '^recheck$'
           only-trigger-phrase: false
-          status-context: 'JJB Verify'
+          status-context: 'Packer Verify'
           permit-all: true
           github-hooks: true
-          auto-close-on-fail: false
+          github-org: ''
+          github_pr_whitelist:
+            - ''
+          github_pr_admin_list:
+            - ''
Global Jenkins Job Builder templates