- builder:
name: lf-fetch-dependent-patches
- # Fetches all patches provided via comment trigger
- #
- # This macro will fetch all patches provided via comment trigger and will
- # create a list of projects from those patches via environment variable
- # called DEPENDENCY_BUILD_ORDER which can be used if necessary to build
- # projects in the specified order. The order is determined by first patch
- # instance for a project in the patch list.
builders:
- shell: !include-raw: ../shell/gerrit-fetch-dependencies.sh
- inject:
properties-file: $WORKSPACE/.dependency.properties
+- builder:
+ name: lf-license-check
+ builders:
+ - inject:
+ properties-content: |
+ FILE_PATTERNS={file-patterns}
+ SPDX_DISABLE={spdx-disable}
+ LHC_VERSION={lhc-version}
+ LICENSE_EXCLUDE_PATHS={license-exclude-paths}
+ LICENSES_ALLOWED={licenses-allowed}
+ - shell: !include-raw-escape:
+ - ../shell/license-check.sh
+
- builder:
name: lf-infra-create-netrc
- # Macro to create a ~/.netrc file from a Maven settings.xml
- # Parameters:
- # {server-id} The id of a server as defined in settings.xml
builders:
- inject:
properties-content: 'SERVER_ID={server-id}'
- builder:
name: lf-infra-docker-login
- # Login into a custom hosted docker registry and / or docker.io
- #
- # The Jenkins system should have the following global variables defined
- #
- # DOCKER_REGISTRY : Optional
- # The DNS address of the registry (IP or FQDN)
- # ex: nexus3.example.com
- #
- # REGISTRY_PORTS : Required if DOCKER_REGISTRY is set
- # Space separated listing of the registry ports to login
- # to
- # ex: 10001 10002 10003 10004
- #
- # DOCKERHUB_EMAIL : Optional
- # If this variable is set then an attempt to login to
- # DockerHub (docker.io) will be also made. It should be
- # set to the email address for the credentials that will
- # get looked up. Only _one_ credential will ever be found
- # in the maven settings file for DockerHub
builders:
- lf-provide-maven-settings:
global-settings-file: '{global-settings-file}'
- builder:
name: lf-infra-gpg-verify-git-signature
- # Verify gpg signature of the latest commit message in $WORKSPACE
- #
- # This command assumes that $WORKSPACE is a git repo.
- #
# TODO: Verify signature after downloading users public key from a locally
# created repository instead of the public keymesh. This requires a process
# in place to get ODL developers public keys into a local repository without
builders:
- shell: !include-raw: ../shell/gpg-verify-git-signature.sh
+- builder:
+ name: lf-infra-pre-build
+ builders:
+ - shell: !include-raw-escape: ../shell/python-tools-install.sh
+
- builder:
name: lf-infra-ship-logs
builders:
+ # Ensure no pre-existing .netrc files are overriding logs config
+ - lf-provide-maven-settings-cleanup
- config-file-provider:
files:
- file-id: 'jenkins-log-archives-settings'
- lf-infra-create-netrc:
server-id: logs
- shell: !include-raw:
- - ../shell/lftools-install.sh
+ # Ensure python-tools are installed in case job template does not
+ # call the lf-infra-pre-build macro.
+ - ../shell/python-tools-install.sh
- ../shell/logs-deploy.sh
- shell: !include-raw:
- ../shell/logs-clear-credentials.sh
- description-setter:
regexp: '^Build logs: .*'
+- builder:
+ name: lf-infra-package-listing
+ builders:
+ - shell: !include-raw:
+ - ../shell/package-listing.sh
+
- builder:
name: lf-infra-packer-build
builders:
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: '{openstack}'
+ steps:
+ - config-file-provider:
+ files:
+ - file-id: clouds-yaml
+ target: '$HOME/.config/openstack/clouds.yaml'
+ - inject:
+ properties-content: OS_CLOUD={openstack-cloud}
- config-file-provider:
files:
- file-id: '{packer-cloud-settings}'
- builder:
name: lf-infra-packer-validate
builders:
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: '{openstack}'
+ steps:
+ - config-file-provider:
+ files:
+ - file-id: clouds-yaml
+ target: '$HOME/.config/openstack/clouds.yaml'
+ - inject:
+ properties-content: OS_CLOUD={openstack-cloud}
- config-file-provider:
files:
- file-id: '{packer-cloud-settings}'
- variable: 'CLOUDENV'
+ variable: CLOUDENV
- inject:
properties-content: |
PACKER_VERSION={packer-version}
- shell: !include-raw:
- ../shell/packer-clear-credentials.sh
+- builder:
+ name: lf-infra-push-gerrit-patch
+ builders:
+ - inject:
+ properties-content: |
+ PROJECT={project}
+ GERRIT_COMMIT_MESSAGE={gerrit-commit-message}
+ GERRIT_HOST={gerrit-host}
+ GERRIT_TOPIC={gerrit-topic}
+ GERRIT_USER={gerrit-user}
+ REVIEWERS_EMAIL={reviewers-email}
+ - shell: !include-raw-escape: ../shell/gerrit-push-patch.sh
+
- builder:
name: lf-infra-sysstat
builders:
- builder:
name: lf-infra-deploy-maven-file
- # Deploy files to a repository.
- #
- # The builder requires passing the following parameters
- # REPO_ID: Repository ID
- # GROUP_ID: Group ID of the repository
- # UPLOAD_FILES_PATH: Path to directory containing one or more files
builders:
- lf-maven-install:
mvn-version: '{mvn-version}'
GROUP_ID={group-id}
UPLOAD_FILES_PATH={upload-files-dir}
- shell: !include-raw-escape:
- - ../shell/lftools-install.sh
- ../shell/common-variables.sh
- ../shell/deploy-maven-file.sh
- lf-provide-maven-settings-cleanup
+- builder:
+ name: lf-maven-central
+ builders:
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: '{mvn-central}'
+ steps:
+ - lf-infra-create-netrc:
+ server-id: 'ossrh'
+ - inject:
+ properties-content: 'OSSRH_PROFILE_ID={ossrh-profile-id}'
+ - shell: !include-raw-escape: ../shell/maven-central.sh
+
- builder:
name: lf-maven-install
- # call maven-target builder with a goal of --version to force Jenkins to
- # install the needed maven version
builders:
# Create a $HOME/.wgetrc to make the Maven download quiet.
- shell: 'echo "quiet=on" > "$HOME/.wgetrc"'
- builder:
name: lf-provide-maven-settings
- # Push a global settings and user settings maven files
builders:
- config-file-provider:
files:
- builder:
name: lf-pip-install
- # Call pip install to install packages into a virtualenv
- # The first package listed in PIP_PACKAGES is used as the virtualenv name.
builders:
- inject:
properties-content: PIP_PACKAGES={pip-packages}
- builder:
name: lf-provide-maven-settings-cleanup
- # Clear maven settings files after we are done using them
builders:
- shell: |
#!/bin/bash
set +e # DO NOT cause build failure if any of the rm calls fail.
- rm "$GLOBAL_SETTINGS_FILE" "$SETTINGS_FILE"
+ rm -f "$GLOBAL_SETTINGS_FILE" "$SETTINGS_FILE"
# In some cases we use the lf-provide-maven-settings macro to produce
# a "$HOME/.netrc" file containing credentials. Remove that file here
# too if it exists.
- rm "$HOME/.netrc"
+ rm -f "$HOME/.netrc"
# DO NOT fail build if any of the above lines fail.
exit 0
name: lf-rtd-trigger-build
builders:
- inject:
- properties-content: RTD_PROJECT={rtd-project}
+ properties-content: |
+ RTD_BUILD_URL={rtd-build-url}
+ RTD_TOKEN={rtd-token}
- shell: !include-raw-escape: ../shell/rtd-trigger-build.sh
- builder:
builders:
- inject:
properties-content: DOC_DIR={doc-dir}
- - shell: !include-raw-escape:
- - ../shell/tox-install.sh
- - ../shell/rtd-verify.sh
+ - shell: !include-raw-escape: ../shell/tox-install.sh
+ - shell: !include-raw-escape: ../shell/rtd-verify.sh
+
+- builder:
+ name: lf-sigul-sign-dir
+ # Requires that Jenkins be configured with SIGUL_BRIDGE_IP as a global
+ # Environment variable
+ builders:
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: '{sign-artifacts}'
+ steps:
+ - config-file-provider:
+ files:
+ - file-id: sigul-config
+ variable: SIGUL_CONFIG
+ - file-id: sigul-password
+ variable: SIGUL_PASSWORD
+ - file-id: sigul-pki
+ variable: SIGUL_PKI
+ - shell: !include-raw-escape: ../shell/sigul-configuration.sh
+ - shell: !include-raw-escape: ../shell/sigul-install.sh
+ - inject:
+ properties-content: SIGN_DIR={sign-dir}
+ - shell: !include-raw-escape:
+ - ../shell/common-variables.sh
+ - ../shell/sigul-sign-dir.sh
+ - shell: !include-raw-escape: ../shell/sigul-configuration-cleanup.sh
+
+- builder:
+ name: lf-infra-provide-docker-cleanup
+ builders:
+ - shell: |
+ #!/bin/bash
+ set +e # DO NOT cause build failure if docker rmi fails
+ docker rmi -f $(docker images -a -q)
+ exit 0
+
##############
# PARAMETERS #
##############
+- parameter:
+ name: lf-clm-parameters
+ parameters:
+ - string:
+ name: NEXUS_IQ_STAGE
+ default: '{nexus-iq-stage}'
+ description: |
+ Stage the policy evaluation will be run against on the Nexus IQ Server.
+
+- parameter:
+ name: lf-cmake-parameters
+ # Parameters useful in CMake builds.
+ parameters:
+ - string:
+ name: BUILD_DIR
+ default: '{build-dir}'
+ description: 'Directory to build the project in.'
+ - string:
+ name: CMAKE_OPTS
+ default: '{cmake-opts}'
+ description: |
+ Options to pass to CMAKE.
+ Example: -DCMAKE_INSTALL_PREFIX=$WORKSPACE/target/output
+ - string:
+ name: INSTALL_PREFIX
+ default: '{install-prefix}'
+ description: 'Install prefix for C/C++ builds. Example: /usr/local'
+ - string:
+ name: MAKE_OPTS
+ default: '{make-opts}'
+ description: 'Options to pass to make. Example: -j8'
+
- parameter:
name: lf-infra-maven-parameters
parameters:
name: MVN
# Sets an env var for shell scripts to be able to call the dynamically
# installed maven without having to calculate the path themselves.
+ # yamllint disable-line rule:line-length
default: '/w/tools/hudson.tasks.Maven_MavenInstallation/{mvn-version}/bin/mvn'
description: 'Maven selector to be used by shell scripts'
- - string:
- name: STAGING_PROFILE_ID
- default: '{staging-profile-id}'
- description: |
- Nexus staging profile ID.
-
- parameter:
name: lf-infra-openstack-parameters
name: PROJECT
default: '{project}'
description: |
- Parameter to identify a Gerrit project. This is typically the
- project repo path as exists in Gerrit.
- For example: ofextensions/circuitsw
+ Parameter to identify a SCM project to build. This is typically
+ the project repo path. For example: ofextensions/circuitsw
- string:
name: STREAM
default: '{stream}'
name: GERRIT_PROJECT
default: '{project}'
description: |
- Parameter to identify Gerrit project. This is typically the
- project repo path as exists in Gerrit.
- For example: ofextensions/circuitsw
+ Gerrit Trigger provided parameter to identify Gerrit project that
+ triggered the build. This is typically the project repo path as
+ exists in Gerrit. For example: ofextensions/circuitsw
- Note that Gerrit will override this parameter automatically if a
- job is triggered by Gerrit.
+ If using Gerrit, in a manual build this should match the PROJECT
+ parameter above.
- string:
name: GERRIT_BRANCH
default: '{branch}'
description: |
- Parameter to identify a Gerrit branch.
+ Gerrit Trigger provided parameter to identify a Gerrit branch.
- Note that Gerrit will override this parameter automatically if a
- job is triggered by Gerrit.
+ If using Gerrit, in a manual build override with the branch to
+ build against.
- string:
name: GERRIT_REFSPEC
default: 'refs/heads/{branch}'
description: |
- Parameter to identify a refspec when pulling from Gerrit.
+ Gerrit Trigger provided parameter to identify a refspec to fetch
+ from Gerrit.
- Note that Gerrit will override this parameter automatically if a
- job is triggered by Gerrit.
+ If using Gerrit, in a manual build override with a refspec.
+ https://git-scm.com/book/en/v2/Git-Internals-The-Refspec
+ For example: 'refs/heads/master'
- string:
- name: LFTOOLS_VERSION
- default: '{lftools-version}'
+ name: sha1
+ default: 'origin/{branch}'
description: |
- Version of lftools to install. Can be a specific version like
- '0.6.0' or a PEP-440 definition.
- https://www.python.org/dev/peps/pep-0440/
- For example '<1.0.0' or '>=1.0.0,<2.0.0'.
+ GitHub PR Trigger provided parameter for specifying the commit
+ to checkout.
+
+ If using GitHub, in a manual build override with a branch path or
+ sha1 hash to a specific commit. For example: 'origin/master'
- parameter:
name: lf-infra-node-parameters
- # Parameters for NodeJS
parameters:
- string:
name: NODE_DIR
- parameter:
name: lf-infra-tox-parameters
- # Useful parameters when working with TOX
- # https://tox.readthedocs.io/
parameters:
- string:
name: TOX_DIR
exec-pattern: "**/**.exec"
class-pattern: "**/classes"
source-pattern: "**/src/main/java"
+ # yamllint disable-line rule:line-length
exclusion-pattern: "**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**"
status-update: true
targets:
publishers:
- postbuildscript:
builders:
- - lf-infra-sysstat
- - lf-infra-ship-logs
- script-only-if-succeeded: false
- script-only-if-failed: false
- mark-unstable-if-failed: false
+ - role: BOTH
+ build-on:
+ - ABORTED
+ - FAILURE
+ - NOT_BUILT
+ - SUCCESS
+ - UNSTABLE
+ build-steps:
+ - lf-infra-sysstat
+ - lf-infra-package-listing
+ - lf-infra-ship-logs
+ mark-unstable-if-failed: true
+ - workspace-cleanup:
+ exclude:
+ # Do not clean up *.jenkins-trigger files for jobs that use a
+ # properties file as input for triggering another build.
+ - '**/*.jenkins-trigger'
+ fail-build: false
+
+- publisher:
+ name: lf-infra-publish-windows
+ # lf-infra macro to finish up a build.
+ #
+ # Handles the following:
+ # - Shipping logs to Nexus logs site repository
+ # - Cleanup workspace
+ publishers:
+ # TODO: RELENG-1228 Develop log shipping script for Windows systems
+ # - postbuildscript:
+ # builders:
+ # - role: BOTH
+ # build-on:
+ # - ABORTED
+ # - FAILURE
+ # - NOT_BUILT
+ # - SUCCESS
+ # - UNSTABLE
+ # build-steps:
+ # - lf-infra-ship-logs-windows
+ # mark-unstable-if-failed: true
- workspace-cleanup:
exclude:
# Do not clean up *.jenkins-trigger files for jobs that use a
wipe-workspace: true
submodule:
recursive: '{submodule-recursive}'
+ timeout: '{submodule-timeout}'
choosing-strategy: '{choosing-strategy}'
- scm:
credentials-id: '{jenkins-ssh-credential}'
url: '{url}'
refspec: '{refspec}'
+ branches:
+ - '{branch}'
skip-tag: true
wipe-workspace: true
submodule:
recursive: '{submodule-recursive}'
+ timeout: '{submodule-timeout}'
choosing-strategy: '{choosing-strategy}'
-############
-# TRIGGERS #
-############
-
-- trigger:
- name: lf-infra-github-pr-trigger
- triggers:
- - github-pull-request:
- trigger-phrase: '{trigger-phrase}'
- only-trigger-phrase: '{only-trigger-phrase}'
- status-context: '{status-context}'
- permit-all: '{permit-all}'
- github-hooks: '{github-hooks}'
- auto-close-on-fail: false
- org-list:
- - '{github-org}'
- white-list: '{obj:github_pr_whitelist}'
- admin-list: '{obj:github_pr_admin_list}'
-
############
# WRAPPERS #
############
- wrapper:
- name: lf-infra-wrappers
+ name: lf-infra-wrappers-common
wrappers:
- mask-passwords
- timeout:
timeout-var: 'BUILD_TIMEOUT'
fail: true
- timestamps
+ - openstack:
+ single-use: true
+
+- wrapper:
+ name: lf-infra-wrappers
+ wrappers:
+ - lf-infra-wrappers-common:
+ build-timeout: '{build-timeout}'
+ - config-file-provider:
+ files:
+ - file-id: npmrc
+ target: '$HOME/.npmrc'
+ - file-id: pipconf
+ target: '$HOME/.config/pip/pip.conf'
- ssh-agent-credentials:
users:
- '{jenkins-ssh-credential}'
- - openstack:
- single-use: true
+
+- wrapper:
+ name: lf-infra-wrappers-windows
+ wrappers:
+ - lf-infra-wrappers-common:
+ build-timeout: '{build-timeout}'