---
# This file contains job templates for Maven projects.
-- job-group:
- name: '{project-name}-maven-jobs'
+##########
+# Macros #
+##########
- # This job group contains all the recommended jobs that should be deployed
- # for any project ci.
-
- jobs:
- - gerrit-maven-clm
- - gerrit-maven-release
- - gerrit-maven-verify
-
-- job-group:
- name: '{project-name}-github-maven-jobs'
-
- # This job group contains all the recommended jobs that should be deployed
- # for any project ci that is using github.
-
- jobs:
- - github-maven-clm
- - github-maven-release
- - github-maven-verify
-
-- job-group:
- name: '{project-name}-maven-javadoc-jobs'
-
- # This job group contains all the recommended jobs that should be deployed
- # for any project ci.
+- builder:
+ name: lf-maven-build
+ builders:
+ - inject:
+ properties-content: "MAVEN_GOALS={mvn-goals}"
+ - shell: !include-raw-escape:
+ - ../shell/common-variables.sh
+ - ../shell/maven-build.sh
- jobs:
- - gerrit-maven-javadoc-publish
- - gerrit-maven-javadoc-verify
+- builder:
+ name: lf-maven-deploy
+ builders:
+ - shell: !include-raw:
+ - ../shell/common-variables.sh
+ - ../shell/maven-deploy.sh
-- job-group:
- name: '{project-name}-github-maven-javadoc-jobs'
+- builder:
+ name: lf-maven-versions-plugin
+ builders:
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: "{maven-versions-plugin}"
+ steps:
+ - inject:
+ properties-file: "{version-properties-file}"
+ - maven-target:
+ maven-version: "{mvn-version}"
+ pom: "{mvn-pom}"
+ goals: "versions:set versions:update-child-modules versions:commit -B"
+ properties:
+ - "newVersion=${{release_version}}"
+ settings: "{mvn-settings}"
+ settings-type: cfp
+ global-settings: "global-settings"
+ global-settings-type: cfp
- # This job group contains all the recommended jobs that should be deployed
- # for any project ci.
+- builder:
+ name: lf-maven-stage
+ builders:
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-infra-create-netrc:
+ server-id: "{mvn-staging-id}"
+ # include-raw-escape fails due to JJB bug
+ - shell: !include-raw-escape:
+ - ../shell/common-variables.sh
+ - ../shell/maven-stage.sh
+ - lf-provide-maven-settings-cleanup
- jobs:
- - github-maven-javadoc-publish
- - github-maven-javadoc-verify
+- builder:
+ name: lf-update-java-alternatives
+ builders:
+ - inject:
+ # Work around inject plugin overriding our GIT_URL variable incorrectly
+ # https://issues.jenkins-ci.org/browse/JENKINS-49775
+ properties-content: |
+ SET_JDK_VERSION={java-version}
+ GIT_URL="$GIT_URL"
+ - shell: !include-raw-escape: ../shell/update-java-alternatives.sh
+ - inject:
+ properties-file: "/tmp/java.env"
####################
# COMMON FUNCTIONS #
####################
-- lf_maven_common: &lf_maven_common
+- _lf_maven_common: &lf_maven_common
name: lf-maven-common
+ ######################
+ # Default parameters #
+ ######################
+
+ archive-artifacts: >
+ **/*.log
+ **/hs_err_*.log
+ **/target/**/feature.xml
+ **/target/failsafe-reports/failsafe-summary.xml
+ **/target/surefire-reports/*-output.txt
+
+ #####################
+ # Job Configuration #
+ #####################
+
project-type: freestyle
- node: '{build-node}'
- jdk: '{java-version}'
+ node: "{build-node}"
properties:
- lf-infra-properties:
- build-days-to-keep: '{build-days-to-keep}'
+ build-days-to-keep: "{build-days-to-keep}"
parameters:
- lf-infra-parameters:
- project: '{project}'
- branch: '{branch}'
- stream: '{stream}'
- lftools-version: '{lftools-version}'
+ project: "{project}"
+ branch: "{branch}"
+ stream: "{stream}"
- lf-infra-maven-parameters:
- mvn-opts: '{mvn-opts}'
- mvn-params: '{mvn-params}'
- mvn-version: '{mvn-version}'
- # Staging repos do not make sense for CLM jobs so set it blank.
- staging-profile-id: '{staging-profile-id}'
+ mvn-opts: "{mvn-opts}"
+ mvn-params: "{mvn-params}"
+ mvn-version: "{mvn-version}"
+ - string:
+ name: ARCHIVE_ARTIFACTS
+ default: "{archive-artifacts}"
+ description: Artifacts to archive to the logs server.
wrappers:
- lf-infra-wrappers:
- build-timeout: '{build-timeout}'
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ build-timeout: "{build-timeout}"
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
publishers:
# TODO: Make email notification work.
# Maven CLM #
#############
-- lf_maven_clm: &lf_maven_clm
+- _lf_maven_clm: &lf_maven_clm
name: lf-maven-clm
- # Produces a CLM scan of the code into Nexus IQ Server.
- #
- # Required parameters:
- # build-node: The node to run build on.
- # jenkins-ssh-credential: Credential to use for SSH. (Generally should
- # be configured in defaults.yaml)
- # mvn-settings: The name of settings file containing credentials for
- # the project.
- #
- # Optional parameters:
- # mvn-global-settings: The name of the Maven global settings to use for
- # Maven configuration. (default: global-settings)
-
######################
# Default parameters #
######################
branch: master
- build-days-to-keep: 30 # 30 days for troubleshooting purposes
- build-timeout: 15
- git-url: '$GIT_URL/$PROJECT'
- java-version: openjdk8
+ build-days-to-keep: 30 # 30 days for troubleshooting purposes
+ build-timeout: 60
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ java-version: openjdk13
mvn-global-settings: global-settings
- mvn-opts: ''
- mvn-params: ''
- mvn-version: mvn33
- staging-profile-id: '' # Unused in this job
+ mvn-goals: clean install
+ mvn-opts: ""
+ mvn-params: ""
+ mvn-version: mvn35
+ nexus-iq-namespace: "" # Recommend a trailing dash when set. Example: odl-
+ nexus-iq-stage: "build"
stream: master
submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
+
+ nexus_iq_scan_patterns:
+ - "**/*.ear"
+ - "**/*.jar"
+ - "**/*.tar.gz"
+ - "**/*.war"
+ - "**/*.zip"
+
+ gerrit_clm_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+run-clm\s*$'
+
+ parameters:
+ - lf-infra-parameters:
+ project: "{project}"
+ branch: "{branch}"
+ stream: "{stream}"
+ - lf-infra-maven-parameters:
+ mvn-opts: "{mvn-opts}"
+ mvn-params: "{mvn-params}"
+ mvn-version: "{mvn-version}"
+ - string:
+ name: ARCHIVE_ARTIFACTS
+ default: "{archive-artifacts}"
+ description: Artifacts to archive to the logs server.
+ - lf-clm-parameters:
+ nexus-iq-stage: "{nexus-iq-stage}"
#####################
# Job Configuration #
#####################
- triggers:
- # Build weekly on Saturdays
- - timed: 'H H * * 6'
+ disabled: "{disable-job}"
builders:
+ - lf-infra-pre-build
- lf-maven-install:
- mvn-version: '{mvn-version}'
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
- lf-provide-maven-settings:
- global-settings-file: '{mvn-global-settings}'
- settings-file: '{mvn-settings}'
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-infra-sonatype-clm:
+ mvn-goals: "{mvn-goals}"
+ - lf-provide-maven-settings-cleanup
+ - shell: 'find . -regex ".*karaf/target" | xargs rm -rf'
+ - nexus-iq-policy-evaluator:
+ stage: "{nexus-iq-stage}"
+ application-type: "manual"
+ application-id: "{nexus-iq-namespace}{project-name}"
+ scan-patterns: "{obj:nexus_iq_scan_patterns}"
+ fail-build-network-error: true
+
+- builder:
+ name: lf-infra-sonatype-clm
+ # Run a CLM scan build with Maven
+ builders:
+ - inject:
+ properties-content: |
+ MAVEN_GOALS={mvn-goals}
- shell: !include-raw-escape:
- ../shell/common-variables.sh
- ../shell/sonatype-clm.sh
- - lf-provide-maven-settings-cleanup
- - shell: 'find . -regex ".*karaf/target" | xargs rm -rf'
- - sonatype-clm:
- application-name: '{project-name}'
- job-template:
- name: '{project-name}-maven-clm-{stream}'
+ name: "{project-name}-maven-clm-{stream}"
id: gerrit-maven-clm
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
scm:
- lf-infra-gerrit-scm:
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
- git-url: '{git-url}'
- refspec: '$GERRIT_REFSPEC'
- branch: '$GERRIT_BRANCH'
- submodule-recursive: '{submodule-recursive}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
+ triggers:
+ # Build weekly on Saturdays
+ - timed: "H H * * 6"
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_clm_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ skip-vote:
+ successful: true
+ failed: true
+ unstable: true
+ notbuilt: true
+
- job-template:
- name: '{project-name}-maven-clm-{stream}'
+ name: "{project-name}-maven-clm-{stream}"
id: github-maven-clm
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
<<: *lf_maven_clm
properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+ - github:
+ url: "{github-url}/{github-org}/{project}"
+
+ scm:
+ - lf-infra-github-scm:
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: ""
+ branch: "refs/heads/{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ # Build weekly on Saturdays
+ - timed: "H H * * 6"
+ - github-pull-request:
+ trigger-phrase: "^run-clm$"
+ only-trigger-phrase: true
+ status-context: "CLM"
+ permit-all: true
+ github-hooks: true
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
+
+##################
+# Maven Snyk CLI #
+##################
+
+- _lf_maven_snyk_cli: &lf_maven_snyk_cli
+ name: lf-maven-snyk_cli
+
+ ######################
+ # Default parameters #
+ ######################
+
+ branch: master
+ build-days-to-keep: 30 # 30 days for troubleshooting purposes
+ build-timeout: 60
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ java-version: openjdk11
+ mvn-global-settings: global-settings
+ mvn-goals: clean install
+ mvn-opts: ""
+ mvn-params: ""
+ mvn-version: mvn35
+ snyk-cli-options: ""
+ snyk-token-credential-id: snyk-token
+ snyk-org-credential-id: snyk-org
+ stream: master
+ submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
+
+ gerrit_snyk_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+run-snyk\s*$'
+
+ parameters:
+ - lf-infra-parameters:
+ project: "{project}"
+ branch: "{branch}"
+ stream: "{stream}"
+ - lf-infra-maven-parameters:
+ mvn-opts: "{mvn-opts}"
+ mvn-params: "{mvn-params}"
+ mvn-version: "{mvn-version}"
+ - string:
+ name: SNYK_CLI_OPTIONS
+ default: "{snyk-cli-options}"
+ description: Additional Snyk CLI commands and options
+ - string:
+ name: ARCHIVE_ARTIFACTS
+ default: "{archive-artifacts}"
+ description: Artifacts to archive to the logs server.
+
+ wrappers:
+ - credentials-binding:
+ - text:
+ credential-id: "{snyk-token-credential-id}"
+ variable: SNYK_TOKEN
+ - text:
+ credential-id: "{snyk-org-credential-id}"
+ variable: SNYK_ORG
+
+ #####################
+ # Job Configuration #
+ #####################
+
+ disabled: "{disable-job}"
+
+ builders:
+ - lf-infra-pre-build
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ - lf-infra-snyk-cli-scanner
+ - lf-provide-maven-settings-cleanup
+ - shell: 'find . -regex ".*karaf/target" | xargs rm -rf'
+
+- builder:
+ name: lf-infra-snyk-cli-scanner
+ # Download and run the Snyk CLI scanner
+ builders:
+ - shell: !include-raw-escape:
+ - ../shell/snyk-cli-scanner-run.sh
+
+- job-template:
+ name: "{project-name}-maven-snyk-cli-{stream}"
+ id: gerrit-maven-snyk-cli
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_snyk_cli
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+
+ triggers:
+ # Build weekly on Saturdays
+ - timed: "H H * * 6"
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_snyk_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ skip-vote:
+ successful: true
+ failed: true
+ unstable: true
+ notbuilt: true
+
+- job-template:
+ name: "{project-name}-maven-snyk-cli-{stream}"
+ id: github-maven-snyk-cli
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_snyk_cli
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
- github:
- url: '{git-url}/{github-org}/{project}'
+ url: "{github-url}/{github-org}/{project}"
scm:
- lf-infra-github-scm:
- url: '{git-clone-url}{github-org}/{project}'
- refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: ""
+ branch: "refs/heads/{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ # Build weekly on Saturdays
+ - timed: "H H * * 6"
+ - github-pull-request:
+ trigger-phrase: "^run-snyk$"
+ only-trigger-phrase: true
+ status-context: "SNYK scan"
+ permit-all: true
+ github-hooks: true
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
#########################
# Maven Javadoc Publish #
#########################
-- lf_maven_javadoc_publish: &lf_maven_javadoc_publish
+- _lf_maven_javadoc_publish: &lf_maven_javadoc_publish
name: lf-maven-javadoc-publish
- # Produces and publishes javadocs for a Maven project.
- #
- # Expects javadocs to be available in $WORKSPACE/target/site/apidocs
- #
- # Required parameters:
- #
- # :build-node: The node to run build on.
- # :javadoc-path: The path in Nexus to deploy javadoc to.
- # :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- # be configured in defaults.yaml)
- # :mvn-settings: The name of settings file containing credentials for
- # the project.
- # :mvn-site-id: Maven Server ID from settings.xml to pull credentials from.
- # (Note: This setting should be configured in defaults.yaml.)
- #
- # Optional parameters:
- #
- # :branch: The branch to build against. (default: master)
- # :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
- # :build-timeout: Timeout in seconds before aborting build. (default: 60)
- # :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
- # :java-version: Version of Java to use for the build. (default: openjdk8)
- # :mvn-global-settings: The name of the Maven global settings to use for
- # Maven configuration. (default: global-settings)
- # :mvn-opts: Sets MAVEN_OPTS. (default: '')
- # :mvn-params: Additional mvn parameters to pass to the cli. (default: '')
- # :mvn-version: Version of maven to use. (default: mvn33)
- # :submodule-recursive: Whether to checkout submodules recursively.
- # (default: true)
- #
- # :gerrit_merge_triggers: Override Gerrit Triggers.
-
######################
# Default parameters #
######################
branch: master
- build-days-to-keep: 30 # 30 days in case a release takes long to get approved.
- build-timeout: 30
- git-url: '$GIT_URL/$PROJECT'
- java-version: openjdk8
+ build-days-to-keep: 30 # 30 days in case a release takes long to get approved.
+ build-timeout: 60
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ java-version: openjdk11
+ mvn-dir: "."
mvn-global-settings: global-settings
- mvn-opts: ''
- mvn-params: ''
- mvn-version: mvn33
- staging-profile-id: '' # Unused by the javadoc jobs
+ mvn-opts: ""
+ mvn-params: ""
+ mvn-version: mvn35
stream: master
submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
gerrit_merge_triggers:
- change-merged-event
- comment-added-contains-event:
- comment-contains-value: remerge$
+ comment-contains-value: '^Patch Set\s+\d+:\s+remerge\s*$'
#####################
# Job Configuration #
#####################
+ disabled: "{disable-job}"
+
builders:
+ - lf-infra-pre-build
- lf-maven-install:
- mvn-version: '{mvn-version}'
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
- lf-provide-maven-settings:
- global-settings-file: '{mvn-global-settings}'
- settings-file: '{mvn-settings}'
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
- lf-infra-create-netrc:
- server-id: '{mvn-site-id}'
+ server-id: "{mvn-site-id}"
- inject:
- properties-content: 'DEPLOY_PATH={javadoc-path}'
+ properties-content: |
+ DEPLOY_PATH={javadoc-path}
+ MAVEN_DIR={mvn-dir}
- shell: !include-raw-escape:
- ../shell/common-variables.sh
- ../shell/maven-javadoc-generate.sh
- - ../shell/lftools-install.sh
- ../shell/maven-javadoc-publish.sh
- lf-provide-maven-settings-cleanup
- job-template:
- name: '{project-name}-maven-javadoc-publish-{stream}'
+ name: "{project-name}-maven-javadoc-publish-{stream}-{java-version}"
id: gerrit-maven-javadoc-publish
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
<<: *lf_maven_javadoc_publish
- git-url: '$GIT_URL/$GERRIT_PROJECT'
+ git-url: "$GIT_URL/$GERRIT_PROJECT"
scm:
- lf-infra-gerrit-scm:
- git-url: '{git-url}'
- refspec: ''
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ git-url: "{git-url}"
+ refspec: ""
+ branch: "{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
triggers:
- gerrit:
- server-name: '{gerrit-server-name}'
- trigger-on: '{obj:gerrit_merge_triggers}'
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_merge_triggers}"
projects:
- project-compare-type: ANT
- project-pattern: '{project}'
+ project-pattern: "{project}"
branches:
- branch-compare-type: ANT
- branch-pattern: '**/{branch}'
+ branch-pattern: "**/{branch}"
- job-template:
- name: '{project-name}-maven-javadoc-publish-{stream}'
+ name: "{project-name}-maven-javadoc-publish-{stream}-{java-version}"
id: github-maven-javadoc-publish
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
<<: *lf_maven_javadoc_publish
properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
- github:
- url: '{git-url}/{github-org}/{project}'
+ url: "{github-url}/{github-org}/{project}"
scm:
- lf-infra-github-scm:
- url: '{git-clone-url}{github-org}/{project}'
- refspec: ''
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: ""
+ branch: "{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
triggers:
- github
- pollscm:
- cron: ''
- - lf-infra-github-pr-trigger:
- trigger-phrase: '^remerge$'
+ cron: ""
+ - github-pull-request:
+ trigger-phrase: "^remerge$"
only-trigger-phrase: true
- status-context: 'JJB Merge'
- permit-all: false
+ status-context: "Maven Javadoc Publish"
+ permit-all: true
github-hooks: true
- github-org: '{github-org}'
- github_pr_whitelist: '{obj:github_pr_whitelist}'
- github_pr_admin_list: '{obj:github_pr_admin_list}'
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
########################
# Maven Javadoc Verify #
########################
-- lf_maven_javadoc_verify: &lf_maven_javadoc_verify
+- _lf_maven_javadoc_verify: &lf_maven_javadoc_verify
name: lf-maven-javadoc-verify
- # Produces javadocs for a Maven project.
- #
- # Expects javadocs to be available in $WORKSPACE/target/site/apidocs
- #
- # Required parameters:
- # build-node: The node to run build on.
- # jenkins-ssh-credential: Credential to use for SSH. (Generally should
- # be configured in defaults.yaml)
- # mvn-settings: The name of settings file containing credentials for
- # the project.
- #
- # Optional parameters:
- #
- # :branch: The branch to build against. (default: master)
- # :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
- # :build-timeout: Timeout in seconds before aborting build. (default: 60)
- # :deploy-path: The path in Nexus to deploy javadoc to. (default: $PROJECT/$STREAM)
- # :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
- # :java-version: Version of Java to use for the build. (default: openjdk8)
- # :mvn-global-settings: The name of the Maven global settings to use for
- # Maven configuration. (default: global-settings)
- # :mvn-opts: Sets MAVEN_OPTS. (default: '')
- # :mvn-params: Additional mvn parameters to pass to the cli. (default: '')
- # :mvn-version: Version of maven to use. (default: mvn33)
- # :submodule-recursive: Whether to checkout submodules recursively.
- # (default: true)
- #
- # :gerrit_verify_triggers: Override Gerrit Triggers.
-
######################
# Default parameters #
######################
branch: master
- build-days-to-keep: 30 # 30 days in case a release takes long to get approved.
- build-timeout: 30
- git-url: '$GIT_URL/$PROJECT'
- java-version: openjdk8
+ build-days-to-keep: 30 # 30 days in case a release takes long to get approved.
+ build-timeout: 60
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ java-version: openjdk11
+ mvn-dir: "."
mvn-global-settings: global-settings
- mvn-opts: ''
- mvn-params: ''
- mvn-version: mvn33
- staging-profile-id: '' # Unused by the javadoc jobs
+ mvn-opts: ""
+ mvn-params: ""
+ mvn-version: mvn35
stream: master
submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
gerrit_verify_triggers:
- patchset-created-event:
exclude-no-code-change: false
- draft-published-event
- comment-added-contains-event:
- comment-contains-value: recheck$
+ comment-contains-value: '^Patch Set\s+\d+:\s+(recheck|reverify)\s*$'
#####################
# Job Configuration #
#####################
+ concurrent: true
+ disabled: "{disable-job}"
+
builders:
+ - lf-infra-pre-build
- lf-maven-install:
- mvn-version: '{mvn-version}'
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
- lf-provide-maven-settings:
- global-settings-file: '{mvn-global-settings}'
- settings-file: '{mvn-settings}'
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - inject:
+ properties-content: |
+ MAVEN_DIR={mvn-dir}
- shell: !include-raw-escape:
- ../shell/common-variables.sh
- ../shell/maven-javadoc-generate.sh
- lf-provide-maven-settings-cleanup
- job-template:
- name: '{project-name}-maven-javadoc-verify-{stream}'
+ name: "{project-name}-maven-javadoc-verify-{stream}-{java-version}"
id: gerrit-maven-javadoc-verify
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
scm:
- lf-infra-gerrit-scm:
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
- git-url: '{git-url}'
- refspec: '$GERRIT_REFSPEC'
- branch: '$GERRIT_BRANCH'
- submodule-recursive: '{submodule-recursive}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: gerrit
triggers:
- gerrit:
- server-name: '{gerrit-server-name}'
- trigger-on: '{obj:gerrit_verify_triggers}'
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_verify_triggers}"
projects:
- project-compare-type: ANT
- project-pattern: '{project}'
+ project-pattern: "{project}"
branches:
- branch-compare-type: ANT
- branch-pattern: '**/{branch}'
+ branch-pattern: "**/{branch}"
- job-template:
- name: '{project-name}-maven-javadoc-verify-{stream}'
+ name: "{project-name}-maven-javadoc-verify-{stream}-{java-version}"
id: github-maven-javadoc-verify
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
<<: *lf_maven_javadoc_verify
properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
- github:
- url: '{git-url}/{github-org}/{project}'
+ url: "{github-url}/{github-org}/{project}"
scm:
- lf-infra-github-scm:
- url: '{git-clone-url}{github-org}/{project}'
- refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "$sha1"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
triggers:
- - lf-infra-github-pr-trigger:
- trigger-phrase: '^recheck$'
- only-trigger-phrase: true
- status-context: 'Maven Javadoc'
+ - github-pull-request:
+ trigger-phrase: ^(recheck|reverify)$
+ only-trigger-phrase: false
+ status-context: "Maven Javadoc Verify"
permit-all: true
github-hooks: true
- github-org: ''
- github_pr_whitelist:
- - ''
- github_pr_admin_list:
- - ''
-
-#################
-# Maven Release #
-#################
-
-- lf_maven_release: &lf_maven_release
- name: lf-maven-release
-
- # Produces a release candidate by creating a staging repo in Nexus.
- #
- # Runs a Maven build and deploys to $WORKSPACE/m2repo directory. This
- # directory can then be reused later to deploy to Nexus.
- #
- # Required parameters:
- # :build-node: The node to run build on.
- # :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- # be configured in defaults.yaml)
- # :mvn-settings: The name of settings file containing credentials for
- # the project.
- # :mvn-staging-id: Maven Server ID from settings.xml to pull credentials from.
- # (Note: This setting should be configured in defaults.yaml.)
- # :staging-profile-id: Profile ID of the project's Nexus staging profile.
- #
- # Optional parameters:
- # :gerrit_verify_triggers: Override Gerrit Triggers.
- # :mvn-global-settings: The name of the Maven global settings to use for
- # Maven configuration. (default: global-settings)
- # :cron: Cron schedule when to trigger the job. This parameter also
- # supports multiline input via YAML pipe | character in cases where
- # one may want to provide more than 1 cron timer. (default: '')
+ white-list-target-branches:
+ - "{branch}"
+
+###############
+# Maven Merge #
+###############
+
+- _lf_maven_merge: &lf_maven_merge
+ name: lf-maven-merge
######################
# Default parameters #
######################
branch: master
- build-days-to-keep: 30 # 30 days in case a release takes long to get approved.
- build-timeout: 30
- git-url: '$GIT_URL/$PROJECT'
- java-version: openjdk8
+ build-days-to-keep: 30 # 30 days in case we need to troubleshoot
+ build-timeout: 60
+ cron: "@daily"
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ jacoco-exclude-pattern: "**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**"
+ java-version: openjdk11
mvn-global-settings: global-settings
- mvn-opts: ''
- mvn-params: ''
- mvn-version: mvn33
+ mvn-goals: clean deploy
+ mvn-opts: ""
+ mvn-params: "-Dmerge"
+ mvn-version: mvn35
+ nexus-cut-dirs: 6 # Number of dirs in the Nexus path to remove for wget -r.
+ pre-build-script: "# pre-build script goes here"
+ post-build-script: "# post-build script goes here"
stream: master
submodule-recursive: true
- cron: ''
+ submodule-timeout: 10
+ submodule-disable: false
- gerrit_release_triggers:
+ gerrit_merge_triggers:
+ - change-merged-event
- comment-added-contains-event:
- comment-contains-value: build release$
+ comment-contains-value: '^Patch Set\s+\d+:\s+remerge\s*$'
+
+ gerrit_trigger_file_paths:
+ - compare-type: REG_EXP
+ pattern: ".*"
+
+ # github_included_regions MUST match gerrit_trigger_file_paths
+ github_included_regions:
+ - ".*"
+
+ post_build_trigger: ""
#####################
# Job Configuration #
#####################
+ disabled: "{disable-job}"
+
builders:
+ - lf-infra-pre-build
- lf-jacoco-nojava-workaround
- lf-maven-install:
- mvn-version: '{mvn-version}'
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
- lf-provide-maven-settings:
- global-settings-file: '{mvn-global-settings}'
- settings-file: '{mvn-settings}'
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
- lf-infra-create-netrc:
- server-id: '{mvn-staging-id}'
- - shell: !include-raw-escape:
- - ../shell/lftools-install.sh
- - ../shell/common-variables.sh
- - ../shell/maven-patch-release.sh
- - ../shell/maven-build.sh
- - ../shell/maven-stage.sh
+ server-id: "{mvn-snapshot-id}"
+ - inject:
+ properties-content: |
+ NEXUS_CUT_DIRS={nexus-cut-dirs}
+ NEXUS_REPO={nexus-snapshot-repo}
+ - shell: !include-raw-escape: ../shell/maven-fetch-metadata.sh
+ - shell: "{pre-build-script}"
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ - shell: "{post-build-script}"
+ - lf-maven-deploy
- lf-provide-maven-settings-cleanup
+ publishers:
+ - findbugs
+ - lf-jacoco-report:
+ exclude-pattern: "{jacoco-exclude-pattern}"
+ - lf-infra-publish
+ - trigger-parameterized-builds: "{obj:post_build_trigger}"
+
- job-template:
- name: '{project-name}-maven-release-{stream}'
- id: gerrit-maven-release
+ name: "{project-name}-maven-merge-{stream}"
+ id: gerrit-maven-merge
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
- <<: *lf_maven_release
+ <<: *lf_maven_merge
scm:
- lf-infra-gerrit-scm:
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
- git-url: '{git-url}'
- refspec: '$GERRIT_REFSPEC'
- branch: '$GERRIT_BRANCH'
- submodule-recursive: '{submodule-recursive}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
triggers:
- - timed: '{obj:cron}'
+ - timed: "{obj:cron}"
- gerrit:
- server-name: '{gerrit-server-name}'
- trigger-on: '{obj:gerrit_release_triggers}'
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_merge_triggers}"
projects:
- project-compare-type: ANT
- project-pattern: '{project}'
+ project-pattern: "{project}"
branches:
- branch-compare-type: ANT
- branch-pattern: '**/{branch}'
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
- job-template:
- name: '{project-name}-maven-release-{stream}'
- id: github-maven-release
+ name: "{project-name}-maven-merge-{stream}"
+ id: github-maven-merge
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
- <<: *lf_maven_release
+ <<: *lf_maven_merge
properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
- github:
- url: '{git-url}/{github-org}/{project}'
+ url: "{github-url}/{github-org}/{project}"
scm:
- lf-infra-github-scm:
- url: '{git-clone-url}{github-org}/{project}'
- refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: ""
+ branch: "refs/heads/{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
triggers:
- - timed: '{obj:cron}'
- - lf-infra-github-pr-trigger:
- trigger-phrase: '^build release$'
+ - timed: "{obj:cron}"
+ - github
+ - pollscm:
+ cron: ""
+ - github-pull-request:
+ trigger-phrase: "^remerge$"
only-trigger-phrase: true
- status-context: 'Maven Release'
+ status-context: "Maven Merge"
permit-all: true
github-hooks: true
- github-org: ''
- github_pr_whitelist:
- - ''
- github_pr_admin_list:
- - ''
-
-###############
-# Maven Sonar #
-###############
-
-- lf_maven_sonar: &lf_maven_sonar
- name: lf-maven-sonar
-
- # Sonar job which runs mvn clean install then publishes to Sonar.
- #
- # This job purposely only runs on the master branch as there are Additional
- # configuration needed to support multiple branches and there's not much
- # interest in that kind of support.
- #
- # Required parameters:
- #
- # :build-node: The node to run build on.
- # :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- # be configured in defaults.yaml)
- # :mvn-settings: The name of settings file containing credentials for
- # the project.
- #
- # Optional parameters:
- #
- # :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
- # :build-timeout: Timeout in seconds before aborting build. (default: 60)
- # :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
- # :java-version: Version of Java to use for the build. (default: openjdk8)
- # :mvn-global-settings: The name of the Maven global settings to use for
- # Maven configuration. (default: global-settings)
- # :mvn-opts: Sets MAVEN_OPTS. (default: '')
- # :mvn-params: Additional mvn parameters to pass to the cli. (default: '')
- # :mvn-version: Version of maven to use. (default: mvn33)
- # :submodule-recursive: Whether to checkout submodules recursively.
- # (default: true)
- #
- # :gerrit_sonar_triggers: Override Gerrit Triggers.
-
- ######################
- # Default parameters #
- ######################
-
- branch: master # Sonar should always be run on master branch
- build-days-to-keep: 7
- build-timeout: 30
- git-url: '$GIT_URL/$PROJECT'
- java-version: openjdk8
- mvn-global-settings: global-settings
- mvn-opts: ''
- mvn-params: ''
- mvn-version: mvn33
- staging-profile-id: '' # Unused in this job
- stream: master
- submodule-recursive: true
-
- gerrit_sonar_triggers:
- - comment-added-contains-event:
- comment-contains-value: run-sonar$
-
- #####################
- # Job Configuration #
- #####################
-
- triggers:
- - timed: 'H H * * 6'
- - gerrit:
- server-name: '{gerrit-server-name}'
- trigger-on: '{obj:gerrit_sonar_triggers}'
- projects:
- - project-compare-type: 'ANT'
- project-pattern: '{project}'
- branches:
- - branch-compare-type: 'ANT'
- branch-pattern: '**/master'
- skip-vote:
- successful: true
- failed: true
- unstable: true
- notbuilt: true
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
+ included-regions: "{obj:github_included_regions}"
- builders:
- - lf-infra-maven-sonar:
- mvn-settings: '{mvn-settings}'
- mvn-version: '{mvn-version}'
+##########################
+# Maven Merge for Docker #
+##########################
- publishers:
- - lf-jacoco-report
- - findbugs
- - lf-infra-publish
+- _lf_maven_docker_merge: &lf_maven_docker_merge
+ name: lf-maven-docker-merge
-- builder:
- name: lf-infra-maven-sonar
- # Run a Sonar build with Maven
builders:
+ - lf-infra-pre-build
+ - lf-jacoco-nojava-workaround
- lf-maven-install:
- mvn-version: '{mvn-version}'
+ mvn-version: "{mvn-version}"
+ - lf-infra-docker-login:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ # must provide maven settings AFTER docker due to its cleanup
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-infra-create-netrc:
+ server-id: "{mvn-snapshot-id}"
- inject:
- # Switch this to the sonar wrapper when JJB 2.0 is available
properties-content: |
- SONAR_HOST_URL=$SONAR_URL
- SONAR_MAVEN_GOAL=sonar:sonar
- - lf-provide-maven-settings:
- global-settings-file: global-settings
- settings-file: '{mvn-settings}'
- - shell: !include-raw-escape:
- - ../shell/common-variables.sh
- - ../shell/maven-sonar.sh
+ NEXUS_CUT_DIRS={nexus-cut-dirs}
+ NEXUS_REPO={nexus-snapshot-repo}
+ CONTAINER_PULL_REGISTRY={container-public-registry}
+ CONTAINER_PUSH_REGISTRY={container-snapshot-registry}
+ - shell: !include-raw-escape: ../shell/maven-fetch-metadata.sh
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ # NO lf-maven-deploy
- lf-provide-maven-settings-cleanup
- job-template:
- name: '{project-name}-sonar'
- id: gerrit-maven-sonar
+ name: "{project-name}-maven-docker-merge-{stream}"
+ id: gerrit-maven-docker-merge
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
- <<: *lf_maven_sonar
+ <<: *lf_maven_merge
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_docker_merge
scm:
- lf-infra-gerrit-scm:
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
- git-url: '{git-url}'
- refspec: $GERRIT_REFSPEC
- branch: $GERRIT_BRANCH
- submodule-recursive: '{submodule-recursive}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
+ triggers:
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_merge_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
+
- job-template:
- name: '{project-name}-sonar'
- id: github-maven-sonar
+ name: "{project-name}-maven-docker-merge-{stream}"
+ id: github-maven-docker-merge
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_merge
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_docker_merge
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+ - github:
+ url: "{github-url}/{github-org}/{project}"
+
+ scm:
+ - lf-infra-github-scm:
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: ""
+ branch: "refs/heads/{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ - github
+ - pollscm:
+ cron: ""
+ - github-pull-request:
+ trigger-phrase: "^remerge$"
+ only-trigger-phrase: true
+ status-context: "Maven Docker Merge"
+ permit-all: true
+ github-hooks: true
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
+ included-regions: "{obj:github_included_regions}"
+
+###############
+# Maven Stage #
+###############
+
+- _lf_maven_stage: &lf_maven_stage
+ name: lf-maven-stage
+
+ ######################
+ # Default parameters #
+ ######################
+
+ branch: master
+ build-days-to-keep: 30 # 30 days in case a release takes long to get approved.
+ build-timeout: 60
+ cron: ""
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ java-version: openjdk11
+ maven-versions-plugin: false
+ version-properties-file: version.properties
+ mvn-central: false
+ mvn-global-settings: global-settings
+ mvn-goals: clean deploy
+ mvn-opts: ""
+ mvn-params: ""
+ mvn-version: mvn35
+ ossrh-profile-id: ""
+ mvn-pom: ""
+ sbom-flags: ""
+ sbom-path: "$WORKSPACE"
+ sbom-generator: false
+ sbom-generator-version: "v0.0.15"
+ sign-artifacts: false
+ sign-mode: serial
+ stream: master
+ submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
+
+ gerrit_release_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+stage-(maven-)?release\s*$'
+
+ gerrit_trigger_file_paths:
+ - compare-type: ANT
+ pattern: "**"
+
+ # github_included_regions MUST match gerrit_trigger_file_paths
+ github_included_regions:
+ - ".*"
+
+ #####################
+ # Job Configuration #
+ #####################
+
+ disabled: "{disable-job}"
+
+ parameters:
+ - lf-infra-parameters:
+ project: "{project}"
+ branch: "{branch}"
+ stream: "{stream}"
+ - lf-infra-maven-parameters:
+ mvn-opts: "{mvn-opts}"
+ mvn-params: "{mvn-params}"
+ mvn-version: "{mvn-version}"
+ staging-profile-id: "{staging-profile-id}"
+ - bool:
+ name: MAVEN_VERSIONS_PLUGIN
+ default: "{maven-versions-plugin}"
+ description: Use maven-versions-plugin to update pom versions.
+ - string:
+ name: ARCHIVE_ARTIFACTS
+ default: "{archive-artifacts}"
+ description: Artifacts to archive to the logs server.
+ - string:
+ name: STAGING_PROFILE_ID
+ default: "{staging-profile-id}"
+ description: Nexus staging profile ID.
+ - string:
+ name: SBOM_GENERATOR_VERSION
+ default: "{sbom-generator-version}"
+ description: SBOM generator version to download and run.
+ - string:
+ name: SBOM_PATH
+ default: "{sbom-path}"
+ description: path where SBOM needs to be executed.
+
+ builders:
+ - lf-infra-pre-build
+ - lf-jacoco-nojava-workaround
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-maven-versions-plugin:
+ maven-versions-plugin: "{maven-versions-plugin}"
+ version-properties-file: "{version-properties-file}"
+ mvn-version: "{mvn-version}"
+ mvn-pom: "{mvn-pom}"
+ mvn-settings: "{mvn-settings}"
+ - shell: !include-raw-escape: ../shell/maven-patch-release.sh
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ # With SBOM Generator
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: "{sbom-generator}"
+ steps:
+ - shell: echo 'Running SBOM Generator'
+ - lf-infra-maven-sbom-generator:
+ sbom-flags: "{sbom-flags}"
+ - lf-sigul-sign-dir:
+ sign-artifacts: "{sign-artifacts}"
+ sign-dir: "$WORKSPACE/m2repo"
+ sign-mode: "{sign-mode}"
+ - lf-maven-stage:
+ mvn-global-settings: "{mvn-global-settings}"
+ mvn-settings: "{mvn-settings}"
+ mvn-staging-id: "{mvn-staging-id}"
+ - lf-maven-central:
+ mvn-central: "{mvn-central}"
+ mvn-global-settings: "{mvn-global-settings}"
+ mvn-settings: "{mvn-settings}"
+ ossrh-profile-id: "{ossrh-profile-id}"
+ - lf-provide-maven-settings-cleanup
+
+- job-template:
+ name: "{project-name}-maven-stage-{stream}"
+ id: gerrit-maven-stage
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_stage
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+
+ triggers:
+ - timed: "{obj:cron}"
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_release_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
+
+- job-template:
+ name: "{project-name}-maven-stage-{stream}"
+ id: github-maven-stage
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_stage
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+ - github:
+ url: "{github-url}/{github-org}/{project}"
+
+ scm:
+ - lf-infra-github-scm:
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ - timed: "{obj:cron}"
+ - github-pull-request:
+ trigger-phrase: "^stage-(maven-)?release$"
+ only-trigger-phrase: true
+ status-context: "Maven Release"
+ permit-all: true
+ github-hooks: true
+ white-list-target-branches:
+ - "{branch}"
+ included-regions: "{obj:github_included_regions}"
+
+##########################
+# Maven Stage for Docker #
+##########################
+
+- _lf_maven_docker_stage: &lf_maven_docker_stage
+ name: lf-maven-docker-stage
+
+ builders:
+ - lf-infra-pre-build
+ - lf-jacoco-nojava-workaround
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - lf-infra-docker-login:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ # must provide maven settings AFTER docker-login due to its cleanup
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-maven-versions-plugin:
+ maven-versions-plugin: "{maven-versions-plugin}"
+ version-properties-file: "{version-properties-file}"
+ mvn-version: "{mvn-version}"
+ mvn-pom: "{mvn-pom}"
+ mvn-settings: "{mvn-settings}"
+ - shell: !include-raw-escape: ../shell/maven-patch-release.sh
+ - inject:
+ properties-content: |
+ CONTAINER_PULL_REGISTRY={container-public-registry}
+ CONTAINER_PUSH_REGISTRY={container-staging-registry}
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ - lf-sigul-sign-dir:
+ sign-artifacts: "{sign-artifacts}"
+ sign-dir: "$WORKSPACE/m2repo"
+ sign-mode: "{sign-mode}"
+ # NO lf-maven-stage
+ # NO lf-maven-central
+ - lf-provide-maven-settings-cleanup
+
+ gerrit_release_docker_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+stage-(docker-)?release\s*$'
+
+- job-template:
+ name: "{project-name}-maven-docker-stage-{stream}"
+ id: gerrit-maven-docker-stage
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_stage
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_docker_stage
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+
+ triggers:
+ - timed: "{obj:cron}"
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_release_docker_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
+
+- job-template:
+ name: "{project-name}-maven-docker-stage-{stream}"
+ id: github-maven-docker-stage
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_stage
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_docker_stage
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+ - github:
+ url: "{github-url}/{github-org}/{project}"
+
+ scm:
+ - lf-infra-github-scm:
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "{branch}"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ - timed: "{obj:cron}"
+ - github-pull-request:
+ trigger-phrase: "^stage-(docker-)?release$"
+ only-trigger-phrase: true
+ status-context: "Maven Release"
+ permit-all: true
+ github-hooks: true
+ white-list-target-branches:
+ - "{branch}"
+ included-regions: "{obj:github_included_regions}"
+
+###############
+# Maven Sonar #
+###############
+
+- _lf_maven_sonar: &lf_maven_sonar
+ name: lf-maven-sonar
+
+ ######################
+ # Default parameters #
+ ######################
+
+ branch: master # Sonar should always be run on master branch
+ build-days-to-keep: 7
+ build-timeout: 60
+ cron: "H H * * 6" # run weekly
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ jacoco-exclude-pattern: "**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**"
+ java-version: openjdk11
+ java-opts: ""
+ mvn-global-settings: global-settings
+ mvn-goals: clean install
+ mvn-opts: ""
+ mvn-params: ""
+ mvn-version: mvn35
+ sonar-mvn-goal: "sonar:sonar"
+ sonarcloud: false
+ sonarcloud-project-key: ""
+ sonarcloud-project-organization: ""
+ sonarcloud-api-token-cred-id: sonarcloud-api-token
+ sonarcloud-qualitygate-wait: false
+ # Projects not compatible with jdk13 can set java-version to something else
+ sonarcloud-java-version: openjdk13
+ stream: master
+ submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
+ scan-dev-branch: false
+
+ gerrit_sonar_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+run-sonar\s*$'
+
+ #####################
+ # Job Configuration #
+ #####################
+
+ disabled: "{disable-job}"
+
+ parameters:
+ - lf-infra-parameters:
+ project: "{project}"
+ branch: "{branch}"
+ stream: "{stream}"
+ - lf-infra-maven-parameters:
+ mvn-opts: "{mvn-opts}"
+ mvn-params: "{mvn-params}"
+ mvn-version: "{mvn-version}"
+ - string:
+ name: ARCHIVE_ARTIFACTS
+ default: "{archive-artifacts}"
+ description: Artifacts to archive to the logs server.
+ - string:
+ name: JAVA_OPTS
+ default: "{java-opts}"
+ description: |
+ Java options. Example: -Xmx1024m
+ - string:
+ name: SONAR_MAVEN_GOAL
+ default: "{sonar-mvn-goal}"
+ description: |
+ Maven goals to pass to the Sonar call. Typically sonar:sonar
+ however to use a specific version of the sonar-maven-plugin we
+ can call "org.codehaus.mojo:sonar-maven-plugin:3.3.0.603:sonar".
+
+ wrappers:
+ - credentials-binding:
+ - text:
+ credential-id: "{sonarcloud-api-token-cred-id}"
+ variable: API_TOKEN
+
+ triggers:
+ - timed: "{obj:cron}"
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_sonar_triggers}"
+ projects:
+ - project-compare-type: "ANT"
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: "ANT"
+ branch-pattern: "**/master"
+ skip-vote:
+ successful: true
+ failed: true
+ unstable: true
+ notbuilt: true
+
+ publishers:
+ - lf-jacoco-report:
+ exclude-pattern: "{jacoco-exclude-pattern}"
+ - findbugs
+ - lf-infra-publish
+
+- _mvn_sonar_builders: &mvn_sonar_builders
+ name: mvn-sonar-builders
+ builders:
+ - lf-infra-pre-build
+ # With SonarCloud
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: "{sonarcloud}"
+ steps:
+ - shell: echo 'Using SonarCloud'
+ - lf-infra-maven-sonarcloud:
+ java-version: "{java-version}"
+ mvn-goals: "{mvn-goals}"
+ mvn-settings: "{mvn-settings}"
+ mvn-version: "{mvn-version}"
+ sonarcloud-project-key: "{sonarcloud-project-key}"
+ sonarcloud-project-organization: "{sonarcloud-project-organization}"
+ sonarcloud-java-version: "{sonarcloud-java-version}"
+ sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
+ scan-dev-branch: "{scan-dev-branch}"
+ # With SonarQube
+ - conditional-step:
+ condition-kind: not
+ condition-operand:
+ condition-kind: boolean-expression
+ condition-expression: "{sonarcloud}"
+ steps:
+ - shell: echo 'Using SonarQube'
+ - lf-infra-maven-sonar:
+ java-version: "{java-version}"
+ mvn-goals: "{mvn-goals}"
+ mvn-settings: "{mvn-settings}"
+ mvn-version: "{mvn-version}"
+
+- _mvn_sonar_builders_prescan_script: &mvn_sonar_builders_prescan_script
+ name: mvn-sonar-builders-prescan-script
+ builders:
+ - shell: "{sonar-prescan-script}"
+ - lf-infra-pre-build
+ # With SonarCloud
+ - conditional-step:
+ condition-kind: boolean-expression
+ condition-expression: "{sonarcloud}"
+ steps:
+ - shell: echo 'Using SonarCloud'
+ - lf-infra-maven-sonarcloud:
+ java-version: "{java-version}"
+ mvn-goals: "{mvn-goals}"
+ mvn-settings: "{mvn-settings}"
+ mvn-version: "{mvn-version}"
+ sonarcloud-project-key: "{sonarcloud-project-key}"
+ sonarcloud-project-organization: "{sonarcloud-project-organization}"
+ sonarcloud-java-version: "{sonarcloud-java-version}"
+ sonarcloud-qualitygate-wait: "{sonarcloud-qualitygate-wait}"
+ scan-dev-branch: "{scan-dev-branch}"
+ # With SonarQube
+ - conditional-step:
+ condition-kind: not
+ condition-operand:
+ condition-kind: boolean-expression
+ condition-expression: "{sonarcloud}"
+ steps:
+ - shell: echo 'Using SonarQube'
+ - lf-infra-maven-sonar:
+ java-version: "{java-version}"
+ mvn-goals: "{mvn-goals}"
+ mvn-settings: "{mvn-settings}"
+ mvn-version: "{mvn-version}"
+
+- builder:
+ name: lf-infra-maven-sbom-generator
+ # Run Maven goals and trigger SPDX SBOM Generator tool
+ builders:
+ - inject:
+ properties-content: |
+ SBOM_FLAGS={sbom-flags}
+ - shell: !include-raw-escape:
+ - ../shell/sbom-generator.sh
+
+- builder:
+ name: lf-infra-maven-sonar
+ # Run a Sonar build with Maven
+ builders:
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - inject:
+ # Switch this to the sonar wrapper when JJB 2.0 is available
+ properties-content: |
+ SONAR_HOST_URL=$SONAR_URL
+ MAVEN_GOALS={mvn-goals}
+ - lf-provide-maven-settings:
+ global-settings-file: global-settings
+ settings-file: "{mvn-settings}"
+ - shell: !include-raw-escape:
+ - ../shell/common-variables.sh
+ - ../shell/maven-sonar.sh
+ - lf-provide-maven-settings-cleanup
+
+- builder:
+ name: lf-infra-maven-sonarcloud
+ # Run a Sonar build with Maven
+ builders:
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - inject:
+ # Switch this to the sonar wrapper when JJB 2.0 is available
+ properties-content: |
+ SONAR_HOST_URL=https://sonarcloud.io
+ PROJECT_KEY={sonarcloud-project-key}
+ PROJECT_ORGANIZATION={sonarcloud-project-organization}
+ MAVEN_GOALS={mvn-goals}
+ SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
+ SCAN_DEV_BRANCH={scan-dev-branch}
+ SONARCLOUD_QUALITYGATE_WAIT={sonarcloud-qualitygate-wait}
+ - lf-provide-maven-settings:
+ global-settings-file: global-settings
+ settings-file: "{mvn-settings}"
+ - shell: !include-raw-escape:
+ - ../shell/common-variables.sh
+ - ../shell/maven-sonar.sh
+ - lf-provide-maven-settings-cleanup
+
+- job-template:
+ name: "{project-name}-sonar"
+ id: gerrit-maven-sonar
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_sonar
+ <<: *mvn_sonar_builders
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: $GERRIT_REFSPEC
+ branch: $GERRIT_BRANCH
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+
+- job-template:
+ name: "{project-name}-sonar-verify"
+ id: gerrit-maven-sonar-verify
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_sonar
+ <<: *mvn_sonar_builders
+
+ sonarcloud: true
+ scan-dev-branch: true
+ sonarcloud-qualitygate-wait: false
+
+ gerrit_sonar_triggers:
+ - patchset-created-event:
+ exclude-drafts: true
+ exclude-trivial-rebase: false
+ exclude-no-code-change: false
+ - draft-published-event
+ - comment-added-contains-event:
+ comment-contains-value: '^Patch Set\s+\d+:\s+(recheck|reverify)\s*$'
+
+ gerrit_trigger_file_paths:
+ - compare-type: REG_EXP
+ pattern: ".*"
+
+ triggers:
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_sonar_triggers}"
+ projects:
+ - project-compare-type: "ANT"
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: "ANT"
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: $GERRIT_REFSPEC
+ branch: $GERRIT_BRANCH
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: gerrit
+
+- job-template:
+ name: "{project-name}-sonar-prescan-script"
+ id: gerrit-maven-sonar-prescan-script
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_sonar
+ <<: *mvn_sonar_builders_prescan_script
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: $GERRIT_REFSPEC
+ branch: $GERRIT_BRANCH
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+
+- job-template:
+ name: "{project-name}-sonar"
+ id: github-maven-sonar
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
<<: *lf_maven_sonar
properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
- github:
- url: '{git-url}/{github-org}/{project}'
+ url: "{github-url}/{github-org}/{project}"
scm:
- lf-infra-github-scm:
- url: '{git-clone-url}{github-org}/{project}'
- refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "$sha1"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
triggers:
- - lf-infra-github-pr-trigger:
- trigger-phrase: '^recheck$'
- only-trigger-phrase: false
- status-context: 'Maven Verify'
+ - timed: "{obj:cron}"
+ - github-pull-request:
+ trigger-phrase: "^run-sonar$"
+ only-trigger-phrase: true
+ status-context: "Maven Sonar"
permit-all: true
github-hooks: true
- github-org: ''
- github_pr_whitelist:
- - ''
- github_pr_admin_list:
- - ''
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
+
+- job-template:
+ name: "{project-name}-sonar-prescan-script"
+ id: github-maven-sonar-prescan-script
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_sonar
+ <<: *mvn_sonar_builders_prescan_script
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+ - github:
+ url: "{github-url}/{github-org}/{project}"
+
+ scm:
+ - lf-infra-github-scm:
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "$sha1"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ - timed: "{obj:cron}"
+ - github-pull-request:
+ trigger-phrase: "^run-sonar$"
+ only-trigger-phrase: true
+ status-context: "Maven Sonar"
+ permit-all: true
+ github-hooks: true
+ org-list:
+ - "{github-org}"
+ white-list: "{obj:github_pr_allowlist}"
+ admin-list: "{obj:github_pr_admin_list}"
+ white-list-target-branches:
+ - "{branch}"
################
# Maven Verify #
################
-- lf_maven_verify: &lf_maven_verify
+- _lf_maven_verify: &lf_maven_verify
name: lf-maven-verify
- # Verify job which runs mvn clean install to test a project build..
- #
- # Required parameters:
- #
- # :build-node: The node to run build on.
- # :jenkins-ssh-credential: Credential to use for SSH. (Generally should
- # be configured in defaults.yaml)
- # :mvn-settings: The name of settings file containing credentials for
- # the project.
- #
- # Optional parameters:
- #
- # :branch: Git branch to fetch for the build. (default: master)
- # :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7)
- # :build-timeout: Timeout in seconds before aborting build. (default: 60)
- # :git-url: URL clone project from. (default: $GIT_URL/$PROJECT)
- # :java-version: Version of Java to use for the build. (default: openjdk8)
- # :mvn-global-settings: The name of the Maven global settings to use for
- # Maven configuration. (default: global-settings)
- # :mvn-opts: Sets MAVEN_OPTS. (default: '')
- # :mvn-params: Additional mvn parameters to pass to the cli. (default: '')
- # :mvn-version: Version of maven to use. (default: mvn33)
- # :stream: Keyword that can be used to represent a release code-name.
- # Often the same as the branch. (default: master)
- # :submodule-recursive: Whether to checkout submodules recursively.
- # (default: true)
- #
- # :gerrit_verify_triggers: Override Gerrit Triggers.
- # :gerrit_trigger_file_paths: Override file paths which can be used to
- # filter which file modifications will trigger a build.
-
######################
# Default parameters #
######################
branch: master
build-days-to-keep: 7
build-timeout: 60
- git-url: '$GIT_URL/$PROJECT'
- java-version: openjdk8
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ jacoco-exclude-pattern: "**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**"
+ java-version: openjdk11
mvn-global-settings: global-settings
- mvn-opts: ''
- mvn-params: '-Dstream=$STREAM'
- mvn-version: mvn33
- staging-profile-id: '' # Unused in this job
+ mvn-goals: clean deploy
+ mvn-opts: ""
+ mvn-params: "-Dstream=$STREAM -Dmaven.source.skip=true"
+ mvn-version: mvn35
+ pre-build-script: "# pre-build script goes here"
+ post-build-script: "# post-build script goes here"
stream: master
submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
gerrit_verify_triggers:
- patchset-created-event:
exclude-no-code-change: false
- draft-published-event
- comment-added-contains-event:
- comment-contains-value: recheck$
+ comment-contains-value: '^Patch Set\s+\d+:\s+(recheck|reverify)\s*$'
+
gerrit_trigger_file_paths:
- - compare-type: ANT
- pattern: '**'
+ - compare-type: REG_EXP
+ pattern: ".*"
+
+ # github_included_regions MUST match gerrit_trigger_file_paths
+ github_included_regions:
+ - ".*"
#####################
# Job Configuration #
#####################
concurrent: true
+ disabled: "{disable-job}"
builders:
+ - lf-infra-pre-build
- lf-jacoco-nojava-workaround
- lf-maven-install:
- mvn-version: '{mvn-version}'
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
- lf-provide-maven-settings:
- global-settings-file: '{mvn-global-settings}'
- settings-file: '{mvn-settings}'
- - shell: !include-raw-escape:
- - ../shell/lftools-install.sh
- - ../shell/common-variables.sh
- - ../shell/maven-build.sh
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - shell: "{pre-build-script}"
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ - shell: "{post-build-script}"
- lf-provide-maven-settings-cleanup
publishers:
- findbugs
- - lf-jacoco-report
+ - lf-jacoco-report:
+ exclude-pattern: "{jacoco-exclude-pattern}"
- lf-infra-publish
- job-template:
- name: '{project-name}-maven-verify-{stream}-{mvn-version}-{java-version}'
+ name: "{project-name}-maven-verify-{stream}-{mvn-version}-{java-version}"
id: gerrit-maven-verify
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
scm:
- lf-infra-gerrit-scm:
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
- git-url: '{git-url}'
- refspec: '$GERRIT_REFSPEC'
- branch: '$GERRIT_BRANCH'
- submodule-recursive: '{submodule-recursive}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: gerrit
triggers:
- gerrit:
- server-name: '{gerrit-server-name}'
- trigger-on: '{obj:gerrit_verify_triggers}'
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_verify_triggers}"
projects:
- project-compare-type: ANT
- project-pattern: '{project}'
+ project-pattern: "{project}"
branches:
- branch-compare-type: ANT
- branch-pattern: '**/{branch}'
- file-paths: '{obj:gerrit_trigger_file_paths}'
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
- job-template:
- name: '{project-name}-maven-verify-{stream}-{mvn-version}-{java-version}'
+ name: "{project-name}-maven-verify-{stream}-{mvn-version}-{java-version}"
id: github-maven-verify
<<: *lf_maven_common
# yamllint disable-line rule:key-duplicates
<<: *lf_maven_verify
properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
- github:
- url: '{git-url}/{github-org}/{project}'
+ url: "{github-url}/{github-org}/{project}"
scm:
- lf-infra-github-scm:
- url: '{git-clone-url}{github-org}/{project}'
- refspec: '+refs/pull/*:refs/remotes/origin/pr/*'
- branch: '{branch}'
- submodule-recursive: '{submodule-recursive}'
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "$sha1"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
choosing-strategy: default
- jenkins-ssh-credential: '{jenkins-ssh-credential}'
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
triggers:
- - lf-infra-github-pr-trigger:
- trigger-phrase: '^recheck$'
+ - github-pull-request:
+ trigger-phrase: "^(recheck|reverify)$"
only-trigger-phrase: false
- status-context: 'Maven Verify'
+ status-context: "Maven Verify {mvn-version}-{java-version}"
permit-all: true
github-hooks: true
- github-org: ''
- github_pr_whitelist:
- - ''
- github_pr_admin_list:
- - ''
+ white-list-target-branches:
+ - "{branch}"
+ included-regions: "{obj:github_included_regions}"
+
+###########################
+# Maven Verify for Docker #
+###########################
+
+- _lf_maven_docker_verify: &lf_maven_docker_verify
+ name: lf-maven-docker-verify
+
+ # image push not allowed during verification
+ mvn-goals: clean install
+
+ builders:
+ - lf-infra-pre-build
+ - lf-jacoco-nojava-workaround
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - lf-infra-docker-login:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ # must provide maven settings AFTER docker due to its cleanup
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - inject:
+ properties-content: |
+ CONTAINER_PULL_REGISTRY={container-public-registry}
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ - lf-provide-maven-settings-cleanup
+
+- job-template:
+ name: "{project-name}-maven-docker-verify-{stream}-{mvn-version}-{java-version}"
+ id: gerrit-maven-docker-verify
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_verify
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_docker_verify
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: gerrit
+
+ triggers:
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_verify_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
+
+- job-template:
+ name: "{project-name}-maven-docker-verify-{stream}-{mvn-version}-{java-version}"
+ id: github-maven-docker-verify
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_verify
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_docker_verify
+
+ properties:
+ - lf-infra-properties:
+ build-days-to-keep: "{build-days-to-keep}"
+ - github:
+ url: "{github-url}/{github-org}/{project}"
+
+ scm:
+ - lf-infra-github-scm:
+ url: "{git-clone-url}{github-org}/{project}"
+ refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+ branch: "$sha1"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: default
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+ triggers:
+ - github-pull-request:
+ trigger-phrase: "^(recheck|reverify)$"
+ only-trigger-phrase: false
+ status-context: "Maven Docker Verify {mvn-version}-{java-version}"
+ permit-all: true
+ github-hooks: true
+ white-list-target-branches:
+ - "{branch}"
+ included-regions: "{obj:github_included_regions}"
+
+#############################
+# Maven Verify Dependencies #
+#############################
+
+- _lf_maven_verify_dependencies: &lf_maven_verify_dependencies
+ name: lf-maven-verify-dependencies
+
+ ######################
+ # Default parameters #
+ ######################
+
+ branch: master
+ build-days-to-keep: 7
+ build-timeout: 60
+ disable-job: false
+ git-url: "$GIT_URL/$PROJECT"
+ github-url: "https://github.com"
+ jacoco-exclude-pattern: "**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**"
+ java-version: openjdk11
+ mvn-global-settings: global-settings
+ mvn-goals: clean deploy
+ mvn-opts: ""
+ mvn-params: "-Dstream=$STREAM"
+ mvn-version: mvn35
+ stream: master
+ submodule-recursive: true
+ submodule-timeout: 10
+ submodule-disable: false
+
+ gerrit_verify_triggers:
+ - comment-added-contains-event:
+ comment-contains-value: "recheck: [0-9 ]+"
+ gerrit_trigger_file_paths:
+ - compare-type: ANT
+ pattern: "**"
+
+ #####################
+ # Job Configuration #
+ #####################
+
+ concurrent: true
+ disabled: "{disable-job}"
+
+ builders:
+ - lf-infra-pre-build
+ - lf-jacoco-nojava-workaround
+ - lf-maven-install:
+ mvn-version: "{mvn-version}"
+ - lf-update-java-alternatives:
+ java-version: "{java-version}"
+ - lf-provide-maven-settings:
+ global-settings-file: "{mvn-global-settings}"
+ settings-file: "{mvn-settings}"
+ - lf-fetch-dependent-patches
+ - shell: !include-raw-escape:
+ - ../shell/common-variables.sh
+ - ../shell/maven-build-deps.sh
+ - lf-maven-build:
+ mvn-goals: "{mvn-goals}"
+ - lf-provide-maven-settings-cleanup
+
+ publishers:
+ - findbugs
+ - lf-jacoco-report:
+ exclude-pattern: "{jacoco-exclude-pattern}"
+ - lf-infra-publish
+
+- job-template:
+ name: "{project-name}-maven-verify-deps-{stream}-{mvn-version}-{java-version}"
+ id: gerrit-maven-verify-dependencies
+ <<: *lf_maven_common
+ # yamllint disable-line rule:key-duplicates
+ <<: *lf_maven_verify_dependencies
+
+ scm:
+ - lf-infra-gerrit-scm:
+ jenkins-ssh-credential: "{jenkins-ssh-credential}"
+ git-url: "{git-url}"
+ refspec: "$GERRIT_REFSPEC"
+ branch: "$GERRIT_BRANCH"
+ submodule-recursive: "{submodule-recursive}"
+ submodule-timeout: "{submodule-timeout}"
+ submodule-disable: "{submodule-disable}"
+ choosing-strategy: gerrit
+
+ triggers:
+ - gerrit:
+ server-name: "{gerrit-server-name}"
+ trigger-on: "{obj:gerrit_verify_triggers}"
+ projects:
+ - project-compare-type: ANT
+ project-pattern: "{project}"
+ branches:
+ - branch-compare-type: ANT
+ branch-pattern: "**/{branch}"
+ file-paths: "{obj:gerrit_trigger_file_paths}"
+ comment-text-parameter-mode: PLAIN
Code Review / releng / global-jjb.git / blobdiff