Code Review / releng / global-jjb.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Chore!: Rename 'whitelist' to 'allowlist'
[releng/global-jjb.git] / jjb / lf-maven-jobs.yaml
diff --git a/jjb/lf-maven-jobs.yaml b/jjb/lf-maven-jobs.yaml
index 4b4ad8e..f491617 100644 (file)
--- a/jjb/lf-maven-jobs.yaml
+++ b/jjb/lf-maven-jobs.yaml
@@ -140,8 +140,9 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
     mvn-global-settings: global-settings
+    mvn-goals: clean install
     mvn-opts: ""
     mvn-params: ""
     mvn-version: mvn35
@@ -194,9 +195,8 @@
       - lf-provide-maven-settings:
           global-settings-file: "{mvn-global-settings}"
           settings-file: "{mvn-settings}"
-      - shell: !include-raw-escape:
-          - ../shell/common-variables.sh
-          - ../shell/sonatype-clm.sh
+      - lf-infra-sonatype-clm:
+          mvn-goals: "{mvn-goals}"
       - lf-provide-maven-settings-cleanup
       - shell: 'find . -regex ".*karaf/target" | xargs rm -rf'
       - nexus-iq-policy-evaluator:
@@ -206,6 +206,17 @@
           scan-patterns: "{obj:nexus_iq_scan_patterns}"
           fail-build-network-error: true
 
+- builder:
+    name: lf-infra-sonatype-clm
+    # Run a CLM scan build with Maven
+    builders:
+      - inject:
+          properties-content: |
+            MAVEN_GOALS={mvn-goals}
+      - shell: !include-raw-escape:
+          - ../shell/common-variables.sh
+          - ../shell/sonatype-clm.sh
+
 - job-template:
     name: "{project-name}-maven-clm-{stream}"
     id: gerrit-maven-clm
@@ -277,7 +288,7 @@
           github-hooks: true
           org-list:
             - "{github-org}"
-          white-list: "{obj:github_pr_whitelist}"
+          white-list: "{obj:github_pr_allowlist}"
           admin-list: "{obj:github_pr_admin_list}"
           white-list-target-branches:
             - "{branch}"
@@ -299,7 +310,8 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
+    mvn-dir: "."
     mvn-global-settings: global-settings
     mvn-opts: ""
     mvn-params: ""
@@ -332,7 +344,9 @@
       - lf-infra-create-netrc:
           server-id: "{mvn-site-id}"
       - inject:
-          properties-content: "DEPLOY_PATH={javadoc-path}"
+          properties-content: |
+            DEPLOY_PATH={javadoc-path}
+            MAVEN_DIR={mvn-dir}
       - shell: !include-raw-escape:
           - ../shell/common-variables.sh
           - ../shell/maven-javadoc-generate.sh
@@ -406,7 +420,7 @@
           github-hooks: true
           org-list:
             - "{github-org}"
-          white-list: "{obj:github_pr_whitelist}"
+          white-list: "{obj:github_pr_allowlist}"
           admin-list: "{obj:github_pr_admin_list}"
           white-list-target-branches:
             - "{branch}"
@@ -428,7 +442,8 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
+    mvn-dir: "."
     mvn-global-settings: global-settings
     mvn-opts: ""
     mvn-params: ""
@@ -463,6 +478,9 @@
       - lf-provide-maven-settings:
           global-settings-file: "{mvn-global-settings}"
           settings-file: "{mvn-settings}"
+      - inject:
+          properties-content: |
+            MAVEN_DIR={mvn-dir}
       - shell: !include-raw-escape:
           - ../shell/common-variables.sh
           - ../shell/maven-javadoc-generate.sh
@@ -549,7 +567,7 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
     mvn-global-settings: global-settings
     mvn-goals: clean deploy
     mvn-opts: ""
@@ -678,7 +696,7 @@
           github-hooks: true
           org-list:
             - "{github-org}"
-          white-list: "{obj:github_pr_whitelist}"
+          white-list: "{obj:github_pr_allowlist}"
           admin-list: "{obj:github_pr_admin_list}"
           white-list-target-branches:
             - "{branch}"
@@ -789,7 +807,7 @@
           github-hooks: true
           org-list:
             - "{github-org}"
-          white-list: "{obj:github_pr_whitelist}"
+          white-list: "{obj:github_pr_allowlist}"
           admin-list: "{obj:github_pr_admin_list}"
           white-list-target-branches:
             - "{branch}"
@@ -813,7 +831,7 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
     maven-versions-plugin: false
     version-properties-file: version.properties
     mvn-central: false
@@ -833,7 +851,7 @@
 
     gerrit_release_triggers:
       - comment-added-contains-event:
-          comment-contains-value: '^Patch Set\s+\d+:\s+stage-release\s*$'
+          comment-contains-value: '^Patch Set\s+\d+:\s+stage-(maven-)?release\s*$'
 
     gerrit_trigger_file_paths:
       - compare-type: ANT
@@ -964,7 +982,7 @@
     triggers:
       - timed: "{obj:cron}"
       - github-pull-request:
-          trigger-phrase: "^build release$"
+          trigger-phrase: "^stage-(maven-)?release$"
           only-trigger-phrase: true
           status-context: "Maven Release"
           permit-all: true
@@ -1015,6 +1033,10 @@
       # NO lf-maven-central
       - lf-provide-maven-settings-cleanup
 
+    gerrit_release_docker_triggers:
+      - comment-added-contains-event:
+          comment-contains-value: '^Patch Set\s+\d+:\s+stage-(docker-)?release\s*$'
+
 - job-template:
     name: "{project-name}-maven-docker-stage-{stream}"
     id: gerrit-maven-docker-stage
@@ -1039,7 +1061,7 @@
       - timed: "{obj:cron}"
       - gerrit:
           server-name: "{gerrit-server-name}"
-          trigger-on: "{obj:gerrit_release_triggers}"
+          trigger-on: "{obj:gerrit_release_docker_triggers}"
           projects:
             - project-compare-type: ANT
               project-pattern: "{project}"
@@ -1077,7 +1099,7 @@
     triggers:
       - timed: "{obj:cron}"
       - github-pull-request:
-          trigger-phrase: "^build release$"
+          trigger-phrase: "^stage-(docker-)?release$"
           only-trigger-phrase: true
           status-context: "Maven Release"
           permit-all: true
@@ -1104,7 +1126,8 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
+    java-opts: ""
     mvn-global-settings: global-settings
     mvn-goals: clean install
     mvn-opts: ""
@@ -1115,10 +1138,14 @@
     sonarcloud-project-key: ""
     sonarcloud-project-organization: ""
     sonarcloud-api-token: ""
+    # SonarCloud scan using jdk8 will become deprecated by Oct, 2020
+    # Projects not compatible with jdk11 can set java-version to something else
+    sonarcloud-java-version: openjdk11
     stream: master
     submodule-recursive: true
     submodule-timeout: 10
     submodule-disable: false
+    scan-dev-branch: false
 
     gerrit_sonar_triggers:
       - comment-added-contains-event:
@@ -1143,6 +1170,11 @@
           name: ARCHIVE_ARTIFACTS
           default: "{archive-artifacts}"
           description: Artifacts to archive to the logs server.
+      - string:
+          name: JAVA_OPTS
+          default: "{java-opts}"
+          description: |
+            Java options. Example: -Xmx1024m
       - string:
           name: SONAR_MAVEN_GOAL
           default: "{sonar-mvn-goal}"
@@ -1168,6 +1200,13 @@
             unstable: true
             notbuilt: true
 
+    publishers:
+      - lf-jacoco-report
+      - findbugs
+      - lf-infra-publish
+
+- mvn_sonar_builders: &mvn_sonar_builders
+    name: mvn-sonar-builders
     builders:
       - lf-infra-pre-build
       # With SonarCloud
@@ -1184,6 +1223,8 @@
                 sonarcloud-project-key: "{sonarcloud-project-key}"
                 sonarcloud-project-organization: "{sonarcloud-project-organization}"
                 sonarcloud-api-token: "{sonarcloud-api-token}"
+                sonarcloud-java-version: "{sonarcloud-java-version}"
+                scan-dev-branch: "{scan-dev-branch}"
       # With SonarQube
       - conditional-step:
           condition-kind: not
@@ -1198,10 +1239,40 @@
                 mvn-settings: "{mvn-settings}"
                 mvn-version: "{mvn-version}"
 
-    publishers:
-      - lf-jacoco-report
-      - findbugs
-      - lf-infra-publish
+- mvn_sonar_builders_prescan_script: &mvn_sonar_builders_prescan_script
+    name: mvn-sonar-builders-prescan-script
+    builders:
+      - shell: "{sonar-prescan-script}"
+      - lf-infra-pre-build
+      # With SonarCloud
+      - conditional-step:
+          condition-kind: boolean-expression
+          condition-expression: "{sonarcloud}"
+          steps:
+            - shell: echo 'Using SonarCloud'
+            - lf-infra-maven-sonarcloud:
+                java-version: "{java-version}"
+                mvn-goals: "{mvn-goals}"
+                mvn-settings: "{mvn-settings}"
+                mvn-version: "{mvn-version}"
+                sonarcloud-project-key: "{sonarcloud-project-key}"
+                sonarcloud-project-organization: "{sonarcloud-project-organization}"
+                sonarcloud-api-token: "{sonarcloud-api-token}"
+                sonarcloud-java-version: "{sonarcloud-java-version}"
+                scan-dev-branch: "{scan-dev-branch}"
+      # With SonarQube
+      - conditional-step:
+          condition-kind: not
+          condition-operand:
+            condition-kind: boolean-expression
+            condition-expression: "{sonarcloud}"
+          steps:
+            - shell: echo 'Using SonarQube'
+            - lf-infra-maven-sonar:
+                java-version: "{java-version}"
+                mvn-goals: "{mvn-goals}"
+                mvn-settings: "{mvn-settings}"
+                mvn-version: "{mvn-version}"
 
 - builder:
     name: lf-infra-maven-sonar
@@ -1240,6 +1311,8 @@
             PROJECT_ORGANIZATION={sonarcloud-project-organization}
             MAVEN_GOALS={mvn-goals}
             API_TOKEN={sonarcloud-api-token}
+            SONARCLOUD_JAVA_VERSION={sonarcloud-java-version}
+            SCAN_DEV_BRANCH={scan-dev-branch}
       - lf-provide-maven-settings:
           global-settings-file: global-settings
           settings-file: "{mvn-settings}"
@@ -1254,6 +1327,73 @@
     <<: *lf_maven_common
     # yamllint disable-line rule:key-duplicates
     <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders
+
+    scm:
+      - lf-infra-gerrit-scm:
+          jenkins-ssh-credential: "{jenkins-ssh-credential}"
+          git-url: "{git-url}"
+          refspec: $GERRIT_REFSPEC
+          branch: $GERRIT_BRANCH
+          submodule-recursive: "{submodule-recursive}"
+          submodule-timeout: "{submodule-timeout}"
+          submodule-disable: "{submodule-disable}"
+          choosing-strategy: default
+
+- job-template:
+    name: "{project-name}-sonar-verify"
+    id: gerrit-maven-sonar-verify
+    <<: *lf_maven_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders
+
+    sonarcloud: true
+    scan-dev-branch: true
+
+    gerrit_sonar_triggers:
+      - patchset-created-event:
+          exclude-drafts: true
+          exclude-trivial-rebase: false
+          exclude-no-code-change: false
+      - draft-published-event
+      - comment-added-contains-event:
+          comment-contains-value: '^Patch Set\s+\d+:\s+(recheck|reverify)\s*$'
+
+    gerrit_trigger_file_paths:
+      - compare-type: REG_EXP
+        pattern: ".*"
+
+    triggers:
+      - gerrit:
+          server-name: "{gerrit-server-name}"
+          trigger-on: "{obj:gerrit_sonar_triggers}"
+          projects:
+            - project-compare-type: "ANT"
+              project-pattern: "{project}"
+              branches:
+                - branch-compare-type: "ANT"
+                  branch-pattern: "**/{branch}"
+              file-paths: "{obj:gerrit_trigger_file_paths}"
+
+    scm:
+      - lf-infra-gerrit-scm:
+          jenkins-ssh-credential: "{jenkins-ssh-credential}"
+          git-url: "{git-url}"
+          refspec: $GERRIT_REFSPEC
+          branch: $GERRIT_BRANCH
+          submodule-recursive: "{submodule-recursive}"
+          submodule-timeout: "{submodule-timeout}"
+          submodule-disable: "{submodule-disable}"
+          choosing-strategy: default
+
+- job-template:
+    name: "{project-name}-sonar-prescan-script"
+    id: gerrit-maven-sonar-prescan-script
+    <<: *lf_maven_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders_prescan_script
 
     scm:
       - lf-infra-gerrit-scm:
@@ -1300,7 +1440,47 @@
           github-hooks: true
           org-list:
             - "{github-org}"
-          white-list: "{obj:github_pr_whitelist}"
+          white-list: "{obj:github_pr_allowlist}"
+          admin-list: "{obj:github_pr_admin_list}"
+          white-list-target-branches:
+            - "{branch}"
+
+- job-template:
+    name: "{project-name}-sonar-prescan-script"
+    id: github-maven-sonar-prescan-script
+    <<: *lf_maven_common
+    # yamllint disable-line rule:key-duplicates
+    <<: *lf_maven_sonar
+    <<: *mvn_sonar_builders_prescan_script
+
+    properties:
+      - lf-infra-properties:
+          build-days-to-keep: "{build-days-to-keep}"
+      - github:
+          url: "{github-url}/{github-org}/{project}"
+
+    scm:
+      - lf-infra-github-scm:
+          url: "{git-clone-url}{github-org}/{project}"
+          refspec: "+refs/pull/*:refs/remotes/origin/pr/*"
+          branch: "$sha1"
+          submodule-recursive: "{submodule-recursive}"
+          submodule-timeout: "{submodule-timeout}"
+          submodule-disable: "{submodule-disable}"
+          choosing-strategy: default
+          jenkins-ssh-credential: "{jenkins-ssh-credential}"
+
+    triggers:
+      - timed: "{obj:cron}"
+      - github-pull-request:
+          trigger-phrase: "^run-sonar$"
+          only-trigger-phrase: true
+          status-context: "Maven Sonar"
+          permit-all: true
+          github-hooks: true
+          org-list:
+            - "{github-org}"
+          white-list: "{obj:github_pr_allowlist}"
           admin-list: "{obj:github_pr_admin_list}"
           white-list-target-branches:
             - "{branch}"
@@ -1322,7 +1502,7 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
     mvn-global-settings: global-settings
     mvn-goals: clean deploy
     mvn-opts: ""
@@ -1558,7 +1738,7 @@
     disable-job: false
     git-url: "$GIT_URL/$PROJECT"
     github-url: "https://github.com"
-    java-version: openjdk8
+    java-version: openjdk11
     mvn-global-settings: global-settings
     mvn-goals: clean deploy
     mvn-opts: ""
@@ -1635,3 +1815,4 @@
                 - branch-compare-type: ANT
                   branch-pattern: "**/{branch}"
               file-paths: "{obj:gerrit_trigger_file_paths}"
+          comment-text-parameter-mode: PLAIN
Global Jenkins Job Builder templates