X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=docs%2Fjjb%2Flf-maven-jobs.rst;h=78dfc875c9e23dcc09d4b84ba2650c7ceedf8021;hb=5e7040b0710c05df16d1815be74214c5eb5f9239;hp=9c4d6ca1d18d3597a484d47cc58f3778d61e88f4;hpb=2069fa3b9c656c59fc93c77bf0ba80a18c0ddc00;p=releng%2Fglobal-jjb.git diff --git a/docs/jjb/lf-maven-jobs.rst b/docs/jjb/lf-maven-jobs.rst index 9c4d6ca1..78dfc875 100644 --- a/docs/jjb/lf-maven-jobs.rst +++ b/docs/jjb/lf-maven-jobs.rst @@ -5,58 +5,127 @@ Maven Jobs Job Groups ========== -{project-name}-maven-jobs -------------------------- +.. include:: ../job-groups.rst -Jobs for Maven projects using Gerrit. +Below is a list of Maven job groups: -:Includes: +.. literalinclude:: ../../jjb/lf-maven-job-groups.yaml + :language: yaml - - gerrit-maven-clm - - gerrit-maven-release - - gerrit-maven-verify - - gerrit-maven-verify-dependencies -{project-name}-github-maven-jobs --------------------------------- +Macros +====== -Jobs for Maven projects using GitHub. +lf-infra-maven-sonar +-------------------- -:Includes: +Runs Sonar against a Maven project. - - github-maven-clm - - github-maven-release - - github-maven-verify +:Required Parameters: -{project-name}-maven-javadoc-jobs ---------------------------------- + :java-version: Version of Java to execute Sonar with. (default: openjdk13) + :mvn-version: Version of Maven to execute Sonar with. + :mvn-settings: Maven settings.xml file containing credentials to use. -Jobs for Maven projects to generate javadoc using Gerrit. +lf-infra-maven-sonarcloud +------------------------- -:Includes: +Runs Sonar against a Maven project and pushes results to SonarCloud. - - gerrit-maven-javadoc-publish - - gerrit-maven-javadoc-verify +:Required Parameters: -{project-name}-github-maven-javadoc-jobs ----------------------------------------- + :java-version: Version of Java to execute Maven build. (default: openjdk11) + :mvn-version: Version of Maven to execute Sonar with. + :mvn-settings: Maven settings.xml file containing credentials to use. + :sonarcloud-project-key: SonarCloud project key. + :sonarcloud-project-organization: SonarCloud project organization. + :sonarcloud-java-version: Version of Java to run the Sonar scan. (default: openjdk13) + :sonarcloud-qualitygate-wait: SonarCloud flag that forces the analysis step to + wait for the quality gate result. (default: false) -Jobs for Maven projects to generate javadoc using GitHub. +lf-maven-build +-------------- -:Includes: - - - github-maven-javadoc-publish - - github-maven-javadoc-verify +Calls the maven build script to perform a maven build. +:Required parameters: -Macros -====== + :mvn-goals: The maven goals to perform for the build. + (default: clean deploy) lf-maven-common --------------- Common Jenkins configuration for Maven jobs. +lf-maven-deploy +--------------- + +Calls the maven deploy script to push artifacts to Nexus. + +lf-maven-versions-plugin +------------------------ + +Conditionally calls Maven versions plugin to set, update and commit the maven `versions:set`. + +:Required Parameters: + + :maven-versions-plugin: Whether to call Maven versions plugin or not. (default: false) + :version-properties-file: Name and path of the version properties file. + (default: version.properties) + :mvn-version: Version of Maven to execute Sonar with. + :mvn-pom: Location of pom.xml. + :mvn-settings: Maven settings.xml file containing credentials to use. + +lf-maven-stage +-------------- + +Calls the maven stage script to push artifacts to a Nexus staging repository. + +:Required Parameters: + + :mvn-global-settings: The name of the Maven global settings to use for + Maven configuration. + :mvn-settings: The name of settings file containing credentials for the project. + +lf-update-java-alternatives +--------------------------- + +Setup Java alternatives for the Distro. + +:Required Parameters: + + :java-version: Version of Java to set as the default Java. + Eg. openjdk11 + +lf-infra-sonatype-clm +--------------------- + +Runs a Sonatype CLM scan against a Maven project and pushes results to +Nexus IQ server. + +:Optional parameters: + :mvn-goals: The maven goals to perform for the build. + (default: clean install) + +lf-infra-snyk-cli-scanner +------------------------- + +Downloads the latest Snyk CLI and triggers a code scan. It publishes a report into +the Snyk dashboard. + +:Optional parameters: + :mvn-goals: The maven goals to perform for the build. + (default: clean install) + +lf-infra-maven-sbom-generator +----------------------------- + +Runs a specific version of SPDX SBOM Generator tool to generate a report. +The calling job template sets the version to run in the SBOM_GENERATOR_VERSION parameter. + +:Optional parameters: + :sbom-flags: SBOM generator options. See https://github.com/opensbom-generator/spdx-sbom-generator Job Templates ============= @@ -72,71 +141,140 @@ Produces a CLM scan of the code into Nexus IQ Server. - gerrit-maven-clm - github-maven-clm +:Comment Trigger: run-clm + :Required parameters: :build-node: The node to run build on. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. :Optional parameters: :branch: The branch to build against. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-goals: The maven goals to perform for the build. + (default: clean install) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :nexus-iq-namespace: Insert a namespace to project AppID for projects that + share a Nexus IQ system to avoid project name collision. We recommend + inserting a trailing - dash if using this parameter. + For example 'odl-'. (default: '') + :nexus-iq-stage: Sets the **stage** which the policy evaluation will run + against on the Nexus IQ Server. (default: 'build') + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) :gerrit_merge_triggers: Override Gerrit Triggers. +Maven SNYK CLI +-------------- + +Builds the code, downloads and runs a Snyk CLI scan of the code into the Snyk dashboard. + +:Template Names: + + - {project-name}-maven-snyk-cli-{stream} + - gerrit-maven-snyk-cli + - github-maven-snyk-cli + +:Comment Trigger: run-snyk + +:Required parameters: + + :build-node: The node to run build on. + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) + :mvn-settings: The name of settings file containing credentials for the project. + :snyk-token-credential-id: Snyk API token to communicate with Jenkins. + :snyk-org-credential-id: Snyk organization ID. + +:Optional parameters: + + :branch: The branch to build against. (default: master) + :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) + :build-timeout: Timeout in minutes before aborting build. (default: 60) + :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :java-version: Version of Java to use for the build. (default: openjdk11) + :mvn-global-settings: The name of the Maven global settings to use for + Maven configuration. (default: global-settings) + :mvn-goals: The maven goals to perform for the build. + (default: clean install) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :snyk-cli-options: Snyk CLI options. (default: '') + :stream: Keyword that represents a release code-name. + Often the same as the branch. (default: master) + :submodule-recursive: Whether to checkout submodules recursively. + (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + + :gerrit_snyk_triggers: Override Gerrit Triggers. + Maven JavaDoc Publish --------------------- Produces and publishes javadocs for a Maven project. -Expects javadocs to be available in $WORKSPACE/target/site/apidocs +Expects javadocs to be available in ``$WORKSPACE/target/site/apidocs``, but +overrideable with the ``mvn-dir`` parameter. If set, will search for javadocs +in ``$WORKSPACE/{mvn-dir}/target/site/apidocs``. :Template Names: - - {project-name}-maven-javadoc-publish-{stream} + - {project-name}-maven-javadoc-publish-{stream}-{java-version} - gerrit-maven-javadoc-publish - github-maven-javadoc-publish +:Comment Trigger: remerge + :Required parameters: :build-node: The node to run build on. :javadoc-path: The path in Nexus to deploy javadoc to. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. :mvn-site-id: Maven Server ID from settings.xml to pull credentials from. - (Note: This setting should be configured in defaults.yaml.) + (Note: This setting is generally configured in ``defaults.yaml``.) :Optional parameters: :branch: The branch to build against. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) + :mvn-dir: Directory supplied as argument to -f option (default: '.') :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + Must not include a "-f" option; see parameter mvn-dir. + :mvn-version: Version of maven to use. (default: mvn35) + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) :gerrit_merge_triggers: Override Gerrit Triggers. @@ -145,127 +283,397 @@ Maven JavaDoc Verify Produces javadocs for a Maven project. -Expects javadocs to be available in $WORKSPACE/target/site/apidocs +Expects javadocs to be available in ``$WORKSPACE/target/site/apidocs``, but +overrideable with the ``mvn-dir`` parameter. If set, will search for javadocs +in ``$WORKSPACE/{mvn-dir}/target/site/apidocs``. :Template Names: - - {project-name}-maven-javadoc-verify-{stream} + - {project-name}-maven-javadoc-verify-{stream}-{java-version} - gerrit-maven-javadoc-verify - github-maven-javadoc-verify +:Comment Trigger: recheck|reverify + :Required parameters: :build-node: The node to run build on. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. :Optional parameters: :branch: The branch to build against. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :deploy-path: The path in Nexus to deploy javadoc to. (default: $PROJECT/$STREAM) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) + :mvn-dir: Directory supplied as argument to -f option (default: '.') :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + Must not include a "-f" option; see parameter mvn-dir. + :mvn-version: Version of maven to use. (default: mvn35) + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) :gerrit_verify_triggers: Override Gerrit Triggers. -Maven Release -------------- +Maven Merge +----------- + +Merge job which runs `mvn clean deploy` to build a project. + +This job pushes files to Nexus using cURL instead of allowing the Maven deploy +goal to push the upload. This is to get around the issue that Maven deploy does +not properly support uploading files at the end of the build and instead pushes +as it goes. There exists a ``-Ddeploy-at-end`` feature but it does not work +with extensions. + +This job uses the following strategy to deploy jobs to Nexus: + +1. ``wget -r`` to fetch maven-metadata.xml from Nexus +2. ``mvn deploy -DaltDeploymentRepository`` to prepare files for upload +3. Removes untouched maven-metadata.xml files before upload +4. Use lftools (cURL) upload script to push artifacts to Nexus + +:Template Names: + + - {project-name}-maven-merge-{stream} + - gerrit-maven-merge + - github-maven-merge + +:Comment Trigger: remerge + +:Required parameters: + + :build-node: The node to run build on. + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) + :mvn-settings: The name of settings file containing credentials for the project. + :mvn-snapshot-id: Maven Server ID from settings.xml to pull credentials from. + (Note: This setting is generally configured in ``defaults.yaml``.) + :nexus-snapshot-repo: The repository id of the Nexus snapshot repo to deploy to. + +:Optional parameters: + + :branch: Git branch to fetch for the build. (default: master) + :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) + :build-timeout: Timeout in minutes before aborting build. (default: 60) + :cron: Cron schedule when to trigger the job. This parameter also + supports multiline input via YAML pipe | character in cases where + one may want to provide more than 1 cron timer. (default: 'H H * * 0' + to run weekly) + :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :jacoco-exclude-pattern: Ant-style patterns to exclude from Jacoco coverage + report. (default: ``"**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**"``) + :java-version: Version of Java to use for the build. (default: openjdk11) + :mvn-global-settings: The name of the Maven global settings to use for + Maven configuration. (default: global-settings) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :nexus-cut-dirs: Number of directories to cut from file path for `wget -r`. + :pre-build-script: Shell script to run before maven build. (default: a string with a shell comment) + :post-build-script: Shell script to run after maven build. (default: a string with a shell comment) + :stream: Keyword that represents a release code-name. + Often the same as the branch. (default: master) + :submodule-recursive: Whether to checkout submodules recursively. + (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + + :gerrit_merge_triggers: Override Gerrit Triggers. + :gerrit_trigger_file_paths: Override file paths to filter which file + modifications will trigger a build. + +Maven Merge for Docker +---------------------- + +Produces a snapshot docker image in a Nexus registry. Appropriate for +Java projects that do not need to deploy any POM or JAR files. + +Like the Maven Merge job as described above but logs in to Docker +registries first and skips the lf-maven-deploy builder. The project +POM file should invoke a plugin to build and push a Docker image. +This pulls the base image from the registry in the environment +variable ``CONTAINER_PULL_REGISTRY`` and pushes new image into the +registry in the environment variable ``CONTAINER_PUSH_REGISTRY``. + +:Template Names: + + - {project-name}-maven-docker-merge-{stream} + - gerrit-maven-docker-merge + - github-maven-docker-merge + +:Required parameters: + + :container-public-registry: Docker registry source with base images. + :container-snapshot-registry: Docker registry target for the deploy action. + +All other required and optional parameters are identical to the Maven Merge job +described above. + +Maven Stage +----------- Produces a release candidate by creating a staging repo in Nexus. -Runs a Maven build and deploys to $WORKSPACE/m2repo directory. This -directory can then be reused later to deploy to Nexus. +The staging repo name is in the format PROJECT-NUMBER for example "aaa-1234", +"autorelease-2000", "odlparent-1201", etc... + +This job runs a Maven build and deploys to $WORKSPACE/m2repo directory. This +directory is then used later to deploy to Nexus. :Template Names: - - {project-name}-maven-release-{stream} - - gerrit-maven-release - - github-maven-release + - {project-name}-maven-stage-{stream} + - gerrit-maven-stage + - github-maven-stage + +:Comment Trigger: "stage-release" or "stage-maven-release" :Required parameters: :build-node: The node to run build on. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. :mvn-staging-id: Maven Server ID from settings.xml to pull credentials from. - (Note: This setting should be configured in defaults.yaml.) + (Note: This setting is generally configured in ``defaults.yaml``.) :staging-profile-id: Profile ID of the project's Nexus staging profile. :Optional parameters: + :archive-artifacts: Artifacts to archive to the logs server (default: ''). :branch: The branch to build against. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :cron: Cron schedule when to trigger the job. This parameter also supports multiline input via YAML pipe | character in cases where one may want to provide more than 1 cron timer. (default: '') :deploy-path: The path in Nexus to deploy javadoc to. (default: $PROJECT/$STREAM) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) + :mvn-central: Set to ``true`` to also stage to **OSSRH**. This is for projects + that want to release to Maven Central. If set, then also set the parameter + ``ossrh-profile-id``. (default: false) + :maven-versions-plugin: Whether to call Maven versions plugin or not. (default: false) :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :ossrh-profile-id: Profile ID for project as provided by OSSRH. + (default: '') + :sbom-flags: SBOM generator options if using sbom-generator. + See https://github.com/opensbom-generator/spdx-sbom-generator + :sbom-generator: Calls lf-infra-maven-sbom-generator to run the SPDX SBOM generator tool. + (default: false) + :sbom-generator-version: SBOM generator version to download and run if using sbom-generator. + (default: v0.0.10) + :sbom-path: SBOM execution path. + (default: $WORKSPACE) + :sign-artifacts: Sign artifacts with Sigul. (default: false) + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + :version-properties-file: Name and path of the version properties file. + (default: version.properties) :gerrit_release_triggers: Override Gerrit Triggers. + :gerrit_trigger_file_paths: Override file paths to filter which file + modifications will trigger a build. + +Maven Stage for Docker +---------------------- + +Produces a release candidate docker image in a Nexus registry. +Appropriate for Java projects that do not need to deploy any POM or +JAR files. + +Like the Maven Stage job as described above but logs in to Docker +registries first and skips the lf-maven-deploy builder. The project +POM file should invoke a plugin to build and push a Docker image. +This pulls the base image from the registry in the environment +variable ``CONTAINER_PULL_REGISTRY`` and pushes new image into the +registry in the environment variable ``CONTAINER_PUSH_REGISTRY``. + +:Template Names: + + - {project-name}-maven-docker-stage-{stream} + - gerrit-maven-docker-stage + - github-maven-docker-stage + +:Comment Trigger: "stage-release" or "stage-docker-release" + +:Required parameters: + + :container-public-registry: Docker registry source with base images. + :container-staging-registry: Docker registry target for the deploy action. + +:Optional parameters: + + :gerrit_release_docker_triggers: Override Gerrit Triggers. + +All other required and optional parameters are identical to the Maven Stage job +described above. + +.. _maven-sonar: Maven Sonar ----------- Sonar job which runs mvn clean install then publishes to Sonar. -This job purposely only runs on the master branch as there are Additional -configuration needed to support multiple branches and there's not much -interest in that kind of support. +This job purposely runs on the ``master`` branch and does not support +multi-branch configuration. :Template Names: - {project-name}-sonar - gerrit-maven-sonar - github-maven-sonar + - {project-name}-sonar-prescan-script + - gerrit-maven-sonar-prescan-script + - github-maven-sonar-prescan-script + +:Comment Trigger: run-sonar :Required parameters: :build-node: The node to run build on. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. + :sonar-prescan-script: (maven-sonar-prescan-script jobs) A shell script to run before + sonar scans. :Optional parameters: :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) + :cron: Cron schedule when to trigger the job. This parameter also + supports multiline input via YAML pipe | character in cases where + one may want to provide more than 1 cron timer. (default: 'H H * * 6' + to run weekly) + :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :java-version: Version of Java to use for the Maven build. (default: openjdk11) + :mvn-global-settings: The name of the Maven global settings to use for + Maven configuration. (default: global-settings) + :mvn-goals: The maven goals to perform for the build. + (default: clean install) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :sonar-mvn-goals: Maven goals to run for sonar analysis. + (default: sonar:sonar) + :sonarcloud: Set to ``true`` to use SonarCloud ``true|false``. + (default: false) + :sonarcloud-project-key: SonarCloud project key. (default: '') + :sonarcloud-project-organization: SonarCloud project organization. + (default: '') + :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token. + This one SHOULDN'T be overwritten as we are standarizing the credential ID for all + projects (default: 'sonarcloud-api-token') + :sonarcloud-java-version: Version of Java to use for the Sonar scan. (default: openjdk11) + :stream: Keyword that represents a release code-name. + Often the same as the branch. (default: master) + :submodule-recursive: Whether to checkout submodules recursively. + (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + :scan-dev-branch: Run the scan on a developer branch. + (default: false) + + :gerrit_sonar_triggers: Override Gerrit Triggers. + + +SonarCloud Example: + +.. literalinclude:: ../../.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml + :language: yaml + +Maven Sonar Verify +------------------ + +Sonar job which runs mvn clean install then publishes to Sonar. + +This job runs on dev branches and its triggered on new patchsets. + +:Template Names: + + - {project-name}-sonar-verify + - gerrit-maven-sonar-verify + +:Comment Trigger: recheck|reverify + +:Required parameters: + + :build-node: The node to run build on. + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) + :mvn-settings: The name of settings file containing credentials for the project. + +:Optional parameters: + + :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the Maven build. (default: openjdk11) :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-goals: The maven goals to perform for the build. + (default: clean install) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :pre-build-script: Shell script to run before maven build. (default: a string with a shell comment) + :post-build-script: Shell script to run after maven build. (default: a string with a shell comment) + :sonar-mvn-goal: Maven goals to run for sonar analysis. + (default: sonar:sonar) + :sonarcloud: Set to ``true`` to use SonarCloud ``true|false``. + (default: true) + :sonarcloud-project-key: SonarCloud project key. (default: '') + :sonarcloud-project-organization: SonarCloud project organization. + (default: '') + :sonarcloud-api-token-cred-id: Jenkins credential ID which has the SonarCloud API Token. + This one SHOULDN'T be overwritten as we are standarizing the credential ID for all + projects (default: 'sonarcloud-api-token') + :sonarcloud-java-version: Version of Java to use for the Sonar scan. (default: openjdk11) + :sonarcloud-qualitygate-wait: SonarCloud flag that forces the analysis step to + wait for the quality gate result. (default: false) + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) + :scan-dev-branch: Run the scan on a developer branch. + (default: true) :gerrit_sonar_triggers: Override Gerrit Triggers. + +SonarCloud Example: + +.. literalinclude:: ../../.jjb-test/lf-maven-jobs/maven-sonarcloud.yaml + :language: yaml + Maven Verify ------------ @@ -277,74 +685,103 @@ Verify job which runs mvn clean install to test a project build.. - gerrit-maven-verify - github-maven-verify +:Comment Trigger: recheck|reverify + :Required parameters: :build-node: The node to run build on. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. :Optional parameters: :branch: Git branch to fetch for the build. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) :gerrit_verify_triggers: Override Gerrit Triggers. - :gerrit_trigger_file_paths: Override file paths which can be used to - filter which file modifications will trigger a build. + :gerrit_trigger_file_paths: Override file paths to filter which file + modifications will trigger a build. + +Maven Verify for Docker +----------------------- + +Like the Maven Verify job as described above but logs in to Docker +registries first. The project POM file should invoke a plugin to build +a Docker image. This pulls the base image from the registry in the environment +variable ``CONTAINER_PULL_REGISTRY``. + +:Template Names: + + - {project-name}-maven-docker-verify-{stream}-{mvn-version}-{java-version} + - gerrit-maven-docker-verify + - github-maven-docker-verify + +:Required parameters: + + :container-public-registry: Docker registry source with base images. + +All other required and optional parameters are identical to the Maven Verify job +described above. -Maven Verify /w Dependencies +Maven Verify w/ Dependencies ---------------------------- Verify job which runs mvn clean install to test a project build /w deps -This job can be used to verify a patch in conjunction to all of the -upstream patches it depends on. The user of this job can provide a list -via comment trigger. +This job's purpose is to verify a patch in conjunction to a list of upstream +patches it depends on. The user of this job can provide a list of patches via +comment trigger. :Template Names: - {project-name}-maven-verify-deps-{stream}-{mvn-version}-{java-version} - gerrit-maven-verify-dependencies -:Comment Trigger: recheck: SPACE_SEPERATED_LIST_OF_PATCHES +:Comment Trigger: recheck: SPACE_SEPARATED_LIST_OF_PATCHES :Required parameters: :build-node: The node to run build on. - :jenkins-ssh-credential: Credential to use for SSH. (Generally should - be configured in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. (Generally configured in defaults.yaml) :mvn-settings: The name of settings file containing credentials for the project. :Optional parameters: :branch: Git branch to fetch for the build. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) - :build-timeout: Timeout in seconds before aborting build. (default: 60) + :build-timeout: Timeout in minutes before aborting build. (default: 60) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) - :java-version: Version of Java to use for the build. (default: openjdk8) + :java-version: Version of Java to use for the build. (default: openjdk11) :mvn-global-settings: The name of the Maven global settings to use for Maven configuration. (default: global-settings) - :mvn-opts: Sets MAVEN_OPTS. (default: '') - :mvn-params: Additional mvn parameters to pass to the cli. (default: '') - :mvn-version: Version of maven to use. (default: mvn33) - :stream: Keyword that can be used to represent a release code-name. + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) + :stream: Keyword that represents a release code-name. Often the same as the branch. (default: master) :submodule-recursive: Whether to checkout submodules recursively. (default: true) + :submodule-timeout: Timeout (in minutes) for checkout operation. + (default: 10) + :submodule-disable: Disable submodule checkout operation. + (default: false) :gerrit_verify_triggers: Override Gerrit Triggers. - :gerrit_trigger_file_paths: Override file paths which can be used to - filter which file modifications will trigger a build. + :gerrit_trigger_file_paths: Override file paths to filter which file + modifications will trigger a build.