X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=docs%2Fjjb%2Flf-python-jobs.rst;h=eb110095112c6e2e583b2f499ddc1ec731f914c0;hb=b55451a53da28d40c62de5cae462302a32fe4c31;hp=217a7b3504e5cd22a8ab86df8251d47de7cca579;hpb=c53e11db14ab7abede74c74801bec9ca381c8cc6;p=releng%2Fglobal-jjb.git diff --git a/docs/jjb/lf-python-jobs.rst b/docs/jjb/lf-python-jobs.rst index 217a7b35..eb110095 100644 --- a/docs/jjb/lf-python-jobs.rst +++ b/docs/jjb/lf-python-jobs.rst @@ -65,7 +65,9 @@ to access Nexus IQ Server. - gerrit-python-xc-clm - github-python-xc-clm -:Comment Trigger: run-clm +:Comment Trigger: **run-clm** post a comment with the trigger to launch + this job manually. Do not include any other text or vote in the + same comment. :Required parameters: @@ -109,6 +111,8 @@ Sonar scans for Python based repos. This job invokes tox to run tests and gather coverage statistics from the test results, then invokes Maven to publish the results to either a Sonar server or SonarCloud. +**Deprecated**, new projects should use Tox Sonarqube. + To get the Sonar coverage results, file tox.ini must exist and contain coverage commands to run. @@ -147,7 +151,9 @@ https://docs.sonarqube.org/display/PLUG/Python+Coverage+Results+Import - gerrit-tox-sonar - github-tox-sonar -:Comment Trigger: run-sonar +:Comment Trigger: **run-sonar** post a comment with the trigger to launch + this job manually. Do not include any other text or vote in the + same comment. :Required parameters: @@ -209,6 +215,132 @@ https://docs.sonarqube.org/display/PLUG/Python+Coverage+Results+Import .. comment Stop ignoring +Tox SonarQube +------------- + +The SonarQube job invokes tox to run tests and generate code-coverage +statistics, then runs the SonarQube Scanner Jenkins plug-in to analyze +code, gather coverage data, and upload the results to a SonarQube server +such as SonarCloud.io. Optionally runs a shell script before tox. + +Requires ``SonarQube Scanner for Jenkins`` + +This job runs on the master branch because the basic Sonar configuration +does not support multi-branch. + +Plug-in configurations + Manage Jenkins --> Configure System --> SonarQube servers + - Name: Sonar (fixed) + - Server URL: https://sonar.project.org/ or https://sonarcloud.io + - Server authentication token: none for local, API token (saved as + a "secret text" credential) for Sonarcloud + + Manage Jenkins --> Global Tool Configuration --> SonarQube Scanner + - Name: SonarQube Scanner (fixed) + - Install automatically + - Select latest version + +:Template Names: + + - {project-name}-tox-sonarqube + - gerrit-tox-sonarqube + - github-tox-sonarqube + +:Comment Trigger: ``run-sonar`` + +:Required parameters: + + :build-node: The node to run the build on. + (Commonly in defaults.yaml) + :jenkins-ssh-credential: Credential to use for SSH. + (Commonly in defaults.yaml) + :project: The git repository name. + :project-name: Prefix used to name jobs. + +.. comment Start ignoring WriteGoodLintBear + +:Optional Parameters: + + :archive-artifacts: Pattern for files to archive to the logs server + (default: '\*\*/\*.log') + :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) + :build-timeout: Timeout in minutes before aborting build. (default: 15) + :cron: Cron schedule when to trigger the job. This parameter also + supports multiline input via YAML pipe | character in cases where + one may want to provide more than 1 cron timer. (default: @weekly) + :disable-job: Whether to disable the job (default: false) + :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :github-url: URL for Github. (default: https://github.com) + :parallel: Boolean indicator for tox to run tests in parallel or series. + (default: false, in series) + :pre-build-script: Shell script to run before tox. Useful for setting up + dependencies. (default: a string with a shell comment) + :python-version: Python version to invoke pip install of tox-pyenv + (default: python3) + :sonar-additional-args: Command line arguments. (default: '') + :sonar-java-opts: JVM options. For example, use option -Xmx + to increase the memory size limit. (default: '') + :sonar-project-file: The file name with Sonar configuration properties + (default: sonar-project.properties) + :sonar-properties: Sonar configuration properties. (default: '') + :sonar-task: Sonar task to run. (default: '') + :tox-dir: Directory containing the project's tox.ini relative to + the workspace. The default uses tox.ini at the project root. + (default: '.') + :tox-envs: Tox environments to run. If blank run everything described + in tox.ini. (default: '') + +.. comment Stop ignoring + +.. note:: A job definition must provide one of the optional parameters + ``sonar-project-file`` and ``sonar-properties``; they cannot both be + empty. Set Sonar properties directly in the job definition by setting + the ``sonar-project-file`` property to ``""`` and adding all properties + under ``sonar-properties``. + +:Required Sonar Properties: + + - sonar.login: The API token for authentication at SonarCloud. + Commonly defined as key "sonarcloud_api_token" in defaults.yaml. + - sonar.organization: The umbrella project name; e.g., "opendaylight". + Commonly defined as key "sonarcloud_project_organization" in defaults.yaml. + - sonar.projectName: The git repository name without slashes; e.g., "infrautils". + - sonar.projectKey: The globally unique key for the report in SonarCloud. Most + teams use the catenation of sonar.organization, an underscore, and + sonar.projectName; e.g., "opendaylight_infrautils". + +:Optional Sonar Properties: + + - sonar.cfamily.gcov.reportsPath: directory with GCOV output files + - Documentation of SonarQube properties is here: + https://docs.sonarqube.org/latest/analysis/overview/ + + +Example job definition +^^^^^^^^^^^^^^^^^^^^^^ + +The following example defines a job for a basic Python project. This definition +uses configuration parameters in the umbrella project's defaults.yaml file. + +.. code-block:: yaml + + - project: + name: my-package-sonar + project: my/package + project-name: my-package + sonar-project-file: "" + sonar-properties: | + sonar.login={sonarcloud_api_token} + sonar.projectKey={sonarcloud_project_organization}_{project-name} + sonar.projectName={project-name} + sonar.organization={sonarcloud_project_organization} + sonar.sourceEncoding=UTF-8 + sonar.sources=mypackage + sonar.exclusions=tests/*,setup.py + sonar.python.coverage.reportPaths=coverage.xml + jobs: + - gerrit-tox-sonarqube + Tox Verify ---------- @@ -229,7 +361,9 @@ variables before running. - gerrit-tox-verify - github-tox-verify -:Comment Trigger: recheck|reverify +:Comment Trigger: **recheck|reverify** post a comment with one of the + triggers to launch this job manually. Do not include any other + text or vote in the same comment. :Required Parameters: @@ -288,7 +422,9 @@ variables before running. - gerrit-tox-merge - github-tox-merge -:Comment Trigger: remerge +:Comment Trigger: **remerge** post a comment with the trigger to launch + this job manually. Do not include any other text or vote in the + same comment. :Required Parameters: @@ -325,13 +461,23 @@ variables before running. https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit -PyPI Verify ------------ +PyPI Merge +---------- -Verifies a Python library project on creation of a patch set. Runs tox -then builds a source distribution and (optionally) a binary -distribution. The project repository must have a setup.py file with -configuration for packaging the component. +Creates and uploads distribution files on merge of a patch set. Runs +tox, builds a source distribution and (optionally) a binary +distribution, and uploads the distribution(s) to a PyPI repository. +The project git repository must have a setup.py file +with configuration for packaging the component. + +This job should use a staging repository like testpypi.python.org, +which sets up use of release jobs to promote the distributions later. +This job can also use a public release area like the global PyPI +repository if the release process is not needed. These PyPI +repositories allow upload of a package at a specific version once, +they do not allow overwrite of a package. This means that a merge job +will fail in the upload step if the package version already exists in +the target repository. The tox runner is pyenv aware so if the image contains an installation of pyenv at /opt/pyenv it will pick it up and run Python tests with @@ -343,19 +489,85 @@ pyenv variables before running. export PYENV_ROOT="/opt/pyenv" export PATH="$PYENV_ROOT/bin:$PATH" +Installable package projects should use the directory layout shown +below. All Python files are in a repo subdirectory separate from +non-Python files like documentation. This layout allows highly +specific build-job triggers in Jenkins using the subdirectory +paths. For example, a PyPI merge job should not run on a non-Python +file change such as documentation, because the job cannot upload the +same package twice. + +To make the document files available for building a Python package +long description in setup.py, add a symbolic link "docs" in the +package subdirectory pointing to the top-level docs directory. + +.. code-block:: bash + + git-repo-name/ + │ + ├── docs/ + │ ├── index.rst + │ └── release-notes.rst + │ + ├── helloworld-package/ + │ │ + │ └── helloworld/ + │ │ ├── __init__.py + │ │ ├── helloworld.py + │ │ └── helpers.py + │ │ + │ ├── tests/ + │ │ ├── helloworld_tests.py + │ │ └── helloworld_mocks.py + │ │ + │ ├── requirements.txt + │ └── setup.py + │ └── tox.ini + │ + ├── releases/ + │ └── pypi-helloworld.yaml + │ + ├── .gitignore + ├── LICENSE + └── README.md + + +Jobs built from the PyPI templates depend on a .pypirc configuration file +in the Jenkins builder home directory. An example appears next that uses +API tokens. Note that in the [pypi] entry the repository key-value pair +is optional, it defaults to pypi.org. + +.. code-block:: bash + + [distutils] # this tells distutils what package indexes you can push to + index-servers = pypi-test pypi + + [pypi-test] + repository: https://test.pypi.org/legacy/ + username: __token__ + password: pypi-test-api-token-goes-here + + [pypi] + username: __token__ + password: pypi-api-token-goes-here + + :Template Names: - - {project-name}-pypi-verify-{stream} - - gerrit-pypi-verify - - github-pypi-verify + - {project-name}-pypi-merge-{stream} + - gerrit-pypi-merge + - github-pypi-merge -:Comment Trigger: recheck +:Comment Trigger: **remerge** post a comment with the trigger to launch + this job manually. Do not include any other text or vote in the + same comment. :Required Parameters: :build-node: The node to run the build on. :jenkins-ssh-credential: Credential to use for SSH. (Generally set in defaults.yaml) + :mvn-settings: The settings file with credentials for the project :project: Git repository name :project-name: Jenkins job name prefix @@ -364,13 +576,21 @@ pyenv variables before running. :branch: The branch to build against. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) :build-timeout: Timeout in minutes before aborting build. (default: 15) + :cron: Cron schedule when to trigger the job. Supports daily builds. + This parameter also supports multiline input via YAML pipe | character in + cases where one may want to provide more than 1 cron timer. (default: empty) :disable-job: Whether to disable the job (default: false) :dist-binary: Whether to build a binary wheel distribution. (default: true) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) :parallel: Boolean indicator for tox to run tests in parallel or series. (default: false, in series) :pre-build-script: Shell script to execute before the tox builder. For example, install system prerequisites. (default: a shell comment) + :pypi-repo: Key for the PyPI target repository in the .pypirc file, + ideally a server like test.pypy.org. (default: pypi-test) :python-version: Python version to invoke pip install of tox-pyenv (default: python3) :stream: Keyword representing a release code-name. @@ -391,17 +611,13 @@ pyenv variables before running. https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit -PyPI Merge ----------- +PyPI Verify +----------- -Creates and uploads distribution files on merge of a patch set. Runs -tox, builds a source distribution and (optionally) a binary -distribution, and uploads the distribution(s) to a PyPI repository. -This job should use a staging repository like testpypi.python.org, -which sets up use of release jobs to promote the distributions later. -This job can also use a public release area like the global PyPI -repository. The project git repository must have a setup.py file -with configuration for packaging the component. +Verifies a Python library project on creation of a patch set. Runs tox +then builds a source distribution and (optionally) a binary +distribution. The project repository must have a setup.py file with +configuration for packaging the component. The tox runner is pyenv aware so if the image contains an installation of pyenv at /opt/pyenv it will pick it up and run Python tests with @@ -413,39 +629,22 @@ pyenv variables before running. export PYENV_ROOT="/opt/pyenv" export PATH="$PYENV_ROOT/bin:$PATH" - -Requires a .pypirc configuration file in the Jenkins builder home directory, -an example appears next that uses API tokens. Note that in the [pypi] entry -the repository key-value pair is optional, it defaults to pypi.org. - -.. code-block:: bash - - [distutils] # this tells distutils what package indexes you can push to - index-servers = pypi-test pypi - - [pypi-test] - repository: https://test.pypi.org/legacy/ - username: __token__ - password: pypi-test-api-token-goes-here - - [pypi] - username: __token__ - password: pypi-api-token-goes-here - - :Template Names: - - {project-name}-pypi-merge-{stream} - - gerrit-pypi-merge - - github-pypi-merge + - {project-name}-pypi-verify-{stream} + - gerrit-pypi-verify + - github-pypi-verify -:Comment Trigger: remerge +:Comment Trigger: **recheck|reverify** post a comment with one of the + triggers to launch this job manually. Do not include any other + text or vote in the same comment. :Required Parameters: :build-node: The node to run the build on. :jenkins-ssh-credential: Credential to use for SSH. (Generally set in defaults.yaml) + :mvn-settings: The settings file with credentials for the project :project: Git repository name :project-name: Jenkins job name prefix @@ -454,18 +653,16 @@ the repository key-value pair is optional, it defaults to pypi.org. :branch: The branch to build against. (default: master) :build-days-to-keep: Days to keep build logs in Jenkins. (default: 7) :build-timeout: Timeout in minutes before aborting build. (default: 15) - :cron: Cron schedule when to trigger the job. Supports daily builds. - This parameter also supports multiline input via YAML pipe | character in - cases where one may want to provide more than 1 cron timer. (default: empty) :disable-job: Whether to disable the job (default: false) :dist-binary: Whether to build a binary wheel distribution. (default: true) :git-url: URL clone project from. (default: $GIT_URL/$PROJECT) + :mvn-opts: Sets MAVEN_OPTS to start up the JVM running Maven. (default: '') + :mvn-params: Parameters to pass to the mvn CLI. (default: '') + :mvn-version: Version of maven to use. (default: mvn35) :parallel: Boolean indicator for tox to run tests in parallel or series. (default: false, in series) :pre-build-script: Shell script to execute before the tox builder. For example, install system prerequisites. (default: a shell comment) - :pypi-repo: Key for the PyPI target repository in the .pypirc file, - ideally a server like test.pypy.org. (default: pypi-test) :python-version: Python version to invoke pip install of tox-pyenv (default: python3) :stream: Keyword representing a release code-name.