X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=docs%2Fjjb%2Flf-release-jobs.rst;h=9d5b1886067393372e95fb0c81b6c8246e377199;hb=refs%2Fchanges%2F50%2F61650%2F2;hp=f07c4e556ceb273f90dd1c0ca1c54b83ba0f3c06;hpb=d528f52b9ebd3c9982045e4cb754eb8bd0f1e007;p=releng%2Fglobal-jjb.git diff --git a/docs/jjb/lf-release-jobs.rst b/docs/jjb/lf-release-jobs.rst index f07c4e55..9d5b1886 100644 --- a/docs/jjb/lf-release-jobs.rst +++ b/docs/jjb/lf-release-jobs.rst @@ -1,64 +1,140 @@ .. _lf-global-jjb-release: ####################### -Self Serve Release Jobs +Self-Serve Release Jobs ####################### -Self serve release jobs allow a project to create a releases/ or .releases/ directory and then place a release yaml file in it. -Jenkins will pick this up and sign the ref extrapolated by log_dir and promote the artifact, whether maven or container. +Self-serve release jobs allow a project team to direct Jenkins to +promote a jar file or container image from a staging area to a release +area. To trigger the action, create a releases/ or .releases/ +directory, add a release yaml file to it, and submit a change set with +one release yaml file to Gerrit. Upon merge of the change, Jenkins will +sign the reference extrapolated by log_dir and promote the artifact. The +expected format of the release yaml file appears in schemas and examples +below. + +The build node for maven and container release jobs must be CentOS, +which supports the sigul client for accessing a signing server. The +build node for container release jobs must have Docker installed. + +A Jenkins user can also trigger a release job via the "Build with +parameters" action, removing the need for a release yaml file. The +user must enter parameters in the same way as a release yaml file, +except for the special USE_RELEASE_FILE and DRY_RUN check boxes. The +user must uncheck the USE_RELEASE_FILE check box if the job should +run with a release file, while passing the required information as +build parameters. Similarly, the user must uncheck the DRY_RUN check +box to test the job while skipping repository promotion to Nexus. + +The special parameters are as follows:: + + GERRIT_BRANCH = master + VERSION = 1.0.0 + LOG_DIR = example-project-maven-stage-master/17/ + DISTRIBUTION_TYPE = maven + USE_RELEASE_FILE = false + DRY_RUN = false -Maven release jobs can also trigger via "Build with parameters" negating the need for a release file. -The parameters will need to be filled out in the same was as a release file's would, excepting the speacial -RELEASE_FILE parameter which will need to be set to False to inform the job that it should not expect a release file. -The Special Parameters are as follows: +.. note:: -GERRIT_BRANCH = master -VERSION = 1.0.0 -LOG_DIR = example-project-maven-stage-master/17/ -DISTRIBUTION_TYPE = maven -RELEASE_FILE = False + The release file regex is: (releases\/.*\.yaml|\.releases\/.*\.yaml). + In words, the directory name can be ".releases" or "releases"; the file + name can be anything with suffix ".yaml". -.. note:: +The JSON schema for a maven release job appears below. - Example of a maven release file: +.. code-block:: none -.. note:: + --- + $schema: "http://json-schema.org/schema#" + $id: "https://github.com/lfit/releng-global-jjb/blob/master/release-schema.yaml" - Release files regex: (releases\/.*\.yaml|\.releases\/.*\.yaml) - directory can be .releases/ or releases/ - file can be ANYTHING.yaml + required: + - "distribution_type" + - "log_dir" + - "project" + - "version" + properties: + distribution_type: + type: "string" + log_dir: + type: "string" + project: + type: "string" + version: + type: "string" + + +Example of a maven release file: .. code-block:: bash - $ cat releases/maven-1.0.0.yaml - --- - distribution_type: 'maven' - version: '1.0.0' - project: 'example-project' - log_dir: 'example-project-maven-stage-master/17/' + $ cat releases/1.0.0-maven.yaml + --- + distribution_type: 'maven' + version: '1.0.0' + project: 'example-project' + log_dir: 'example-project-maven-stage-master/17/' - Example of a container release file: +The JSON schema for a container release job appears below. + +.. code-block:: none + + --- + $schema: "http://json-schema.org/schema#" + $id: "https://github.com/lfit/releng-global-jjb/blob/master/release-container-schema.yaml" + + required: + - "containers" + - "distribution_type" + - "project" + - "container_release_tag" + - "ref" + + properties: + containers: + type: "array" + properties: + name: + type: "string" + version: + type: "string" + additionalProperties: false + distribution_type: + type: "string" + project: + type: "string" + container_release_tag: + type: "string" + ref: + type: "string" + + +An example of a container release file appears below. The job applies the +container_release_tag string to all released containers. The job uses the +per-container version strings to pull images from the container registry. .. code-block:: bash - $ cat releases/container-1.0.0.yaml - --- - distribution_type: 'container' - version: '1.0.0' - project: 'test' - containers: - - name: test-backend - version: 1.0.0-20190806T184921Z - - name: test-frontend - version: 1.0.0-20190806T184921Z + $ cat releases/1.0.0-container.yaml + --- + distribution_type: 'container' + container_release_tag: '1.0.0' + project: 'test' + containers: + - name: test-backend + version: 1.0.0-20190806T184921Z + - name: test-frontend + version: 1.0.0-20190806T184921Z .. note:: - Job should be appended under gerrit-maven-stage - Example of a terse Jenkins job to call global-jjb macro: + Job should appear under gerrit-maven-stage + +Example of a terse Jenkins job to call the global-jjb macro: .. code-block:: none @@ -71,11 +147,11 @@ RELEASE_FILE = False .. note:: - Release Engineers Please follow the setup guide before adding the job definition: + Release Engineers: please follow the setup guide below before adding the job definition. -Setup for LFID Nexus Jenkins and Gerrit: -======================================== +Setup for LFID, Nexus, Jenkins and Gerrit +========================================= LFID ==== @@ -83,6 +159,7 @@ LFID Create an ``lfid`` and an ``ssh-key`` ``YOUR_RELEASE_USERNAME`` for example: onap-release + ``YOUR_RELEASE_EMAIL`` for example: collab-it+onap-release@linuxfoundation.org ssh-key example: @@ -105,12 +182,14 @@ Create a Nexus account called ``'jenkins-release'`` with promote privileges. Gerrit ====== -Log into your Gerrit with ``YOU_RELEASE_USERNAME``, upload the publick part of the ``ssh-key`` you created earlier. -Log out of Gerrit and log in again with your normal account for the next steps. +Log into your Gerrit with ``YOUR_RELEASE_USERNAME``, upload the public +part of the ``ssh-key`` you created earlier. Log out of Gerrit and log +in again with your normal account for the next steps. -In Gerrit create a new group called ``self-serve-release`` and give it direct push rights via ``All-Projects`` -Add ``YOUR_RELEASE_USERNAME`` to group ``self-serve-release`` and group ``Non-Interactive Users`` +In Gerrit create a new group called ``self-serve-release`` and give it +direct push rights via ``All-Projects`` Add ``YOUR_RELEASE_USERNAME`` +to group ``self-serve-release`` and group ``Non-Interactive Users`` In All project, grant group self-serve-release the following: @@ -129,8 +208,9 @@ In All project, grant group self-serve-release the following: Jenkins ======= -Add a global credential to Jenkins called ``jenkins-release`` and set the ID: ``'jenkins-release'`` -as its value insert the private half of the ``ssh-key`` that you created for your Gerrit user. +Add a global credential to Jenkins called ``jenkins-release`` and set +the ID: ``'jenkins-release'`` as its value insert the private half of +the ``ssh-key`` that you created for your Gerrit user. Add Global vars in Jenkins: Jenkins configure -> Global properties -> Environment variables @@ -148,8 +228,9 @@ Content: (Ask Andy for the public signing key) -----BEGIN PGP PUBLIC KEY BLOCK----- -Add or edit the managed file in Jenkins called ``lftoolsini``, appending a nexus section: -Jenkins Settings -> Managed files -> Add (or edit) -> Custom file +Add or edit the managed file in Jenkins called ``lftoolsini``, +appending a nexus section: Jenkins Settings -> Managed files -> Add +(or edit) -> Custom file .. code-block:: none @@ -160,10 +241,10 @@ Jenkins Settings -> Managed files -> Add (or edit) -> Custom file Ci-management ============= -Upgrade your projects global-jjb if needed -add this to your global defaults file (eg: jjb/defaults.yaml). +Upgrade your project's global-jjb if needed, then add the following to +your global defaults file (e.g., jjb/defaults.yaml). -.. code-block:: bash +.. code-block:: none jenkins-ssh-release-credential: 'jenkins-release' @@ -173,8 +254,8 @@ Macros lf-release ---------- -Release verify and merge jobs are the same except for their scm, trigger, and -builders definition. This anchor is the common template. +Release verify and merge jobs are the same except for their scm, +trigger, and builders definition. This anchor is the common template. Job Templates ============= @@ -182,8 +263,7 @@ Job Templates Release Merge ------------- -:Template Name: - - {project-name}-release-merge +:Template Name: {project-name}-release-merge :Comment Trigger: remerge @@ -213,8 +293,7 @@ Release Merge Release Verify ------------------ -:Template Names: - - {project-name}-release-verify +:Template Name: {project-name}-release-verify :Comment Trigger: recheck|reverify