-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathJenkinsfile.deploy
112 lines (103 loc) · 2.83 KB
/
Jenkinsfile.deploy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
// one job per arch (for now) that copies built images to the arch-specific namespaces
properties([
disableConcurrentBuilds(),
disableResume(),
durabilityHint('PERFORMANCE_OPTIMIZED'),
pipelineTriggers([
githubPush(),
cron('@daily'), // check periodically, just in case
]),
])
env.BASHBREW_ARCH = env.JOB_NAME.minus('/deploy').split('/')[-1] // "windows-amd64", "arm64v8", etc
node('put-shared') { ansiColor('xterm') {
stage('Checkout') {
checkout(scmGit(
userRemoteConfigs: [[
url: 'https://github.com/docker-library/meta.git',
name: 'origin',
]],
branches: [[name: '*/main']],
extensions: [
cloneOption(
noTags: true,
shallow: true,
depth: 1,
),
submodule(
parentCredentials: true,
recursiveSubmodules: true,
trackingSubmodules: true,
),
cleanBeforeCheckout(),
cleanAfterCheckout(),
[$class: 'RelativeTargetDirectory', relativeTargetDir: 'meta'],
],
))
}
// make sure "docker login" is localized to this workspace
env.DOCKER_CONFIG = workspace + '/.docker'
dir(env.DOCKER_CONFIG) { deleteDir() }
stage('Login') {
withCredentials([
usernamePassword(
credentialsId: 'docker-hub-' + env.BASHBREW_ARCH,
usernameVariable: 'DOCKER_USERNAME',
passwordVariable: 'DOCKER_PASSWORD',
),
]) {
sh '''#!/usr/bin/env bash
set -Eeuo pipefail # no -x
docker login --username "$DOCKER_USERNAME" --password-stdin <<<"$DOCKER_PASSWORD"
'''
}
}
dir('meta') {
stage('Generate') {
sh '''#!/usr/bin/env bash
set -Eeuo pipefail -x
jq -L.scripts '
include "deploy";
arch_tagged_manifests(env.BASHBREW_ARCH)
| deploy_objects[]
' builds.json > deploy.json
'''
}
stage('Filter') {
// using the previous successful deploy.json, filter the current deploy.json with items already pushed last time
sh '''
wget --timeout=5 -qO past-deploy.json "$JOB_URL/lastSuccessfulBuild/artifact/deploy.json"
# swap to this touch instead of the wget above to (re)bootstrap
#touch past-deploy.json
jq --slurpfile past ./past-deploy.json 'select( IN($past[]) | not )' ./deploy.json > filtered-deploy.json
'''
}
stage('Archive') {
archiveArtifacts(
artifacts: [
'deploy.json',
'filtered-deploy.json',
].join(','),
fingerprint: true,
)
}
withCredentials([
string(credentialsId: 'dockerhub-public-proxy', variable: 'DOCKERHUB_PUBLIC_PROXY'),
]) {
stage('Deploy') {
sh '''#!/usr/bin/env bash
set -Eeuo pipefail -x
(
cd .scripts
# TODO make a helper to build binaries correctly/consistently 🙃
if ./.any-go-nt.sh bin/deploy; then
./.go-env.sh go build -trimpath -o bin/deploy ./cmd/deploy
fi
)
.scripts/bin/deploy --parallel < filtered-deploy.json
'''
}
}
}
// "docker logout"
dir(env.DOCKER_CONFIG) { deleteDir() }
} }