Slice 1: Add shared pipeline functions to qa-jenkins-library

[floatingman]

Parent PRD

#585

What to build

Add shared pipeline functions to the qa-jenkins-library Jenkins shared library repository. This is the foundational slice that all other slices depend on. Everything goes into a single combined PR. Delivered as a single PR (#18 to qa-jenkins-library) with Gradle-based unit tests (134 tests using JenkinsPipelineUnit).

The functions fall into three categories. After implementation, the architecture was simplified — all functions live in qa-jenkins-library (no local vars/ directory), S3 artifact functions were deferred, and pipeline orchestration templates were removed in favor of direct shared function consumption from Jenkinsfiles.

1. Airgap infrastructure functions (airgap.groovy):

• airgap.standardCheckout(params) — Clones both tests and qa-infra-automation repos with parameterized branches. Returns a map with testsDir and infraDir.
• airgap.teardownInfrastructure(params) — Tofu select workspace + destroy + delete workspace as a single unit.
• airgap.configureAnsible(params) — Handles SSH key path configuration, inventory rendering, and variable substitution for Ansible playbooks.

2. Makefile integration (make.groovy):

• make.runTarget(Map config) — Runs a Make target inside the infra-tools Docker container. Handles workspace mounts, SSH key mounts, env var forwarding, and AWS credential injection. Key parameters: target, dir, makeArgs, envVars, returnStdout, mountSsh, passAwsCreds.

3. Infrastructure helper functions (infrastructure.groovy additions):

• infrastructure.parseAndSubstituteVars(content, envVars) — Replaces ${VAR} placeholders in config strings.
• infrastructure.writeConfig(path, content) — Writes processed config to a file.
• infrastructure.generateWorkspaceName(prefix, suffix, includeTimestamp) — Creates unique workspace names.
• infrastructure.archiveWorkspaceName(workspaceName) — Persists workspace name to file for post-failure cleanup.
• infrastructure.writeSshKey(keyContent, keyName, dir) — Writes SSH key material to disk with correct permissions.
• infrastructure.cleanupArtifacts(paths, force) — Removes local artifacts after pipeline completion.

4. Configuration additions (config.groovy additions):

• repositories section with tests and qaInfraAutomation entries (url, branch, target defaults)
• getRepositoryConfig(name) accessor
• Existing functions unchanged: getDefaultConfig, getConfig, getConfigValue, mergeConfig, validateConfig

5. Existing modules (unchanged):

• tofu.groovy — initBackend, createWorkspace, apply, getOutputs
• property.groovy — useWithProperties
• ansible.groovy — runPlaybook

What was removed from scope:

• resolvePipelineParams() — Not needed for airgap pipelines; may be added later for validation pipelines.
• standardDockerCleanup() — Not needed for airgap pipelines; may be added later.
• standardCredentialLoader() — Not needed; pipelines use property.useWithProperties directly.
• s3.uploadArtifact / s3.downloadArtifact / s3.deleteArtifact — Deferred. Destroy pipeline receives tfvars via TERRAFORM_CONFIG parameter. S3 helpers may be added in a future PR.
• airgapInfraPipeline / airgapTestPipeline / simpleTestPipeline — Pipeline orchestration templates removed. Jenkinsfiles consume shared functions directly for clarity and debuggability.

All functions are written in Groovy for Jenkins Shared Library vars/ convention. Each function has @param documentation.

Acceptance criteria

• airgap.standardCheckout clones both repos with parameterized branches into the correct directories
• airgap.teardownInfrastructure performs the complete tofu select→destroy→deleteWorkspace sequence
• airgap.configureAnsible handles SSH key paths and inventory rendering
• make.runTarget runs Make targets inside Docker with proper mounts and env vars
• infrastructure.parseAndSubstituteVars replaces ${VAR} placeholders in config strings
• infrastructure.writeConfig writes processed config to a file
• infrastructure.generateWorkspaceName creates unique workspace names
• infrastructure.archiveWorkspaceName persists workspace name to file
• infrastructure.writeSshKey writes SSH key material with correct permissions
• infrastructure.cleanupArtifacts removes local artifacts
• config.groovy has repositories section with getRepositoryConfig accessor
• All functions have @param documentation
• 134 Gradle tests pass (./gradlew test)
• PR submitted to qa-jenkins-library for review (PR fix spelling errors #18)

Blocked by

None — can start immediately Complete.

User stories addressed

• User story 5 (tofu lifecycle shared function)
• User story 6 (Ansible variable configuration shared function)
• User story 7 (checkout block as shared function)
• User story 19 (standardCheckout function in qa-jenkins-library)
• User story 22 (Makefile integration via make.runTarget)
• User story 23 (make.runTarget handles Docker execution consistently)
• User story 24 (destroy uses Jenkins library, not Makefile)

[floatingman]

Closed by rancher/qa-jenkins-library#18