From 3b2693b28d4a87bcc2cb57331a2479a769f0e0f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20Le=20Meur?= <91831478+lemeurherve@users.noreply.github.com> Date: Mon, 12 Sep 2022 22:24:19 +0200 Subject: [PATCH] feat: separate updatecli to its own pipeline (#2866) * feat: separate updatecli to its own pipeline Ref: https://github.com/jenkins-infra/helpdesk/issues/2778 * add updatecli job for kubernetes-management on infra.ci * remove redundant 'Management' * clean Jenkinsfile_updatecli * remove unused do token credential for kubernetes-management-updatecli * update updatecli manifest * set a top folder with one children instead for now until we adapt the job-dsl chart for a 'organization-scanning' kind * cleanup: remove helmfile image in Jenkinsfile_updatecli As it's already defined in the 'updatecli' function of the shared pipeline library * chore: better job description * fix: quote Co-authored-by: Damien Duportal --- Jenkinsfile_k8s | 60 ++++--------------- Jenkinsfile_updatecli | 45 ++++++++++++++ config/ext_jenkins-infra-jobs.yaml | 11 ++++ .../updatecli.d/pod-templates/helmfile.yaml | 13 +--- 4 files changed, 68 insertions(+), 61 deletions(-) create mode 100644 Jenkinsfile_updatecli diff --git a/Jenkinsfile_k8s b/Jenkinsfile_k8s index 2cec83558f..a096ae7992 100644 --- a/Jenkinsfile_k8s +++ b/Jenkinsfile_k8s @@ -14,56 +14,16 @@ pipeline { } stages { - stage('Chore Tasks') { - parallel { - stage('Dependency Management') { - agent { - kubernetes { - yamlFile 'PodTemplates.yaml' - } - } - environment { - AWS_ACCESS_KEY_ID = credentials('packer-aws-access-key-id') - AWS_SECRET_ACCESS_KEY = credentials('packer-aws-secret-access-key') - AWS_DEFAULT_REGION = 'us-east-2' - } - stages { - stage('Check Configuration Update') { - // Run updatecli's diff on both push and pull requests (in case a configuration change breaks updatecli) - steps { - catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') { - updatecli(action: 'diff', cronTriggerExpression: cronExpr, - updatecliDockerImage: 'jenkinsciinfra/helmfile:2.4.66', // Tracked by updatecli - ) - } - } - } // stage - stage('Apply Configuration Update') { - when { - expression { env.BRANCH_IS_PRIMARY } - } - steps { - catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') { - updatecli(action: 'apply', cronTriggerExpression: cronExpr, - updatecliDockerImage: 'jenkinsciinfra/helmfile:2.4.66', // Tracked by updatecli, - ) - } - } - } // stage - } - } // stage 'Dependency Management' - stage('Yaml Lint') { - agent { - kubernetes { - yamlFile 'PodTemplates.yaml' - } - } - steps { - sh 'yamllint --config-file yamllint.config config' - } - } // stage 'Yaml Lint' - } // parallel - } // stage 'Chore Tasks + stage('Yaml Lint') { + agent { + kubernetes { + yamlFile 'PodTemplates.yaml' + } + } + steps { + sh 'yamllint --config-file yamllint.config config' + } + } // stage 'Yaml Lint' stage('Kubernetes Management Tasks') { matrix { axes { diff --git a/Jenkinsfile_updatecli b/Jenkinsfile_updatecli new file mode 100644 index 0000000000..fae8f205ea --- /dev/null +++ b/Jenkinsfile_updatecli @@ -0,0 +1,45 @@ +def cronExpr = env.BRANCH_IS_PRIMARY ? 'H/30 * * * *' : '' + +pipeline { + agent { + kubernetes { + yamlFile 'PodTemplates.yaml' + } + } + + options { + buildDiscarder(logRotator(numToKeepStr: '10')) + timeout(time: 30, unit: 'MINUTES') + disableConcurrentBuilds() + } + + triggers { + cron (cronExpr) + } + + environment { + AWS_ACCESS_KEY_ID = credentials('packer-aws-access-key-id') + AWS_SECRET_ACCESS_KEY = credentials('packer-aws-secret-access-key') + AWS_DEFAULT_REGION = 'us-east-2' + } + stages { + stage('Check Configuration Update') { + // Run updatecli's diff on both push and pull requests (in case a configuration change breaks updatecli) + steps { + catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') { + updatecli(action: 'diff', cronTriggerExpression: cronExpr) + } + } + } // stage + stage('Apply Configuration Update') { + when { + expression { env.BRANCH_IS_PRIMARY } + } + steps { + catchError(buildResult: 'SUCCESS', stageResult: 'FAILURE') { + updatecli(action: 'apply', cronTriggerExpression: cronExpr) + } + } + } + } +} diff --git a/config/ext_jenkins-infra-jobs.yaml b/config/ext_jenkins-infra-jobs.yaml index 25f0aadece..3f8d1f7823 100644 --- a/config/ext_jenkins-infra-jobs.yaml +++ b/config/ext_jenkins-infra-jobs.yaml @@ -124,6 +124,17 @@ jobsDefinition: helm-charts: name: Helm Charts description: Custom Helm Charts of the Jenkins Infra + updatecli: + name: Dependencies Management with Updatecli + kind: folder + credentials: + # Used by updatecli to retrieve AMIs + packer-aws-access-key-id: *packer-aws-access-key-id-def + # Used by updatecli to retrieve AMIs + packer-aws-secret-access-key: *packer-aws-secret-access-key-def + children: + kubernetes-management: + jenkinsfilePath: Jenkinsfile_updatecli other-jobs: name: Other Jobs description: Folder hosting all the jobs not fitting any category diff --git a/updatecli/updatecli.d/pod-templates/helmfile.yaml b/updatecli/updatecli.d/pod-templates/helmfile.yaml index c4e24f9826..3b6a8a144d 100644 --- a/updatecli/updatecli.d/pod-templates/helmfile.yaml +++ b/updatecli/updatecli.d/pod-templates/helmfile.yaml @@ -50,25 +50,16 @@ targets: file: "PodTemplates.yaml" key: spec.containers[0].image scmid: default - updatePipelineImage: - name: Update docker-helmfile in Jenkinsfile - kind: file - spec: - file: Jenkinsfile_k8s - # Please note that the patterns are specified as "block scalars" (>) with the last endline trimmed (-) to avoid tedious escaping of simple quotes - matchpattern: >- - 'jenkinsciinfra/helmfile:(.*)' - replacepattern: >- - 'jenkinsciinfra/helmfile:{{ source `lastRelease` }}' - scmid: default pullrequests: default: kind: github scmid: default + title: Bump jenkins-infra helmfile docker image to {{ source `lastRelease` }} targets: - updatePodImage - updatePipelineImage spec: labels: - dependencies + - docker-helmfile