forked from openshift/console
-
Notifications
You must be signed in to change notification settings - Fork 0
/
jenkins.sh
executable file
·153 lines (128 loc) · 4.41 KB
/
jenkins.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#!/usr/bin/env bash
set -eo pipefail
# This script contains all jenkins work.
# This runs directly on the jenkins build host.
# The Jenkins build command should do nothing but execute this script.
CURRENT_USER=$(whoami)
CURRENT_UID=$(id -u "$CURRENT_USER")
echo "Running under user: $CURRENT_USER, with uid: $CURRENT_UID"
# We assume the jenkins jenkins user with uid 1000 on all build hosts
export BUILDER_RUN_USER=1000
if [ ${BUILDER_RUN_USER} -eq "${CURRENT_UID}" ]; then
echo "Running under User: ${CURRENT_USER}, with UID: ${CURRENT_UID}"
else
echo "Expected to run with UID: ${BUILDER_RUN_USER}, instead UID is: ${CURRENT_UID}. Fix Jenkins and try again."
exit 1
fi
S3_BUCKET="teamui-jenkins"
S3_URL="https://s3.amazonaws.com/$S3_BUCKET/"
status() {
# Hide output so we don't leak creds in Jenkins log
set +x
description=${3:-"$1 $2."}
data=$(cat << EOF
{
"context": "$1",
"state": "$2",
"description": "${description}",
"target_url": "${S3_URL}${BUILD_TAG}/${1}.log"
}
EOF
)
# TODO: use correct target url for performance status
# "target_url": "${BUILD_URL}console"
# shellcheck disable=SC2154
curl -o /dev/null --silent -X POST --user "${GITHUB_CREDENTIALS}" \
--data "$data" \
"https://api.github.com/repos/openshift/console/statuses/${ghprbActualCommit}"
set -x
}
s3_upload () {
# Hide output so we don't leak creds in Jenkins log
set +x
file=$1
dest=$2
content_type='text/plain'
datetime=$(TZ=utc date +"%a, %d %b %Y %T %z")
acl="x-amz-acl:public-read"
body="PUT\n\n${content_type}\n${datetime}\n${acl}\n/${S3_BUCKET}/${dest}"
signature=$(echo -en "${body}" | openssl sha1 -hmac "${AWS_SECRET_ACCESS_KEY}" -binary | base64)
curl -o /dev/null --silent -X PUT -T "${file}" \
-H "Host: ${S3_BUCKET}.s3.amazonaws.com" \
-H "Date: ${datetime}" \
-H "Content-Type: ${content_type}" \
-H "${acl}" \
-H "Authorization: AWS ${AWS_ACCESS_KEY_ID}:${signature}" \
"https://${S3_BUCKET}.s3.amazonaws.com/${dest}"
set -x
}
builder_run () {
name=$1
shift
needs_kubeconfig=$1
shift
cmd=$*
status "$name" 'pending'
if [ "$needs_kubeconfig" -ne 0 ]
then
export DOCKER_ENV="KUBECONFIG"
fi
mkdir -p jenkins-logs
# shellcheck disable=SC2086
if ./builder-run.sh $cmd 2>&1 | tee "jenkins-logs/$name.log"
then
status "$name" 'success'
s3_upload "jenkins-logs/$name.log" "$BUILD_TAG/$name.log"
else
status "$name" 'error'
s3_upload "jenkins-logs/$name.log" "$BUILD_TAG/$name.log"
exit 1
fi
unset DOCKER_ENV
}
set -x
./clean.sh
set +e
builder_run 'Build' 0 ./build.sh
builder_run 'Tests' 0 ./test.sh
builder_run 'GUI-Tests' 1 ./test-gui.sh crud
builder_run 'GUI-Tests-New-App' 1 ./test-gui.sh newApp
builder_run 'GUI-Tests-OLM' 1 ./test-gui.sh olm
builder_run 'GUI-Tests-Service-Catalog' 1 ./test-gui.sh serviceCatalog
status 'Performance' 'pending'
if DOCKER_ENV="KUBECONFIG" ./builder-run.sh ./test-gui.sh performance
then
description=$(cat ./frontend/gui_test_screenshots/bundle-analysis.txt)
status 'Performance' 'success' "${description}"
else
description=$(cat ./frontend/gui_test_screenshots/bundle-analysis.txt)
status 'Performance' 'error' "${description}"
exit 1
fi
set -e
GIT_SHA_HEAD=$(git rev-parse HEAD)
GIT_SHA_MASTER=$(git rev-parse origin/master)
IS_RELEASE_TAG=$(git describe --exact-match --abbrev=0 --tags "${GIT_SHA_HEAD}" 2> /dev/null || :)
if [ "$GIT_SHA_HEAD" == "$GIT_SHA_MASTER" ]; then
echo "detected master build. building & pushing images..."
./push.sh
elif [ ! -z "$IMAGE_TAG" ]; then
echo "detected request to push built image using tag ${IMAGE_TAG}. building & pushing images..."
./push.sh
elif [ -n "$IS_RELEASE_TAG" ]; then
echo "detected release tag ${IS_RELEASE_TAG}. building & pushing images..."
./push.sh
else
echo "skipping image push. HEAD sha does not appear to be master, nor is it a release tag: $GIT_SHA_HEAD"
fi
echo "Cleaning up old Docker images..."
set +e
# delete stopped containers
docker ps -a -q | xargs docker rm
# docker rm $(docker ps -a -q)
# delete images except for console builder (fails on images currently used)
docker images | grep -F -v quay.io/coreos/tectonic-console-builder | awk '{print $3}' | grep -v IMAGE | xargs docker rmi
# delete orphaned volumes
docker volume ls -qf dangling=true | xargs -r docker volume rm
set -e
echo "Done!"