how-to
/
all-in-one
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '175ae97e4b'
${ noResults }
all-in-one/jenkins/README.md

602 lines
21 KiB
Markdown
Raw Blame History

# Sample Jenkins Script
* Jenkins builtin variables
```groovy
// build name . eg: #241
${BUILD_DISPLAY_NAME}
// build id . eg : 241
${BUILD_ID}
${BUILD_NUMBER}
// present working dir
${PWD}
```
* test_infrastructure_aws_eu-west-1
```groovy
pipeline {
agent any
stages {
stage('Checkout') {
steps {
checkout([
$class: 'GitSCM',
branches: [[name: '*/serverless']],
doGenerateSubmoduleConfigurations: false,
extensions: [],
gitTool: 'Default',
submoduleCfg: [],
userRemoteConfigs: [[
credentialsId: 'a19fa3f5-7075-4129-82b7-0b6f49c24dd0',
url: 'https://elenapistol@bitbucket.org/razersw/razer-pay-infrastructure.git'
]]
])
}
}
stage('Build terraform image') {
steps {
//withCredentials([usernamePassword(credentialsId: 'terraform_aws_key', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY')]) {
withCredentials([[ $class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'terraform_aws_key', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY']]) {
sh 'echo $AWS_ACCESS_KEY_ID'
sh 'cd serverless/aws && docker build --build-arg AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID --build-arg AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY -t terraform_aws .'
}
}
}
stage('Validate terraform') {
steps {
sh 'echo "Validate tf"'
sh 'docker run -t terraform_aws bash -c "cd environments/dev2 && terraform validate"'
sh "CONTAINER_ID=\$(docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && docker rm \${CONT}"
//sh "CONTAINER_ID=\$(docker ps -n=1 -a | grep 'terraform_aws' | awk '{ print \$1 }')"
//sh "CONTAINER_ID=\$(docker ps -a | grep 'terraform' | awk '{ print $1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d" " -f1) && sudo docker rm \$CONT"
//sh "CONTAINER_ID=\$(docker ps -n=1 -a | grep 'terraform_aws' | awk '{ print \$1 }') && docker rm $CONTAINER_ID"
}
}
stage('Generate plan') {
steps {
sh 'echo "tf plan output"'
sh 'docker run -t terraform_aws bash -c "cd environments/dev2 && terraform plan -out tfplan"'
sh "CONTAINER_ID=\$(docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && docker rm \${CONT}"
//sh 'docker run -t terraform_aws bash -c "cd environments/dev2 && terraform show -no-color tfplan > tfplan.txt"'
}
}
stage('Security testing') {
steps {
sh 'echo "execute security testing"'
sh 'docker run -t terraform_aws bash -c "cd environments/dev2 && terraform plan -out tfplan && terraform show -json tfplan > tfplan.json && terraform-compliance -p tfplan.json -f ../../security_testing/ > security_results.txt ; cat security_results.txt ; terraform-compliance -p tfplan.json -f ../../security_testing/ > security_results.txt"'
sh "CONTAINER_ID=\$(docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && docker rm \${CONT}"
//sh 'docker run -t terraform_aws bash -c "cd environments/dev2 && terraform show -no-color tfplan > tfplan.txt"'
}
}
stage('Approval step') {
steps {
script {
env.APPROVED = input message: 'Approve this infrastructure deploy?',
ok: 'Deploy!',
parameters: [choice(name: 'Approving', choices: "YES\nNO\n", description: 'Proceed with deployment?')]
}
}
}
stage('Deploy infrastructure') {
steps {
script {
sh 'echo "Approved?"'
sh "echo ${APPROVED}"
sh 'echo "Deploying..."'
sh 'docker run -t terraform_aws bash -c "cd environments/dev2 && terraform apply -auto-approve"'
sh "CONTAINER_ID=\$(docker ps -a | grep 'terraform' | awk '{ print \$1 }') && CONT=\$(echo \${CONTAINER_ID} | cut -d' ' -f1) && docker rm \${CONT}"
}
}
}
}
}
```
* wallet-aws-ecs-dev
```groovy
pipeline {
agent any
stages {
stage('Build json config file') {
steps {
sh 'echo "Build config files..."'
checkout([
$class: 'GitSCM',
branches: [[name: '*/master']],
doGenerateSubmoduleConfigurations: false,
extensions: [],
gitTool: 'Default',
submoduleCfg: [],
userRemoteConfigs: [[
credentialsId: 'a19fa3f5-7075-4129-82b7-0b6f49c24dd0',
url: 'https://elenapistol@bitbucket.org/razersw/razer-pay-deployment-scripts.git'
]]
])
withCredentials([[ $class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'terraform_aws_key', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY']]) {
sh 'cd wallet && python3 wallet.py --aws-access-key-id=$AWS_ACCESS_KEY_ID --aws-secret-access-key=$AWS_SECRET_ACCESS_KEY --aws-region=eu-west-1 --environment-name=dev2 --json-input-filename=default.json.dev2-sg'
sh 'mv wallet/default.json /tmp/default.json.dev2.wallet-${BUILD_NUMBER}'
}
sh 'mv wallet/default.json.local /tmp/default.json.local.wallet-${BUILD_NUMBER}'
}
}
stage('Checkout') {
steps {
//checkout([
// $class: 'GitSCM',
// branches: [[name: '*/containers-pipeline']],
// doGenerateSubmoduleConfigurations: false,
// extensions: [],
// gitTool: 'Default',
// submoduleCfg: [],
// userRemoteConfigs: [[
// credentialsId: 'a19fa3f5-7075-4129-82b7-0b6f49c24dd0',
// url: 'https://elenapistol@bitbucket.org/razersw/razer-pay-docker-tools.git'
// ]]
//])
//sh 'mkdir /tmp/razer-pay-docker-tools-${BUILD_NUMBER}'
//sh 'mv * /tmp/razer-pay-docker-tools-${BUILD_NUMBER}'
//sh 'ls -l /tmp/razer-pay-docker-tools-${BUILD_NUMBER}'
checkout([
$class: 'GitSCM',
branches: [[name: '*/containers-pipeline']],
doGenerateSubmoduleConfigurations: false,
extensions: [],
gitTool: 'Default',
submoduleCfg: [],
userRemoteConfigs: [[
credentialsId: 'a19fa3f5-7075-4129-82b7-0b6f49c24dd0',
url: 'https://elenapistol@bitbucket.org/razersw/razer-pay-wallet-api.git'
]]
])
sh 'ls -l'
}
}
// stage('Execute component tests') {
// steps {
// sh 'echo "Testing..."'
// sh 'ls -l'
// }
// }
stage('Add config files') {
steps {
sh 'mv /tmp/default.json.dev2.wallet-${BUILD_NUMBER} config/default.json'
withCredentials([[ $class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'terraform_aws_key', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY']]) {
sh 'aws ssm get-parameter --name /dev2/wallet/ec_public --with-decryption --query Parameter.Value --output text --region eu-west-1 > common/jwt/ec_public.pem'
sh 'aws ssm get-parameter --name /dev2/wallet/ec_private --with-decryption --query Parameter.Value --output text --region eu-west-1 > common/jwt/ec_private.pem'
sh 'aws ssm get-parameter --name /dev2/wallet/ec_public_visa_middleware --with-decryption --query Parameter.Value --output text --region eu-west-1 > common/jwt/ec_public_visa_middleware.pem'
}
sh 'ls -l common/jwt'
}
}
stage('Build docker image') {
steps {
sh 'echo "Build docker image"'
sh 'docker build -t dev/wallet-api .'
}
}
stage('Execute component tests') {
steps {
sh 'echo "Testing..."'
sh 'mv /tmp/default.json.local.wallet-${BUILD_NUMBER} config/default.json'
sh 'docker build -t local/wallet-api .'
checkout([
$class: 'GitSCM',
branches: [[name: '*/containers-pipeline']],
doGenerateSubmoduleConfigurations: false,
extensions: [],
gitTool: 'Default',
submoduleCfg: [],
userRemoteConfigs: [[
credentialsId: 'a19fa3f5-7075-4129-82b7-0b6f49c24dd0',
url: 'https://elenapistol@bitbucket.org/razersw/razer-pay-docker-tools.git'
]]
])
//sh 'ls -l /tmp/razer-pay-docker-tools-${BUILD_NUMBER}'
//sh 'cd /tmp/razer-pay-docker-tools-${BUILD_NUMBER} && docker-compose up -d'
//sh 'npm install'
// sh 'npm run component-test'
// sh 'docker ps -a'
sh 'docker-compose up -d'
script {
try {
sh 'docker exec -t wallet npm run component-test'
} catch (Exception e) {
currentBuild.result = 'UNSTABLE'
}
}
//sh 'cd /tmp/razer-pay-docker-tools-${BUILD_NUMBER} && docker-compose down'
sh 'docker-compose down'
}
}
stage('Push docker image') {
steps {
sh 'echo "push to ecr"'
withCredentials([[ $class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'terraform_aws_key', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY']]) {
sh 'DOCKER_LOGIN=$(AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY aws ecr get-login --no-include-email --region eu-west-1) && \${DOCKER_LOGIN}'
sh 'docker tag dev/wallet-api:latest 877859673258.dkr.ecr.eu-west-1.amazonaws.com/wallet-dev2:${BUILD_NUMBER}'
sh 'docker push 877859673258.dkr.ecr.eu-west-1.amazonaws.com/wallet-dev2:${BUILD_NUMBER}'
}
}
}
stage('Deploy to AWS ECS') {
steps {
sh 'echo "Deploy"'
withCredentials([[ $class: 'AmazonWebServicesCredentialsBinding', credentialsId: 'terraform_aws_key', accessKeyVariable: 'AWS_ACCESS_KEY_ID', secretKeyVariable: 'AWS_SECRET_ACCESS_KEY']]) {
//sh ''
sh 'ecs deploy dev2-cluster wallet --region eu-west-1 --image wallet 877859673258.dkr.ecr.eu-west-1.amazonaws.com/wallet-dev2:${BUILD_NUMBER} --timeout 600'
}
}
}
}
post {
always {
//sh 'cd /tmp/razer-pay-docker-tools-${BUILD_NUMBER} && docker-compose down'
//sh 'rm -r /tmp/razer-pay-docker-tools-${BUILD_NUMBER}'
sh 'docker-compose down'
}
}
}
```
* 7-eleven-admin-frontend
```groovy
pipeline {
agent
{
docker {
image 'node:10-alpine'
args '-p 20001-20100:3000'
}
}
environment {
HOME = '.'
npm_config_cache = 'npm-cache'
dev_bucket_region = 'ap-northeast-1'
dev_AWS_Jenkins_Credential_ID = '2739896c-8292-4061-98a3-dc178bb2abe2'
dev_bucket_name = '7e-adminportal'
staging_bucket_region = 'ap-northeast-1'
staging_AWS_Staging_Jenkins_Credential_ID = '2739896c-8292-4061-98a3-dc178bb2abe2'
staging_bucket_name = '7e-adminportal'
production_bucket_region = 'ap-northeast-1'
production_AWS_Staging_Jenkins_Credential_ID = '2739896c-8292-4061-98a3-dc178bb2abe2'
production_bucket_name = '7e-adminportal'
}
stages {
stage('Install Packages') {
steps {
sh 'printenv'
sh 'npm install'
}
}
stage('Test and Build') {
parallel {
// stage('Run Tests') {
// steps {
// sh 'npm run test'
// }
// }
stage('Create Build Artifacts') {
steps {
sh 'CI=false npm run build:dev'
}
}
}
}
stage('Deployment') {
parallel {
stage('Dev') {
when {
expression {env.GIT_BRANCH == 'origin/dev'}
}
steps {
withAWS(region:"${dev_bucket_region}",credentials:"${dev_AWS_Jenkins_Credential_ID}") {
s3Delete(bucket: "${dev_bucket_name}", path:'**/*')
s3Upload(bucket: "${dev_bucket_name}", workingDir:'build', includePathPattern:'**/*');
}
// mail(subject: 'Dev Build', body: 'New Deployment to Staging', to: 'jenkins-mailing-list@mail.com')
}
}
stage('Staging') {
when {
expression {env.GIT_BRANCH == 'origin/staging'}
}
steps {
withAWS(region:"${staging_bucket_region}",credentials:"${staging_AWS_Staging_Jenkins_Credential_ID}") {
s3Delete(bucket: "${staging_bucket_name}", path:'**/*')
s3Upload(bucket: "${staging_bucket_name}", workingDir:'build', includePathPattern:'**/*');
}
// mail(subject: 'Staging Build', body: 'New Deployment to Staging', to: 'jenkins-mailing-list@mail.com')
}
}
stage('Production') {
when {
expression {env.GIT_BRANCH == 'origin/master'}
}
steps {
withAWS(region:"${production_bucket_region}",credentials:"${production_AWS_Staging_Jenkins_Credential_ID}") {
s3Delete(bucket: "${production_bucket_name}", path:'**/*')
s3Upload(bucket: "${production_bucket_name}", workingDir:'build', includePathPattern:'**/*');
}
// mail(subject: 'Production Build', body: 'New Deployment to Production', to: 'jenkins-mailing-list@mail.com')
}
}
}
}
}
}
```
* admin-portal
```groovy
pipeline {
agent any
tools {
maven 'Maven 3.5.4'
jdk 'jdk8'
}
stages {
stage ('Initialize') {
steps {
sh '''
echo "PATH = ${PATH}"
echo "WORKSPACE = ${WORKSPACE}"
'''
}
}
stage ('Build - Admin') {
steps {
sh 'mvn clean -Dmaven.test.failure.ignore=true install'
}
}
stage ('Deploy - Admin') {
steps {
sh '''#!/bin/bash
set -a
source /home/jenkins/config/${DEPLOY_ENV}_${DEPLOY_COUNTRY}.properties
set +a
ls -l "${WORKSPACE}/target"
echo "Deployment Environment: $DEPLOY_ENV"
echo "Deployment Country: $DEPLOY_COUNTRY"
echo "Target Host: $ADMIN_IP"
if [[ $USE_KEY == *"false"* ]]
then
sshpass -p $SSH_PASSWORD scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $WORKSPACE/target/razer-pay-admin-portal.war jenkins@$ADMIN_IP:/var/lib/tomcat8/webapps/ROOT.war
else
cd /home/jenkins/keys
CLEANED_KEY=${SSH_KEY_PATH//[$'\t\r\n ']}
scp -i $CLEANED_KEY -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no $WORKSPACE/target/razer-pay-admin-portal.war jenkins@$ADMIN_IP:/var/lib/tomcat8/webapps/ROOT.war
fi
'''
}
}
stage ('Build AIM Image') {
steps {
sh '''#!/bin/bash
set -a
source /home/jenkins/config/${DEPLOY_ENV}_${DEPLOY_COUNTRY}.properties
set +a
case $DEPLOY_COUNTRY in
SG)
case $BRANCH_NAME in
uat)
aws ec2 create-image --instance-id "${INSTANCE_ID//[$'\t\r\n']}" --no-reboot --name "BackendAPIDeployment_"${BRANCH_NAME}"_"$(date +"%Y%m%d-%H%M%S") --description "Jenkins Built Image"
echo "AWS image build-"${DEPLOY_COUNTRY}"-"${BRANCH_NAME}
;;
master)
aws ec2 create-image --instance-id "${INSTANCE_ID//[$'\t\r\n']}" --no-reboot --name "BackendAPIDeployment_"${BRANCH_NAME}"_"$(date +"%Y%m%d-%H%M%S") --description "Jenkins Built Image"
echo "AWS image build-"${DEPLOY_COUNTRY}"-"${BRANCH_NAME}
;;
*)
echo "Sorry, invalid input values"
;;
esac
;;
MY)
case $BRANCH_NAME in
uat)
aliyun ecs CreateImage --InstanceId "${INSTANCE_ID//[$'\t\r\n']}" --ImageName "BackendAPIDeployment_${DEPLOY_ENV}_"$(date +"%Y%m%d-%H%M%S") --RegionId "${REGION_ID//[$'\t\r\n']}" --Description "Jenkins Built Image"
echo "Alibaba Cloud image build-"${DEPLOY_COUNTRY}"-"${BRANCH_NAME}
;;
master)
aliyun ecs CreateImage --InstanceId "${INSTANCE_ID//[$'\t\r\n']}" --ImageName "BackendAPIDeployment_${DEPLOY_ENV}_"$(date +"%Y%m%d-%H%M%S") --RegionId "${REGION_ID//[$'\t\r\n']}" --Description "Jenkins Built Image"
echo "Alibaba Cloud image build-"${DEPLOY_COUNTRY}"-"${BRANCH_NAME}
;;
*)
echo "Sorry, invalid input values"
;;
esac
;;
esac
'''
}
}
}
}
```
* razerpay-dashboard (analytics-portal)
```groovy
pipeline {
agent any
tools {
maven 'Maven 3.5.4'
jdk 'jdk8'
}
stages {
stage ('Initialize') {
steps {
sh '''
echo "PATH = ${PATH}"
echo "M2_HOME = ${M2_HOME}"
'''
}
}
stage ('Build') {
steps {
dir ('ui') {
sh 'mvn clean install -DskipTests'
}
dir ('resource') {
sh 'mvn clean install -DskipTests'
}
dir ('authserver') {
sh 'mvn clean install -DskipTests'
}
}
}
stage('Build image') {
steps {
script {
dir ('ui') {
docker.withRegistry('https://registry-intl-vpc.ap-southeast-3.aliyuncs.com', 'dockerrepo') {
def app = docker.build "razerpay-report-malaysia/ui:latest"
app.push()
}
}
dir ('resource') {
docker.withRegistry('https://registry-intl-vpc.ap-southeast-3.aliyuncs.com', 'dockerrepo') {
def app = docker.build "razerpay-report-malaysia/resource:latest"
app.push()
}
}
dir ('authserver') {
docker.withRegistry('https://registry-intl-vpc.ap-southeast-3.aliyuncs.com', 'dockerrepo') {
def app = docker.build "razerpay-report-malaysia/authserver:latest"
app.push()
}
}
}
}
}
stage('Dangling Images') {
steps {
sh 'docker images -q -f dangling=true | xargs --no-run-if-empty docker rmi'
}
}
stage('Deploy') {
def dockerRun = 'docker run -p 8080:8080 -d --name my-app kkk/my-app:2.0.0'
sshagent(['dev-server']) {
sh "ssh -o StrictHostKeyChecking=no ec2-user@172.31.18.198 ${dockerRun}"
}
}
}
}
```
* wallet-api-uat-deploy
```shell
#!/bin/bash
set +x
DEPLOY_ENV="UAT"
# (TODO: NOT SURE ABOUT THIS, ASK JOHAR MAH)
echo "*** Building for ENV=${DEPLOY_ENV}, COUNTRY=${DEPLOY_COUNTRY}"
echo "*** Applying Jenkins configuration file: /home/jenkins/config/${DEPLOY_ENV}_${DEPLOY_COUNTRY}.properties"
source /home/jenkins/config/${DEPLOY_ENV}_${DEPLOY_COUNTRY}.properties
APP_NAME=wallet-api///
APP_PATH=./razer-pay-wallet-api
echo "WALLET_API_HOST_USERNAME: ${WALLET_API_HOST_USERNAME//[$'\t\r\n ']}"
echo "WALLET_API_HOST_IP: ${WALLET_API_HOST_IP//[$'\t\r\n ']}"
ssh -oStrictHostKeyChecking=no "${WALLET_API_HOST_USERNAME//[$'\t\r\n ']}"@"${WALLET_API_HOST_IP//[$'\t\r\n ']}" << EOF
cd ${APP_PATH}
git checkout ${BRANCH_NAME}
git pull
npm install
export NODE_ENV=production
pm2 restart ${APP_NAME} --watch
EOF
echo "Deployed successfully"
```
Reference in New Issue View Git Blame Copy Permalink