/
build_image.yml
87 lines (84 loc) · 4.16 KB
/
build_image.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
- job:
name: build-image
display-name: Build Docker image
project-type: pipeline
description: Builds the docker image from a repository release tag
concurrent: true
parameters:
- choice:
name: REPOSITORY
choices:
{% for application in dm_applications %}
- {{ application }}
{% endfor %}
- scripts
- string:
name: RELEASE_NAME
description: "git ref (eg 'release-42') to checkout for building the artefact. This will also become the image release name."
- bool:
name: REBUILD
default: true
description: "Rerun the build even if the release already exists"
- string:
name: HEAD_BRANCH
default: "main"
description: "RELEASE_NAME must be present in this branch. *USE WITH CARE* - production releases should *ALWAYS* be present in main"
- bool:
name: MARK_LATEST
default: true
description: "Whether to mark the built image as the application's 'latest'"
dsl: |
node {
try {
stage('Check previous builds') {
currentBuild.displayName = "#${BUILD_NUMBER} - ${REPOSITORY} - ${RELEASE_NAME}"
existingRelease = sh(script: "curl -fs https://index.docker.io/v1/repositories/digitalmarketplace/${REPOSITORY}/tags/${RELEASE_NAME}", returnStatus: true)
}
if (existingRelease == 0 && (REBUILD.toString() == "false")) {
echo "Release ${RELEASE_NAME} already exists"
currentBuild.result = 'SUCCESS'
return
}
stage('Prepare') {
if (RELEASE_NAME ==~ /release-\d+/ && HEAD_BRANCH != "main") {
input("WARNING: It is probably a bad idea to create a release- tagged image from a non-main HEAD_BRANCH!")
}
if (MARK_LATEST.toString() == "true" && HEAD_BRANCH != "main") {
input("WARNING: It is probably a bad idea to mark a non-main HEAD_BRANCH image as 'latest'")
}
git url: "git@github.com:alphagov/digitalmarketplace-${REPOSITORY}.git", branch: HEAD_BRANCH, credentialsId: 'github_com_and_enterprise'
echo "Cleaning repository"
sh("git clean -fdx")
echo "Checking out ${RELEASE_NAME}"
sh("git reset --hard ${RELEASE_NAME}")
}
stage('Build') {
sh("docker build --pull -t digitalmarketplace/${REPOSITORY} --build-arg release_name=${RELEASE_NAME} .")
sh("docker tag digitalmarketplace/${REPOSITORY} digitalmarketplace/${REPOSITORY}:${RELEASE_NAME}")
}
stage('Upload') {
docker_credentials = sh(script: 'sops -d /home/jenkins/digitalmarketplace-credentials/jenkins-vars/docker_credentials_env.enc', returnStdout: true).trim()
withEnv(docker_credentials.tokenize("\n")) {
sh("set +x; docker login -u ${DOCKER_USERNAME} -p ${DOCKER_PASSWORD}")
}
sh("docker push digitalmarketplace/${REPOSITORY}:${RELEASE_NAME}")
if (MARK_LATEST.toString() == "true") {
sh("docker push digitalmarketplace/${REPOSITORY}:latest")
}
}
} catch(err) {
currentBuild.result = 'FAILURE'
echo "Error: ${err}"
build job: "notify-slack",
parameters: [
string(name: 'USERNAME', value: 'build-image'),
string(name: 'ICON', value: ':sad-docker:'),
string(name: 'JOB', value: "Build Docker image: ${REPOSITORY} - ${RELEASE_NAME}"),
string(name: 'CHANNEL', value: "#dm-release"),
string(name: 'PROJECT', value: "${REPOSITORY}"),
text(name: 'RELEASE_NAME', value: "${RELEASE_NAME}"),
text(name: 'STATUS', value: 'FAILED'),
text(name: 'URL', value: "<${BUILD_URL}consoleFull|${BUILD_DISPLAY_NAME}>")
]
}
}