-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Switch to jenkinsfile #3525
Switch to jenkinsfile #3525
Changes from 45 commits
aebf739
1c30eb9
bf7a86a
4e28420
2e6eae5
f82e6df
f7acffc
f445b3c
ec9c205
14b30f9
10336db
abae2ae
abdbb92
7b782f7
ea68f04
4209579
bf5c60b
2404131
988df78
c209b0a
cb28846
bd013e1
e0f64f9
8fe644b
a745baa
5c19628
97de81f
0f1aa88
bee32ab
356cc79
73a5543
febe398
c24f496
d39f844
aca17e8
54e60f8
cb0e65a
baa8a68
05fcf20
1212936
ace1afd
85189ff
715c63a
004bec5
42d8f1b
1825d27
efbf265
d1fbbc3
dd08e82
775606f
e1ba67b
bf94056
813c8b6
de83db1
1f494e2
4259be9
d64167b
46eb081
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,317 @@ | ||
/* known issues */ | ||
/* Parallel tasks, when executed, show up as "part of <job name>" rather than a more descriptive name. See http://stackoverflow.com/questions/37812588/how-can-i-override-the-part-of-app-pipeline-buildname */ | ||
|
||
/* notes */ | ||
/* You must escape backslashes and $ because groovy. */ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This can probably removed, it's just a fact of groovy. |
||
|
||
/* TODO */ | ||
/* expand macOS testing */ | ||
/* smoke tests */ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. These comments all need updating. |
||
|
||
|
||
def configs = [ | ||
[ | ||
label: 'windows', | ||
toxenvs: ['py26', 'py27', 'py33', 'py34', 'py35', 'py36'], | ||
], | ||
[ | ||
label: 'windows64', | ||
toxenvs: ['py26', 'py27', 'py33', 'py34', 'py35', 'py36'], | ||
], | ||
[ | ||
label: 'freebsd11', | ||
toxenvs: ['py27'], | ||
], | ||
[ | ||
label: 'sierra', | ||
toxenvs: ['py27'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-centos7', | ||
toxenvs: ['py27'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-wheezy', | ||
toxenvs: ['py27'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-jessie', | ||
toxenvs: ['py27', 'py34'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-sid', | ||
toxenvs: ['py27', 'py35'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-stretch', | ||
toxenvs: ['py27', 'py35'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-jessie-libressl:2.4.5', | ||
toxenvs: ['py27'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-jessie-libressl:2.5.3', | ||
toxenvs: ['py27'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-ubuntu-xenial', | ||
toxenvs: ['py27', 'py35'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-ubuntu-rolling', | ||
toxenvs: ['py27', 'py35', 'docs', 'pep8', 'py3pep8'], | ||
], | ||
[ | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-fedora', | ||
toxenvs: ['py27', 'py35'], | ||
], | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We need the docs-linkcheck buidl somewhere, somehow. |
||
] | ||
|
||
def downstreams = [ | ||
[ | ||
downstreamName: 'pyOpenSSL', | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-ubuntu-rolling', | ||
script: """#!/bin/bash -xe | ||
git clone --depth=1 https://github.com/pyca/pyopenssl.git pyopenssl | ||
cd pyopenssl | ||
virtualenv .venv | ||
source .venv/bin/activate | ||
pip install ../cryptography | ||
pip install -e . | ||
pip install pytest | ||
pytest tests | ||
""" | ||
], | ||
[ | ||
downstreamName: 'Twisted', | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-ubuntu-rolling', | ||
script: """#!/bin/bash -xe | ||
git clone --depth=1 https://github.com/twisted/twisted.git twisted | ||
cd twisted | ||
virtualenv .venv | ||
source .venv/bin/activate | ||
pip install ../cryptography | ||
pip install pyopenssl service_identity pycrypto | ||
pip install -e . | ||
python -m twisted.trial src/twisted | ||
""" | ||
], | ||
[ | ||
downstreamName: 'paramiko', | ||
label: 'docker', | ||
imageName: 'pyca/cryptography-runner-ubuntu-rolling', | ||
script: """#!/bin/bash -xe | ||
git clone --depth=1 https://github.com/paramiko/paramiko.git paramiko | ||
cd paramiko | ||
virtualenv .venv | ||
source .venv/bin/activate | ||
pip install ../cryptography | ||
pip install -e . | ||
pip install -r dev-requirements.txt | ||
inv test | ||
""" | ||
], | ||
] | ||
|
||
def checkout_git(label) { | ||
def script = "" | ||
if (env.BRANCH_NAME.startsWith('PR-')) { | ||
script = """ | ||
git clone --depth=1 https://github.com/pyca/cryptography.git cryptography | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is it pratical to factor these first two lines of the script that are the same in both things out? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Do these need |
||
cd cryptography | ||
git fetch origin +refs/pull/${env.CHANGE_ID}/merge: | ||
git checkout -qf FETCH_HEAD | ||
git rev-parse HEAD | ||
""" | ||
} else { | ||
script = """ | ||
git clone --depth=1 https://github.com/pyca/cryptography.git cryptography | ||
cd cryptography | ||
git checkout ${env.BRANCH_NAME} | ||
git rev-parse HEAD | ||
""" | ||
} | ||
if (label.contains("windows")) { | ||
bat script | ||
} else { | ||
sh """#!/bin/sh | ||
set -xe | ||
${script} | ||
""" | ||
} | ||
} | ||
def build(toxenv, label, imageName) { | ||
|
||
try { | ||
timeout(time: 30, unit: 'MINUTES') { | ||
|
||
checkout_git(label) | ||
|
||
withCredentials([string(credentialsId: 'cryptography-codecov-token', variable: 'CODECOV_TOKEN')]) { | ||
withEnv(["LABEL=$label", "TOXENV=$toxenv", "IMAGE_NAME=$imageName"]) { | ||
if (label.contains("windows")) { | ||
def pythonPath = [ | ||
py26: "C:\\Python26\\python.exe", | ||
py27: "C:\\Python27\\python.exe", | ||
py33: "C:\\Python33\\python.exe", | ||
py34: "C:\\Python34\\python.exe", | ||
py35: "C:\\Python35\\python.exe", | ||
py36: "C:\\Python36\\python.exe" | ||
] | ||
if (toxenv == "py35" || toxenv == "py36") { | ||
includeLib = [ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This isn't a great name, how about There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Also, does it need a |
||
"windows": [ | ||
"include": '"C:\\OpenSSL-Win32-2015\\include"', | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is there a reason to put quotes in all these strings, rather than push it down? |
||
"lib": '"C:\\OpenSSL-Win32-2015\\lib"' | ||
], "windows64": [ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Newline here. |
||
"include": '"C:\\OpenSSL-Win64-2015\\include"' , | ||
"lib": '"C:\\OpenSSL-Win64-2015\\lib"' | ||
] | ||
] | ||
} else { | ||
includeLib = [ | ||
"windows": [ | ||
"include": '"C:\\OpenSSL-Win32-2010\\include"', | ||
"lib": '"C:\\OpenSSL-Win32-2010\\lib"' | ||
], "windows64": [ | ||
"include": '"C:\\OpenSSL-Win64-2010\\include"' , | ||
"lib": '"C:\\OpenSSL-Win64-2010\\lib"' | ||
] | ||
] | ||
} | ||
bat """ | ||
cd cryptography | ||
@set PATH="C:\\Python27";"C:\\Python27\\Scripts";%PATH% | ||
@set CRYPTOGRAPHY_WINDOWS_LINK_OPENSSL110=1 | ||
@set PYTHON="${pythonPath[toxenv]}" | ||
|
||
@set INCLUDE=${includeLib[label]['include']};%INCLUDE% | ||
@set LIB=${includeLib[label]['lib']};%LIB% | ||
tox -r | ||
IF %ERRORLEVEL% NEQ 0 EXIT /B %ERRORLEVEL% | ||
virtualenv .codecov | ||
call .codecov/Scripts/activate | ||
pip install codecov | ||
codecov -e JOB_BASE_NAME,LABEL | ||
""" | ||
} else if (label.contains("sierra")) { | ||
ansiColor { | ||
sh """#!/usr/bin/env bash | ||
set -xe | ||
# Jenkins logs in as a non-interactive shell, so we don't even have /usr/local/bin in PATH | ||
export PATH=/usr/local/bin:\$PATH | ||
export PATH="/Users/jenkins/.pyenv/shims:\${PATH}" | ||
export PYENV_SHELL=bash | ||
cd cryptography | ||
CRYPTOGRAPHY_OSX_NO_LINK_FLAGS=1 \ | ||
LDFLAGS="/usr/local/opt/openssl\\@1.1/lib/libcrypto.a /usr/local/opt/openssl\\@1.1/lib/libssl.a" \ | ||
CFLAGS="-I/usr/local/opt/openssl\\@1.1/include -Werror -Wno-error=deprecated-declarations -Wno-error=incompatible-pointer-types -Wno-error=unused-function -Wno-error=unused-command-line-argument" \ | ||
tox -r -- --color=yes | ||
virtualenv .venv | ||
source .venv/bin/activate | ||
pip install coverage | ||
bash <(curl -s https://codecov.io/bash) -e JOB_BASE_NAME,LABEL | ||
""" | ||
} | ||
} else { | ||
ansiColor { | ||
sh """#!/usr/bin/env bash | ||
set -xe | ||
cd cryptography | ||
if [[ "\${IMAGE_NAME}" == *"libressl"* ]]; then | ||
LD_LIBRARY_PATH="/usr/local/libressl/lib:\$LD_LIBRARY_PATH" \ | ||
LDFLAGS="-L/usr/local/libressl/lib" \ | ||
CFLAGS="-I/usr/local/libressl/include" \ | ||
tox -r -- --color=yes | ||
else | ||
tox -r -- --color=yes | ||
fi | ||
virtualenv .venv | ||
source .venv/bin/activate | ||
pip install coverage | ||
bash <(curl -s https://codecov.io/bash) -e JOB_BASE_NAME,LABEL | ||
""" | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} finally { | ||
deleteDir() | ||
} | ||
|
||
} | ||
|
||
def builders = [:] | ||
for (config in configs) { | ||
def label = config["label"] | ||
def toxenvs = config["toxenvs"] | ||
|
||
for (_toxenv in toxenvs) { | ||
def toxenv = _toxenv | ||
|
||
if (label.contains("docker")) { | ||
def imageName = config["imageName"] | ||
def combinedName = "${imageName}-${toxenv}" | ||
builders[combinedName] = { | ||
node(label) { | ||
stage(combinedName) { | ||
docker.image(imageName).inside { | ||
build(toxenv, label, imageName) | ||
} | ||
} | ||
} | ||
} | ||
} else { | ||
def combinedName = "${label}-${toxenv}" | ||
builders[combinedName] = { | ||
node(label) { | ||
stage(combinedName) { | ||
build(toxenv, label, '') | ||
} | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
parallel builders | ||
|
||
def downstreamBuilders = [:] | ||
for (downstream in downstreams) { | ||
def downstreamName = downstream["downstreamName"] | ||
def imageName = downstream["imageName"] | ||
def label = downstream["label"] | ||
def script = downstream["script"] | ||
downstreamBuilders[downstreamName] = { | ||
node(label) { | ||
docker.image(imageName).inside { | ||
try { | ||
timeout(time: 30, unit: 'MINUTES') { | ||
checkout_git(label) | ||
sh script | ||
} | ||
} finally { | ||
deleteDir() | ||
} | ||
} | ||
} | ||
} | ||
} | ||
|
||
stage("Downstreams") { | ||
parallel downstreamBuilders | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove this and turn it into a follow up issue, or linewrap it with a link to a jenkins upstream issue.