-
-
Notifications
You must be signed in to change notification settings - Fork 46
/
Jenkinsfile_k8s
85 lines (81 loc) · 2.68 KB
/
Jenkinsfile_k8s
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
def cronExpr = env.BRANCH_IS_PRIMARY ? 'H/30 * * * *' : ''
pipeline {
agent none
options {
buildDiscarder(logRotator(numToKeepStr: '10'))
timeout(time: 30, unit: 'MINUTES')
disableConcurrentBuilds()
}
triggers {
cron (cronExpr)
}
stages {
stage('Yaml Lint') {
agent {
label 'jnlp-linux-arm64'
}
steps {
sh 'yamllint --config-file yamllint.config config'
}
} // stage 'Yaml Lint'
stage('Kubernetes Management Tasks') {
matrix {
axes {
axis {
name 'K8S_CLUSTER'
values 'privatek8s', 'publick8s', 'cijioagents1', 'cijioagents2', 'infracijioagents1'
}
} // axes
agent {
label 'jnlp-linux-arm64'
}
environment {
KUBECONFIG = credentials("kubeconfig-${K8S_CLUSTER}")
// Required for secret decryption
AZURE_TENANT_ID = credentials('sops-tenant-id')
AZURE_CLIENT_ID = credentials('sops-client-id')
AZURE_CLIENT_SECRET = credentials('sops-client-secret')
}
stages {
stage('Prepare Environment'){
steps {
// Retrieve the private repository holding the SOPS encrypted YAML secrets into the local directory "./secrets"
dir ('secrets'){
git branch: 'main', credentialsId: 'github-app-infra', url: 'https://github.com/jenkins-infra/charts-secrets.git'
}
sh 'kubectl cluster-info'
}
}
stage('Helmfile Lint'){
steps {
sh 'helmfile -f "clusters/${K8S_CLUSTER}.yaml" lint'
}
} // stage
stage('Diff on Pull Request'){
when {
changeRequest()
}
steps {
script {
def diff = sh(
script:'helmfile -f "clusters/${K8S_CLUSTER}.yaml" diff --suppress-secrets --skip-deps --context=2 --concurrency=8',
returnStdout: true,
).trim()
// Note the GitHub markdown formatting for the diff, to have syntax coloration
publishChecks name: "helmfile-diff-${K8S_CLUSTER}", title: "Helmfile Diff for cluster ${K8S_CLUSTER}", text: '```diff\n' + diff + '\n```'
}
}
} // stage
stage('Apply'){
when {
branch 'main'
}
steps {
sh 'helmfile -f "clusters/${K8S_CLUSTER}.yaml" apply --suppress-secrets --concurrency=8'
}
} // stage
} // stages
} // matrix
} // stage 'stage('Kubernetes Management Tasks')
} // stages
}