Gitiles
Code Review Sign In
gerrit.onosproject.org / ci-management / 4a959606416bf1ad00509102803461c9b6844e18 / . / jjb / onf-macros.yaml
blob: 38e8972ec523e30b1e2018364a5b0d1924868398 [file] [log] [blame]
Zack Williams3403ff42019-08-13 18:30:42 -0700[diff] [blame]1# JJB Macros for ONF jobs
2
pierventrefb03d642020-07-02 23:10:12 +0200[diff] [blame]3# basic string parameters for onf projects
4# differs from lf-infra-parameters as it allows to speficy a different gerrit project
5- parameter:
6 name: onf-infra-parameters
7 parameters:
8 - string:
9 name: PROJECT
10 default: '{project}'
11 - string:
12 name: STREAM
13 default: '{stream}'
14 - string:
15 name: GERRIT_PROJECT
16 default: '{gerrit_project}'
17 - string:
18 name: GERRIT_BRANCH
19 default: '{stream}'
20 - string:
21 name: GERRIT_REFSPEC
22 default: "refs/heads/{stream}"
23 - string:
24 name: sha1
25 default: "origin/{stream}"
26
Carmelo Cascone81631ed2020-08-18 19:33:25 -0700[diff] [blame]27# basic string parameters when using onf-infra-github-pr-trigger-merge
28- parameter:
29 name: onf-infra-github-pr-merge-parameters
30 parameters:
31 - string:
32 name: repoName
33 default: '{repo-name}'
34 description: 'Name of the git repo. Populated by Generic Webhook Trigger'
35
36 - string:
37 name: repoUrl
38 default: '{repo-url}'
39 description: 'URL to the git repo. Populated by Generic Webhook Trigger'
40
41 - string:
42 name: branchName
43 default: '{branch}'
44 description: 'Branch of the project. Populated by Generic Webhook Trigger'
45
46 - string:
47 name: commitHash
48 default: '{sha1}'
49 description: 'SHA string of the merged commit. Populated by Generic Webhook Trigger'
50
51
Zack Williams3403ff42019-08-13 18:30:42 -0700[diff] [blame]52# control how long builds and artifact are retained
53# differs from lf-infra-properties as it retains artifacts
54- property:
55 name: onf-infra-properties
56 properties:
57 - build-discarder:
58 days-to-keep: '{build-days-to-keep}'
59 artifact-num-to-keep: '{artifact-num-to-keep}'
60
Carmelo Cascone81631ed2020-08-18 19:33:25 -0700[diff] [blame]61# Sets permissions for job to be visible to ONFStaff only.
62# Useful when running tools under NDA for which we don't have permission to
63# publish logs or output.
64- property:
65 name: onf-infra-onfstaff-private
66 properties:
67 - raw:
68 xml: |
69 <hudson.security.AuthorizationMatrixProperty>
70 <inheritanceStrategy class="org.jenkinsci.plugins.matrixauth.inheritance.NonInheritingStrategy"/>
71 <permission>com.cloudbees.plugins.credentials.CredentialsProvider.Create:JenkinsPowerusers</permission>
72 <permission>com.cloudbees.plugins.credentials.CredentialsProvider.Delete:JenkinsPowerusers</permission>
73 <permission>com.cloudbees.plugins.credentials.CredentialsProvider.ManageDomains:JenkinsPowerusers</permission>
74 <permission>com.cloudbees.plugins.credentials.CredentialsProvider.Update:JenkinsPowerusers</permission>
75 <permission>com.cloudbees.plugins.credentials.CredentialsProvider.View:JenkinsPowerusers</permission>
76 <permission>hudson.model.Item.Build:JenkinsPowerusers</permission>
77 <permission>hudson.model.Item.Cancel:JenkinsPowerusers</permission>
78 <permission>hudson.model.Item.Configure:JenkinsPowerusers</permission>
79 <permission>hudson.model.Item.Delete:JenkinsPowerusers</permission>
80 <permission>hudson.model.Item.Discover:JenkinsPowerusers</permission>
81 <permission>hudson.model.Item.ExtendedRead:JenkinsPowerusers</permission>
82 <permission>hudson.model.Item.Move:JenkinsPowerusers</permission>
83 <permission>hudson.model.Item.Read:JenkinsPowerusers</permission>
84 <permission>hudson.model.Item.Workspace:JenkinsPowerusers</permission>
85 <permission>hudson.model.Run.Delete:JenkinsPowerusers</permission>
86 <permission>hudson.model.Run.Replay:JenkinsPowerusers</permission>
87 <permission>hudson.model.Run.Update:JenkinsPowerusers</permission>
88 <permission>hudson.model.Item.Discover:ONFStaff</permission>
Carmelo Cascone9a4cbfa2020-08-19 23:11:50 -0700[diff] [blame]89 <permission>hudson.model.Item.Discover:anonymous</permission>
Carmelo Cascone81631ed2020-08-18 19:33:25 -0700[diff] [blame]90 <permission>hudson.model.Item.Read:ONFStaff</permission>
Carmelo Cascone9a4cbfa2020-08-19 23:11:50 -0700[diff] [blame]91 <permission>hudson.model.Item.ViewStatus:anonymous</permission>
Carmelo Cascone81631ed2020-08-18 19:33:25 -0700[diff] [blame]92 </hudson.security.AuthorizationMatrixProperty>
93
Zack Williams3403ff42019-08-13 18:30:42 -0700[diff] [blame]94# trigger on gerrit patchsets and actions
95# docs: https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.gerrit
96# Uses a regex based project match
97- trigger:
98 name: onf-infra-gerrit-trigger-patchset
99 triggers:
100 - gerrit:
101 server-name: '{gerrit-server-name}'
102 dependency-jobs: '{dependency-jobs}'
103 silent-start: true
104 trigger-on:
105 - patchset-created-event:
106 exclude-drafts: true
107 exclude-trivial-rebase: false
108 exclude-no-code-change: false
109 - draft-published-event
110 - comment-added-contains-event:
111 comment-contains-value: '(?i)^.*recheck$'
112 projects:
113 - project-compare-type: REG_EXP
114 project-pattern: '{project-regexp}'
115 branches:
116 - branch-compare-type: REG_EXP
117 branch-pattern: '{branch-regexp}'
118 file-paths:
119 - compare-type: REG_EXP
120 pattern: '{file-include-regexp}'
121
122
123# same as lf-infra-gerrit-scm, but allows checkouts to a subdir of $WORKSPACE
124# with the `basedir` option
125#
126# `basedir` serves the same function as `destination-dir` in the repo scm
127# macros, seems strange that they're named differently.
128- scm:
129 name: onf-infra-gerrit-scm
130 scm:
131 - git:
132 credentials-id: '{jenkins-ssh-credential}'
133 url: '{git-url}'
134 refspec: '{refspec}'
135 branches:
136 - 'refs/heads/{branch}'
Zack Williams3403ff42019-08-13 18:30:42 -0700[diff] [blame]137 wipe-workspace: true
138 submodule:
139 recursive: '{submodule-recursive}'
140 choosing-strategy: '{choosing-strategy}'
141 basedir: '{basedir}'
142
Carmelo Cascone81631ed2020-08-18 19:33:25 -0700[diff] [blame]143- scm:
144 name: onf-infra-github-ssh-scm
145 scm:
146 - lf-infra-github-scm:
147 url: "git@github.com:{github-organization}/{project}.git"
148 # To checkout PRs and branches
149 refspec: "+refs/heads/*:refs/remotes/origin/* +refs/pull/*:refs/remotes/origin/pr/*"
150 # Can be commit hash
151 branch: "{branch}"
152 submodule-recursive:
153 submodule-timeout:
154 submodule-disable:
155 choosing-strategy: default
156 jenkins-ssh-credential: "{ssh-credential}"
Zack Williams3403ff42019-08-13 18:30:42 -0700[diff] [blame]157
158# trigger for gerrit patch submission
159- trigger:
160 name: onf-infra-gerrit-trigger-merge
161 triggers:
162 - gerrit:
163 server-name: '{gerrit-server-name}'
164 dependency-jobs: '{dependency-jobs}'
165 silent-start: true
166 trigger-on:
167 - change-merged-event
168 projects:
169 - project-compare-type: REG_EXP
170 project-pattern: '{project-regexp}'
171 branches:
172 - branch-compare-type: REG_EXP
173 branch-pattern: '{branch-regexp}'
174 file-paths:
175 - compare-type: REG_EXP
176 pattern: '{file-include-regexp}'
177
178# wrapper to provide SSH key and fill in ~/.ssh/known_hosts file for use with rsync
179- wrapper:
180 name: onf-infra-rsync-wrappers
181 wrappers:
182 - mask-passwords
183 - timeout:
184 type: absolute
185 timeout: '{build-timeout}'
186 timeout-var: 'BUILD_TIMEOUT'
187 fail: true
188 - timestamps
189 - ssh-agent-credentials:
190 users:
191 - '{jenkins-ssh-credential}'
192 - config-file-provider:
193 files:
194 - file-id: known_hosts
195 target: '$HOME/.ssh/known_hosts'
196
pierventrefb03d642020-07-02 23:10:12 +0200[diff] [blame]197# publisher to clean up the workspace after the build whatever the result
198- publisher:
199 name: onf-infra-wscleanup-publisher
200 publishers:
201 - workspace-cleanup:
202 clean-if:
203 - success: true
204 - unstable: true
205 - failure: true
206 - aborted: true
207 - not-built: true
208 dirmatch: false
209 fail-build: true
210 clean-parent: false
211 disable-deferred-wipeout: false
Carmelo Cascone81631ed2020-08-18 19:33:25 -0700[diff] [blame]212
213# Trigger on GitHub pull requests
214# docs: https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.github-pull-request
215# Uses the standard 'ok to test', etc. commands per the plugin:
216# https://github.com/jenkinsci/ghprb-plugin
217- trigger:
218 name: onf-infra-github-pr-trigger
219 triggers:
220 - github-pull-request:
221 auth-id: '{github_pr_auth_id}'
222 github-hooks: true # Create github hooks automatically
223 cancel-builds-on-update: true
224 auto-close-on-fail: false
225 only-trigger-phrase: false
226 status-context: '{status_context}' # Name of testing system in PR
227 permit-all: false # don't trigger on every PR
228 org-list: '{obj:github_pr_org_list}'
229 allow-whitelist-orgs-as-admins: true
230
231# Trigger on GitHub PR merge
232# docs: https://docs.openstack.org/infra/jenkins-job-builder/triggers.html#triggers.generic-webhook-trigger
233- trigger:
234 name: onf-infra-github-pr-trigger-merge
235 triggers:
236 - generic-webhook-trigger:
237 post-content-params:
238 - type: JSONPath
239 key: action
240 value: $.action
241 - type: JSONPath
242 key: merged
243 value: $.pull_request.merged
244 - type: JSONPath
245 key: repoUrl
246 value: $.pull_request.base.repo.html_url
247 - type: JSONPath
248 key: repoName
249 value: $.pull_request.base.repo.name
250 - type: JSONPath
251 key: branchName
252 value: $.pull_request.base.ref
253 - type: JSONPath
254 key: commitHash
255 value: $.pull_request.merge_commit_sha
256 regex-filter-text: $action,$merged
257 regex-filter-expression: ^(closed,true)$
258 cause: Generic Cause
259 token: '{project}'