You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
217 lines
7.7 KiB
217 lines
7.7 KiB
#!groovy
|
|
|
|
library identifier: '3scale-toolbox-jenkins@openapi3',
|
|
retriever: modernSCM([$class: 'GitSCMSource',
|
|
remote: 'https://github.com/nmasse-itix/3scale-toolbox-jenkins.git',
|
|
traits: [[$class: 'jenkins.plugins.git.traits.BranchDiscoveryTrait']]])
|
|
|
|
def service = null
|
|
|
|
// dirty hack because of "zombie" services in 3scale
|
|
//def baseSystemName = toolbox.generateRandomBaseSystemName()
|
|
def baseSystemName = "library"
|
|
|
|
node("maven") {
|
|
stage('Checkout Source') {
|
|
checkout scm
|
|
//git url: "https://github.com/nmasse-itix/library-api.git"
|
|
}
|
|
|
|
stage('Pre-requisites') {
|
|
if (! fileExists('openapi.json')) {
|
|
|
|
echo """
|
|
There is no OpenAPI Specification file!
|
|
"""
|
|
|
|
error("Nothing to deploy!")
|
|
}
|
|
|
|
// Install pre-requisites
|
|
sh """
|
|
curl -L -o /tmp/jq https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64
|
|
chmod 755 /tmp/jq
|
|
"""
|
|
}
|
|
|
|
stage("Deploy API in Dev") {
|
|
// Prepare
|
|
service = toolbox.prepareThreescaleService(
|
|
openapi: [filename: "openapi.json" ],
|
|
environment: [ baseSystemName: baseSystemName,
|
|
environmentName: "dev",
|
|
oidcIssuerEndpoint: params.OIDC_ISSUER_ENDPOINT,
|
|
publicBasePath: "/",
|
|
privateBasePath: "/",
|
|
privateBaseUrl: params.PRIVATE_BASE_URL ],
|
|
toolbox: [ openshiftProject: params.NAMESPACE,
|
|
destination: params.TARGET_INSTANCE,
|
|
image: "quay.io/redhat/3scale-toolbox:v0.16.2",
|
|
activeDeadlineSeconds: 180,
|
|
insecure: params.DISABLE_TLS_VALIDATION == "yes",
|
|
secretName: params.SECRET_NAME],
|
|
service: [:],
|
|
applications: [
|
|
[ name: "petstore-app", description: "This is used for tests", plan: "test", account: "john" ]
|
|
],
|
|
applicationPlans: [
|
|
[ systemName: "test", name: "Test", defaultPlan: true, published: true ]
|
|
]
|
|
)
|
|
|
|
// A pre-release version needs to use the mock backend
|
|
if (service.openapi.majorVersion == "0") {
|
|
service.environment.privateBaseUrl = params.MOCK_SERVER
|
|
service.environment.privateBasePath = params.MOCK_URL
|
|
}
|
|
|
|
// Import OpenAPI
|
|
service.importOpenAPI()
|
|
echo "Service with system_name ${service.environment.targetSystemName} created !"
|
|
|
|
// Create an Application Plan
|
|
service.applyApplicationPlans()
|
|
|
|
// Create an Application
|
|
service.applyApplication()
|
|
|
|
// Promote to production
|
|
service.promoteToProduction()
|
|
}
|
|
|
|
// Terminate the pipeline earlier if the API is not yet production ready
|
|
if (service.openapi.majorVersion == "0") {
|
|
currentBuild.result = 'SUCCESS'
|
|
return
|
|
}
|
|
|
|
stage("Deploy API in Test") {
|
|
// Prepare
|
|
service = toolbox.prepareThreescaleService(
|
|
openapi: [filename: "openapi.json" ],
|
|
environment: [ baseSystemName: baseSystemName,
|
|
environmentName: "test",
|
|
oidcIssuerEndpoint: params.OIDC_ISSUER_ENDPOINT,
|
|
publicBasePath: "/",
|
|
privateBasePath: "/",
|
|
privateBaseUrl: params.PRIVATE_BASE_URL ],
|
|
toolbox: [ openshiftProject: params.NAMESPACE,
|
|
destination: params.TARGET_INSTANCE,
|
|
image: "quay.io/redhat/3scale-toolbox:v0.16.2",
|
|
activeDeadlineSeconds: 180,
|
|
insecure: params.DISABLE_TLS_VALIDATION == "yes",
|
|
secretName: params.SECRET_NAME],
|
|
service: [:],
|
|
applications: [
|
|
[ name: "petstore-app", description: "This is used for tests", plan: "test", account: "john" ]
|
|
],
|
|
applicationPlans: [
|
|
[ systemName: "test", name: "Test", defaultPlan: true, published: true ]
|
|
]
|
|
)
|
|
|
|
// Import OpenAPI
|
|
service.importOpenAPI()
|
|
echo "Service with system_name ${service.environment.targetSystemName} created !"
|
|
|
|
// Create an Application Plan
|
|
service.applyApplicationPlans()
|
|
|
|
// Create an Application
|
|
service.applyApplication()
|
|
|
|
// Run integration tests
|
|
runIntegrationTests(service)
|
|
|
|
// Promote to production
|
|
service.promoteToProduction()
|
|
}
|
|
|
|
stage("Deploy API in Prod") {
|
|
// Prepare
|
|
service = toolbox.prepareThreescaleService(
|
|
openapi: [filename: "openapi.json" ],
|
|
environment: [ baseSystemName: baseSystemName,
|
|
environmentName: "prod",
|
|
oidcIssuerEndpoint: params.OIDC_ISSUER_ENDPOINT,
|
|
publicBasePath: "/",
|
|
privateBasePath: "/",
|
|
privateBaseUrl: params.PRIVATE_BASE_URL ],
|
|
toolbox: [ openshiftProject: params.NAMESPACE,
|
|
destination: params.TARGET_INSTANCE,
|
|
image: "quay.io/redhat/3scale-toolbox:v0.16.2",
|
|
activeDeadlineSeconds: 180,
|
|
insecure: params.DISABLE_TLS_VALIDATION == "yes",
|
|
secretName: params.SECRET_NAME],
|
|
service: [:],
|
|
applications: [
|
|
[ name: "petstore-app", description: "This is used for tests", plan: "silver", account: "john" ]
|
|
],
|
|
applicationPlans: [
|
|
[ systemName: "gold", name: "Gold", defaultPlan: false, published: true ],
|
|
[ systemName: "silver", name: "Silver", defaultPlan: true, published: true ]
|
|
]
|
|
)
|
|
|
|
// Import OpenAPI
|
|
service.importOpenAPI()
|
|
echo "Service with system_name ${service.environment.targetSystemName} created !"
|
|
|
|
// Create an Application Plan
|
|
service.applyApplicationPlans()
|
|
|
|
// Create an Application
|
|
service.applyApplication()
|
|
|
|
// Promote to production
|
|
service.promoteToProduction()
|
|
}
|
|
|
|
}
|
|
|
|
def runIntegrationTests(def service) {
|
|
// To run the integration tests when using APIcast SaaS instances, we need
|
|
// to fetch the proxy definition to extract the staging public url
|
|
def proxy = service.readProxy("sandbox")
|
|
|
|
// The integration tests will be a bit different depending on the security scheme
|
|
// declared in the OpenAPI Specification file
|
|
def getCredentialsCodeSnippet = null
|
|
if (service.openapi.securityScheme.name() == "OPEN") {
|
|
getCredentialsCodeSnippet = """
|
|
credential_header="x-dummy: dummy"
|
|
echo "no credential will be used"
|
|
"""
|
|
} else if (service.openapi.securityScheme.name() == "APIKEY") {
|
|
def userkey = service.applications[0].userkey
|
|
getCredentialsCodeSnippet = """
|
|
credential_header="api-key: ${userkey}"
|
|
echo "userkey is ${userkey}"
|
|
"""
|
|
} else if (service.openapi.securityScheme.name() == "OIDC") {
|
|
def tokenEndpoint = getTokenEndpoint(params.OIDC_ISSUER_ENDPOINT)
|
|
def clientId = service.applications[0].clientId
|
|
def clientSecret = service.applications[0].clientSecret
|
|
getCredentialsCodeSnippet = """
|
|
echo "token endpoint is ${tokenEndpoint}"
|
|
echo "client_id=${clientId}"
|
|
echo "client_secret=${clientSecret}"
|
|
curl -sfk "${tokenEndpoint}" -d client_id="${clientId}" -d client_secret="${clientSecret}" -d scope=openid -d grant_type=client_credentials -o response.json
|
|
TOKEN="\$(/tmp/jq -r .access_token response.json)"
|
|
echo "Received access_token '\$TOKEN'"
|
|
credential_header="Authorization: Bearer \$TOKEN"
|
|
"""
|
|
}
|
|
|
|
// Run the actual tests
|
|
sh """set -e
|
|
echo "Public Staging Base URL is ${proxy.sandbox_endpoint}"
|
|
${getCredentialsCodeSnippet}
|
|
curl -sfk -w "authors: %{http_code}\n" -o /dev/null "${proxy.sandbox_endpoint}/authors" -H "\$credential_header"
|
|
"""
|
|
}
|
|
|
|
def getTokenEndpoint(String oidcIssuerEndpoint) {
|
|
def m = (oidcIssuerEndpoint =~ /(https?:\/\/)[^:]+:[^@]+@(.*)/)
|
|
return "${m[0][1]}${m[0][2]}/protocol/openid-connect/token"
|
|
}
|