Jenkinsfile

#!groovy
@Library('github.com/cloudogu/ces-build-lib@1.62.0')
import com.cloudogu.ces.cesbuildlib.*

// Creating necessary git objects
git = new Git(this, "cesmarvin")
git.committerName = 'cesmarvin'
git.committerEmail = 'cesmarvin@cloudogu.com'
gitflow = new GitFlow(this, git)
github = new GitHub(this, git)
changelog = new Changelog(this)
Docker docker = new Docker(this)
gpg = new Gpg(this, docker)

// Configuration of repository
repositoryOwner = "cloudogu"
repositoryName = "kubectl-ces-plugin"
project = "github.com/${repositoryOwner}/${repositoryName}"

// Configuration of branches
productionReleaseBranch = "main"
developmentBranch = "develop"
currentBranch = "${env.BRANCH_NAME}"

node('docker') {
    // make directory layout more predictable as go unit tests may fail with different directories
    def jobName = JOB_NAME.replaceAll("%2F",'_').toLowerCase().split("/")[-1]
    def jobNameShort = jobName.length() >= 10 ? jobName[0..10] : jobName
    ws( "workspace/${repositoryName}_${jobNameShort}_${BUILD_NUMBER}") {

        timestamps {
            stage('Checkout') {
                checkout scm
                make 'clean'
            }

            stage('Check Markdown Links') {
                Markdown markdown = new Markdown(this)
                markdown.check()
            }

            String directoryWithCIDockerFile = "ci/"
            docker = new Docker(this)
            docker.build("golang-with-tools", directoryWithCIDockerFile)
            docker.image("golang-with-tools")
                    .mountJenkinsUser()
                    .inside("--volume ${WORKSPACE}:/go/src/${project} -w /go/src/${project}") {

                        stage('Build') {
                            make 'compile'
                        }

                        stage("Unit test") {
                            make 'unit-test'
                            junit allowEmptyResults: true, testResults: 'target/unit-tests/*-tests.xml'
                        }

                        stage("Review dog analysis") {
                            stageStaticAnalysisReviewDog()
                        }
                    }

            stage('SonarQube') {
                stageStaticAnalysisSonarQube()
            }

            stageAutomaticRelease()
        }
    }
}

void gitWithCredentials(String command) {
    withCredentials([usernamePassword(credentialsId: 'cesmarvin', usernameVariable: 'GIT_AUTH_USR', passwordVariable: 'GIT_AUTH_PSW')]) {
        sh(
                script: "git -c credential.helper=\"!f() { echo username='\$GIT_AUTH_USR'; echo password='\$GIT_AUTH_PSW'; }; f\" " + command,
                returnStdout: true
        )
    }
}

void stageStaticAnalysisReviewDog() {
    def commitSha = sh(returnStdout: true, script: 'git rev-parse HEAD').trim()

    withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'sonarqube-gh', usernameVariable: 'USERNAME', passwordVariable: 'REVIEWDOG_GITHUB_API_TOKEN']]) {
        withEnv(["CI_PULL_REQUEST=${env.CHANGE_ID}", "CI_COMMIT=${commitSha}", "CI_REPO_OWNER=${repositoryOwner}", "CI_REPO_NAME=${repositoryName}"]) {
            make 'static-analysis-ci'
        }
    }
}

void stageStaticAnalysisSonarQube() {
    def scannerHome = tool name: 'sonar-scanner', type: 'hudson.plugins.sonar.SonarRunnerInstallation'
    withSonarQubeEnv {
        sh "git config 'remote.origin.fetch' '+refs/heads/*:refs/remotes/origin/*'"
        gitWithCredentials("fetch --all")

        if (currentBranch == productionReleaseBranch) {
            echo "This branch has been detected as the production branch."
            sh "${scannerHome}/bin/sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME}"
        } else if (currentBranch == developmentBranch) {
            echo "This branch has been detected as the development branch."
            sh "${scannerHome}/bin/sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME}"
        } else if (env.CHANGE_TARGET) {
            echo "This branch has been detected as a pull request."
            sh "${scannerHome}/bin/sonar-scanner -Dsonar.pullrequest.key=${env.CHANGE_ID} -Dsonar.pullrequest.branch=${env.CHANGE_BRANCH} -Dsonar.pullrequest.base=${developmentBranch}"
        } else if (currentBranch.startsWith("feature/")) {
            echo "This branch has been detected as a feature branch."
            sh "${scannerHome}/bin/sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME}"
        } else {
            echo "This branch has been detected as a miscellaneous branch."
            sh "${scannerHome}/bin/sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME} "
        }
    }
    timeout(time: 2, unit: 'MINUTES') { // Needed when there is no webhook for example
        def qGate = waitForQualityGate()
        if (qGate.status != 'OK') {
            unstable("Pipeline unstable due to SonarQube quality gate failure")
        }
    }
}

void stageAutomaticRelease() {
    if (gitflow.isReleaseBranch()) {
        String releaseVersion = git.getSimpleBranchName()
        String releaseBranch = git.getBranchName()

        stage('Cross-compile and package after Release') {
            // use different variable here as the object otherwise interferes with docker instances from the build-lib.
            Docker altDocker = new Docker(this)
            altDocker.image("golang-with-tools").mountJenkinsUser().inside("--volume ${WORKSPACE}:/go/src/${project} -w /go/src/${project}") {
                String krewManifest = "deploy/krew/plugin.yaml"
                git.checkout(releaseBranch)
                make 'clean krew-create-archives krew-collect'

                // The Krew manifest cannot be updated during the local release stage (aka make go-release)
                // because it needs the checksums of the cross-compiled archives. The archives are only built on
                // during the CI release stage.
                make 'krew-update-manifest-versions'
                git.add(krewManifest)
                // Commit before we call gitflow.finishRelease() so the local commit gets merged and pushed.
                git.commit("bump KREW manifest to version ${releaseVersion}; update checksums")

                make 'checksum'
            }
        }

        stage('Finish Release') {
            gitflow.finishRelease(releaseVersion, productionReleaseBranch)
        }

        stage('Sign after Release') {
            gpg.createSignature()
        }

        stage('Add Github-Release') {
            def releaseId = github.createReleaseWithChangelog(releaseVersion, changelog, productionReleaseBranch)
            github.addReleaseAsset("${releaseId}", "target/kubectl-ces_linux_amd64.tar.gz")
            github.addReleaseAsset("${releaseId}", "target/kubectl-ces_windows_amd64.zip")
            github.addReleaseAsset("${releaseId}", "target/kubectl-ces_darwin_amd64.tar.gz")
            github.addReleaseAsset("${releaseId}", "target/kubectl-ces.sha256sum")
            github.addReleaseAsset("${releaseId}", "target/kubectl-ces.sha256sum.asc")
        }
    }
}

void make(String makeArgs) {
    sh "make ${makeArgs}"
}