corda/.ci/dev/regression/Jenkinsfile

#!groovy
/**
 * Jenkins pipeline to build Corda OS release branches and tags.
 * PLEASE NOTE: we DO want to run a build for each commit!!!
 */
@Library('corda-shared-build-pipeline-steps')

import com.r3.build.utils.GitUtils
import com.r3.build.enums.SnykOrganisation
import com.r3.build.utils.SnykUtils

GitUtils gitUtils = new GitUtils(this)
SnykUtils snykUtils = new SnykUtils(this)
/**
 * Sense environment
 */
boolean isReleaseBranch = (env.BRANCH_NAME =~ /^release\/os\/.*/)
boolean isReleaseTag = (env.TAG_NAME =~ /^release-.*(?<!_JDK11)$/)
boolean isInternalRelease = (env.TAG_NAME =~ /^internal-release-.*$/)
boolean isReleaseCandidate = (env.TAG_NAME =~ /^(release-.*(RC|HC).*(?<!_JDK11))$/)
def buildEdition = (isReleaseTag || isReleaseCandidate) ? "Corda Community Edition" : "Corda Open Source"

/**
 * Common Gradle arguments for all Gradle executions
 */
String COMMON_GRADLE_PARAMS = [
        '--no-daemon',
        '--stacktrace',
        '--info',
        '-Pcompilation.warningsAsErrors=false',
        '-Ptests.failFast=true',
        '-DexcludeShell',
].join(' ')

pipeline {
    agent { label 'standard' }

    /*
     * List options in alphabetical order
     */
    options {
        buildDiscarder(logRotator(daysToKeepStr: '14', artifactDaysToKeepStr: '14'))
        parallelsAlwaysFailFast()
        timeout(time: 6, unit: 'HOURS')
        timestamps()
    }

    parameters {
        booleanParam defaultValue: true, description: 'Run tests during this build?', name: 'DO_TEST'
    }

    /*
     * List environment variables in alphabetical order
     */
    environment {
        ARTIFACTORY_BUILD_NAME = "Corda :: Publish :: Publish Release to Artifactory :: ${env.BRANCH_NAME}"
        ARTIFACTORY_CREDENTIALS = credentials('artifactory-credentials')
        CORDA_ARTIFACTORY_PASSWORD = "${env.ARTIFACTORY_CREDENTIALS_PSW}"
        CORDA_ARTIFACTORY_USERNAME = "${env.ARTIFACTORY_CREDENTIALS_USR}"
        CORDA_BUILD_EDITION = "${buildEdition}"
        CORDA_USE_CACHE = "corda-remotes"
        DOCKER_URL = "https://index.docker.io/v1/"
        EMAIL_RECIPIENTS = credentials('corda4-email-recipient')
        INTEGRATION_ID = credentials('snyk-artifactory-c4')
        SNYK_API_KEY = "c4-os-snyk" //Jenkins credential type: Snyk Api token
        SNYK_TOKEN = credentials('c4-os-snyk-api-token-secret') //Jenkins credential type: Secret text
        C4_OS_SNYK_ORG_ID = credentials('corda4-os-snyk-org-id')
    }

    stages {
        stage('Compile') {
            steps {
                authenticateGradleWrapper()
                sh script: [
                        './gradlew',
                        COMMON_GRADLE_PARAMS,
                        'clean',
                        'jar'
                ].join(' ')
            }
        }

        stage('Stash') {
            when {
                expression { params.DO_TEST }
            }
            steps {
                stash name: 'compiled', useDefaultExcludes: false
            }
        }

        stage('Snyk Security') {
            when {
                expression { isReleaseTag || isReleaseCandidate || isReleaseBranch }
            }
            steps {
                script {
                    // Invoke Snyk for each Gradle sub project we wish to scan
                    def modulesToScan = ['node', 'capsule']
                    modulesToScan.each { module ->
                        snykSecurityScan("${env.SNYK_API_KEY}", "--sub-project=$module --configuration-matching='^runtimeClasspath\$' --prune-repeated-subdependencies --debug --target-reference='${env.BRANCH_NAME}' --project-tags=Branch='${env.BRANCH_NAME.replaceAll("[^0-9|a-z|A-Z]+","_")}'")
                    }
                }
            }
        }

        stage('Generate Snyk License Report') {
            when {
                expression { isReleaseTag || isReleaseCandidate || isReleaseBranch }
            }
            steps {
                snykLicenseGeneration(env.SNYK_TOKEN, env.C4_OS_SNYK_ORG_ID)
            }
            post {
                always {
                    script {
                        archiveArtifacts artifacts: 'snyk-license-report/*-snyk-license-report.html', allowEmptyArchive: true, fingerprint: true
                    }
                }
            }
        }

        stage('All Tests') {
            when {
                expression { params.DO_TEST }
                beforeAgent true
            }
            parallel {
                stage('Another agent') {
                    agent {
                        label 'standard'
                    }
                    options {
                        skipDefaultCheckout true
                    }
                    stages {
                        stage('Unstash') {
                            steps {
                                unstash 'compiled'
                            }
                        }
                        stage('Recompile') {
                            steps {
                                authenticateGradleWrapper()
                                sh script: [
                                        './gradlew',
                                        COMMON_GRADLE_PARAMS,
                                        'jar'
                                ].join(' ')
                            }
                        }
                        stage('Unit Test') {
                            steps {
                                sh script: [
                                        './gradlew',
                                        COMMON_GRADLE_PARAMS,
                                        'test'
                                ].join(' ')
                            }
                        }
                        stage('Smoke Test') {
                            steps {
                                sh script: [
                                        './gradlew',
                                        COMMON_GRADLE_PARAMS,
                                        'smokeTest'
                                ].join(' ')
                            }
                        }
                        stage('Slow Integration Test') {
                            steps {
                                sh script: [
                                        './gradlew',
                                        COMMON_GRADLE_PARAMS,
                                        'slowIntegrationTest'
                                ].join(' ')
                            }
                        }
                    }
                }
                stage('Same agent') {
                    stages {
                        stage('Integration Test') {
                            steps {
                                sh script: [
                                        './gradlew',
                                        COMMON_GRADLE_PARAMS,
                                        'help'
                                ].join(' ')
                            }
                        }

                        stage('Deploy Node') {
                            steps {
                                sh script: [
                                        './gradlew',
                                        COMMON_GRADLE_PARAMS,
                                        'help'
                                ].join(' ')
                            }
                        }
                    }
                }
            }
        }

        stage('Publish to Artifactory') {
            when {
                expression {return false}
            }
            steps {
                rtServer(
                        id: 'R3-Artifactory',
                        url: 'https://software.r3.com/artifactory',
                        credentialsId: 'artifactory-credentials'
                )
                rtGradleDeployer(
                        id: 'deployer',
                        serverId: 'R3-Artifactory',
                        repo: 'corda-releases'
                )
                rtGradleRun(
                        usesPlugin: true,
                        useWrapper: true,
                        switches: '-s --info -DpublishApiDocs',
                        tasks: 'artifactoryPublish',
                        deployerId: 'deployer',
                        buildName: env.ARTIFACTORY_BUILD_NAME
                )
                rtPublishBuildInfo(
                        serverId: 'R3-Artifactory',
                        buildName: env.ARTIFACTORY_BUILD_NAME
                )
            }
        }

        stage('Publish Release Candidate to Internal Repository') {
            when {
                expression {return false}
            }
            steps {
                withCredentials([
                        usernamePassword(credentialsId: 'docker-image-pusher-os',
                                usernameVariable: 'DOCKER_USERNAME',
                                passwordVariable: 'DOCKER_PASSWORD')
                ]) {
                    sh script: [
                            './gradlew',
                            COMMON_GRADLE_PARAMS,
                            '-Pdocker.image.repository=entdocker.software.r3.com/corda',
                            'docker:pushDockerImage',
                            '--image OFFICIAL',
                            '--registry-url=entdocker.software.r3.com'
                            ].join(' ')
                }
            }
        }

        stage('Publish Release to Docker Hub') {
            when {
                expression {return false}
            }
            steps {
                withCredentials([
                        usernamePassword(credentialsId: 'corda-publisher-docker-hub-credentials',
                                usernameVariable: 'DOCKER_USERNAME',
                                passwordVariable: 'DOCKER_PASSWORD')
                ]) {
                    sh script: [
                            './gradlew',
                            COMMON_GRADLE_PARAMS,
                            'docker:pushDockerImage',
                            '-Pdocker.image.repository=corda/community',
                            '--image OFFICIAL'
                            ].join(' ')
                }
            }
        }
    }


}