Merge branch 'master' into bug/989-bitbucketservice-uses-deprecated-a…

…pi-call # Conflicts: # CHANGELOG.md
opendevstack · Feb 6, 2024 · e9f65e8 · e9f65e8
2 parents a771b5a + 25808a5
commit e9f65e8
Show file tree

Hide file tree

Showing 21 changed files with 252 additions and 1,131 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -8,3 +8,6 @@ updates:
     schedule:
       # Check for updates to GitHub Actions every week
       interval: "weekly"
+    labels:
+      - "dependencies"
+      - "skip changelog"
diff --git a/.github/workflows/changelog-enforcer.yml b/.github/workflows/changelog-enforcer.yml
@@ -8,7 +8,7 @@ jobs:
   changelog:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/[email protected].0
+      - uses: actions/[email protected].1
       - uses: dangoslen/changelog-enforcer@v3
         with:
           changeLogPath: 'CHANGELOG.md'

diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
@@ -7,15 +7,15 @@ jobs:
         runs-on: ubuntu-latest
         steps:
             - name: Checkout
-              uses: actions/[email protected].0
+              uses: actions/[email protected].1
 
             - name: check the value of github.workspace and runner.temp
               run: |
                 echo "github.workspace = ${{ github.workspace }}"
                 echo "runner.temp = ${{ runner.temp }}"
 
             - name: Set up OpenJDK 11
-              uses: actions/setup-java@v3
+              uses: actions/setup-java@v4
               with:
                 distribution: 'temurin'
                 java-version: '11'
@@ -41,14 +41,14 @@ jobs:
                   NO_NEXUS: true
 
             - name: CodeNarc Report
-              uses: actions/upload-artifact@v3
+              uses: actions/upload-artifact@v4
               if: ${{ always() }}
               with:
                   name: CodeNarc Report
                   path: build/reports/codenarc/main.html
 
             - name: Test Report
-              uses: actions/upload-artifact@v3
+              uses: actions/upload-artifact@v4
               if: ${{ always() }}
               with:
                   name: Test Report

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,13 +4,22 @@
 * Fix BitbucketService uses deprecated API call ([#989](https://github.com/opendevstack/ods-jenkins-shared-library/issues/989))
 * Add better documentation for Helm ([#1027](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1027))
 * Avoid Groovy string interpolation [#1030](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1030)
+* Fix documentation refers to qs with prefix infra- however there are only inf- quickstarters  ([#1060](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1060))
+* Fix Tailor deployment drifts for D, Q envs ([#1055](https://github.com/opendevstack/ods-jenkins-shared-library/pull/1055))
+* Aqua scanner and Helm deployment conflict fix for jenkins shared library ([#1067](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1067))
+
+## [4.3.3] - 2023-11-07
 
 ### Added
+* Add done boolean flag to data passed to the document template service ([#1048](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1048))
+* Add better documentation for Helm ([#1027](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1027))
 
 ### Changed
+* Remove drift alignment code and pause deploy mechanism ([#1054](https://github.com/opendevstack/ods-jenkins-shared-library/pull/1054))
 
 ### Fixed
 - Generate TRC document in D environment instead of Q ([#1029](https://github.com/opendevstack/ods-jenkins-shared-library/pull/1029))
+* Avoid Groovy string interpolation [#1030](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1030)
 
 ## [4.3.2] - 2023-10-02
 

diff --git a/docs/modules/jenkins-shared-library/pages/orchestration-pipeline.adoc b/docs/modules/jenkins-shared-library/pages/orchestration-pipeline.adoc
@@ -69,7 +69,7 @@ If you use this type ODS expects to find JUnit XML test results. If you do not h
 
 ==== Repository Type: ods-infra
 
-This type designates ODS components designed for _consuming on-prem or cloud services_ of arbitrary type using infrastructure as code. Such components are based on quickstarters whose names start with `infra-`.
+This type designates ODS components designed for _consuming on-prem or cloud services_ of arbitrary type using infrastructure as code. Such components are based on quickstarters whose names start with `inf-`.
 
 ==== Repository Type: ods-saas-service
 
@@ -159,7 +159,7 @@ alwaysPullImage: true
 ----
 
 By default the orchestration pipeline will create a pod based on the jenkins-base-agent image to do much of its work.
-In seldom cases, ususally with a lot of repositories, one may hit an out of memory error on the pod named 'mro-XX'. In this case the below 
+In seldom cases, ususally with a lot of repositories, one may hit an out of memory error on the pod named 'mro-XX'. In this case the below
 memory limit should be adjusted (defaulting to '1Gi')
 ----
 mroAgentMemoryLimit = "1Gi"

diff --git a/src/org/ods/component/HelmDeploymentStrategy.groovy b/src/org/ods/component/HelmDeploymentStrategy.groovy
@@ -3,7 +3,6 @@ package org.ods.component
 import groovy.json.JsonOutput
 import groovy.transform.TypeChecked
 import groovy.transform.TypeCheckingMode
-import org.ods.openshift.OpenShiftResourceMetadata
 import org.ods.services.JenkinsService
 import org.ods.services.OpenShiftService
 import org.ods.util.ILogger
@@ -104,10 +103,6 @@ class HelmDeploymentStrategy extends AbstractDeploymentStrategy {
             JsonOutput.prettyPrint(
                 JsonOutput.toJson(deploymentResources)))
 
-
-        Map<String,String> labels = showMandatoryLabels()
-        applyMandatoryLabels(labels, deploymentResources)
-
         // // FIXME: pauseRollouts is non trivial to determine!
         // // we assume that Helm does "Deployment" that should work for most
         // // cases since they don't have triggers.
@@ -117,62 +112,6 @@ class HelmDeploymentStrategy extends AbstractDeploymentStrategy {
         return rolloutData
     }
 
-    private void applyMandatoryLabels(Map<String, String> labels, Map<String, List<String>> deploymentResources) {
-        logger.debug("${this.class.name} -- MANDATORY LABELS")
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(labels)))
-        logger.debug("${this.class.name} -- MANDATORY LABELS (cleaned)")
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(labels)))
-        labels.remove { it -> it.value == null }
-        def resourcesToLabel = deploymentResources.collectMany { entry ->
-            entry.value.collect {
-                "${entry.key}/${it}"
-            }
-        }
-        logger.debug("${this.class.name} -- RESOURCE TO LABEL")
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(resourcesToLabel)))
-        resourcesToLabel.each { resourceToLabel ->
-            openShift.labelResources(context.targetProject, resourceToLabel, labels, null)
-        }
-
-        // Add OpenShiftResouceMetadata.strictEntries here to be sure we have them
-        if (context.triggeredByOrchestrationPipeline) {
-            def additionalLabels = [
-                'app.opendevstack.org/system-name': steps.env?.BUILD_PARAM_CONFIGITEM ?: null,
-                'app.opendevstack.org/project-version': steps.env?.BUILD_PARAM_CHANGEID ?: null,
-                'app.opendevstack.org/work-in-progress': steps.env?.BUILD_PARAM_VERSION == 'WIP' ?: null,
-            ]
-            resourcesToLabel.each { resourceToLabel ->
-                openShift.labelResources(context.targetProject, resourceToLabel, additionalLabels, null)
-            }
-        }
-
-    }
-
-    private def showMandatoryLabels() {
-        // FIXME: OpenShiftResourceMetadata.updateMetadata breaks
-        //  This happens because it, unconditionally, tries to reset some fields
-        def metadataSvc = new OpenShiftResourceMetadata(
-            steps,
-            context.properties,
-            options.properties,
-            logger,
-            openShift
-        )
-
-        // DEBUG what we consider "mandatory"
-        def metadata = metadataSvc.getMandatoryMetadata()
-        logger.debug(
-            JsonOutput.prettyPrint(
-                JsonOutput.toJson(metadata)))
-        return metadata
-    }
-
     private void helmUpgrade(String targetProject) {
         steps.dir(options.chartDir) {
             jenkins.maybeWithPrivateKeyCredentials(options.helmPrivateKeyCredentialsId) { String pkeyFile ->
@@ -255,4 +194,5 @@ class HelmDeploymentStrategy extends AbstractDeploymentStrategy {
         }
         rolloutData
     }
+
 }
diff --git a/src/org/ods/component/Pipeline.groovy b/src/org/ods/component/Pipeline.groovy
@@ -7,6 +7,7 @@ import org.ods.services.JenkinsService
 import org.ods.services.NexusService
 import org.ods.services.OpenShiftService
 import org.ods.services.ServiceRegistry
+import org.ods.services.TailorDeploymentException
 import org.ods.util.GitCredentialStore
 import org.ods.util.ILogger
 import org.ods.util.IPipelineSteps
@@ -270,6 +271,9 @@ class Pipeline implements Serializable {
                             logger.warn "Error: ${err}"
                             updateBuildStatus('FAILURE')
                             setBitbucketBuildStatus('FAILED')
+                            if (err instanceof TailorDeploymentException) {
+                                context.addArtifactURI('tailorFailure', 'true')
+                            }
                             if (notifyNotGreen) {
                                 doNotifyNotGreen(context.emailextRecipients)
                             }

diff --git a/src/org/ods/component/TailorDeploymentStrategy.groovy b/src/org/ods/component/TailorDeploymentStrategy.groovy
@@ -2,7 +2,6 @@ package org.ods.component
 
 import groovy.transform.TypeChecked
 import groovy.transform.TypeCheckingMode
-import org.ods.openshift.OpenShiftResourceMetadata
 import org.ods.services.JenkinsService
 import org.ods.services.OpenShiftService
 import org.ods.util.ILogger
@@ -97,45 +96,24 @@ class TailorDeploymentStrategy extends AbstractDeploymentStrategy {
         def originalDeploymentVersions = fetchOriginalVersions(deploymentResources)
 
         def refreshResources = false
-        def paused = false
-        try {
-            openShift.bulkPause(context.targetProject, deploymentResources)
-            paused = true
-
-            // Tag images which have been built in this pipeline from cd project into target project
-            retagImages(context.targetProject, getBuiltImages())
 
-            if (steps.fileExists(options.openshiftDir)) {
-                refreshResources = true
-                tailorApply(context.targetProject)
-            }
+        // Tag images which have been built in this pipeline from cd project into target project
+        retagImages(context.targetProject, getBuiltImages())
 
-            if (refreshResources) {
-                deploymentResources = openShift.getResourcesForComponent(
-                    context.targetProject, DEPLOYMENT_KINDS, options.selector
-                )
-            }
+        if (steps.fileExists(options.openshiftDir)) {
+            refreshResources = true
+            tailorApply(context.targetProject)
+        }
 
-            def metadata = new OpenShiftResourceMetadata(
-                steps,
-                context.properties,
-                options.properties,
-                logger,
-                openShift
+        if (refreshResources) {
+            deploymentResources = openShift.getResourcesForComponent(
+                context.targetProject, DEPLOYMENT_KINDS, options.selector
             )
-            metadata.updateMetadata(true, deploymentResources)
-
-            def rolloutData = rollout(deploymentResources, originalDeploymentVersions)
-            // FIXME: this is fugly as rollout(..) above will resume anyways and this leaks heavily
-            paused = false
-            logger.info(groovy.json.JsonOutput.prettyPrint(groovy.json.JsonOutput.toJson(rolloutData)))
-            return rolloutData
-
-        } finally {
-            if (paused) {
-                openShift.bulkResume(context.targetProject, DEPLOYMENT_KINDS, options.selector)
-            }
         }
+
+        def rolloutData = rollout(deploymentResources, originalDeploymentVersions)
+        logger.info(groovy.json.JsonOutput.prettyPrint(groovy.json.JsonOutput.toJson(rolloutData)))
+        return rolloutData
     }
 
     private void tailorApply(String targetProject) {