lesavka/Jenkinsfile

pipeline {
  agent {
    kubernetes {
      label 'lesavka-tests'
      defaultContainer 'rust-ci'
      yaml """
apiVersion: v1
kind: Pod
spec:
  nodeSelector:
    kubernetes.io/arch: arm64
    node-role.kubernetes.io/worker: "true"
  containers:
    - name: rust-ci
      image: rust:1.88-bookworm
      command: ["cat"]
      tty: true
      volumeMounts:
        - name: workspace-volume
          mountPath: /home/jenkins/agent
  volumes:
    - name: workspace-volume
      emptyDir: {}
"""
    }
  }

  options {
    disableConcurrentBuilds()
    disableResume()
  }

  parameters {
    booleanParam(name: 'PUSH_IMAGES', defaultValue: false, description: 'Push images to registry (enable for release runs)')
    choice(name: 'LESAVKA_CI_PROFILE', choices: ['safe', 'daily', 'lab'], description: 'Safe is the normal non-disruptive gate; daily is intended for scheduled master/main runs; lab enables explicitly configured bare-metal probes.')
    booleanParam(name: 'RUN_DISRUPTIVE_INPUT_TESTS', defaultValue: false, description: 'Run virtual HID tests only on an isolated worker/session; these can emit keyboard/mouse events.')
    booleanParam(name: 'RUN_LAB_HARDWARE_GATES', defaultValue: false, description: 'Run opt-in bare-metal lab gates for Theia/Tethys/RCT probes when the Jenkins worker is prepared for them.')
    string(name: 'QUALITY_GATE_PUSHGATEWAY_URL', defaultValue: 'http://platform-quality-gateway.monitoring.svc.cluster.local:9091', description: 'Pushgateway base URL for quality gate metrics')
    string(name: 'REGISTRY_CREDENTIALS_ID', defaultValue: 'registry-bstein-dev', description: 'Jenkins credentials id for registry.bstein.dev')
  }

  environment {
    REGISTRY = 'registry.bstein.dev'
    IMAGE_PREFIX = "${REGISTRY}/lesavka"
    CARGO_TERM_COLOR = 'always'
    DOCKER_BUILDKIT = '1'
    LESAVKA_CI_PROFILE = "${params.LESAVKA_CI_PROFILE}"
  }

  stages {
    stage('Checkout') {
      steps {
        checkout scm
      }
    }

    stage('Bootstrap CI Toolchain') {
      steps {
        container('rust-ci') {
          sh '''
            set -eu
            apt-get update
            DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
              python3 \
              curl \
              file \
              clang \
              llvm \
              pkg-config \
              libssl-dev \
              ca-certificates \
              libgstreamer1.0-dev \
              libgstreamer-plugins-base1.0-dev \
              protobuf-compiler \
              libpango1.0-dev \
              libcairo2-dev \
              libgdk-pixbuf-2.0-dev \
              libgtk-4-dev
            rm -rf /var/lib/apt/lists/*
            rustup component add rustfmt llvm-tools-preview clippy
            git config --global --add safe.directory "$WORKSPACE"
            if ! cargo llvm-cov --version >/dev/null 2>&1; then
              cargo install --locked cargo-llvm-cov
            fi
          '''
        }
      }
    }

    stage('Daily Master Gate') {
      when {
        expression { return params.LESAVKA_CI_PROFILE == 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/daily_master_gate.sh'
        }
      }
    }

    stage('Style Docs LOC Naming') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'scripts/ci/hygiene_gate.sh'
        }
      }
    }

    stage('Coverage') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/quality_gate.sh'
        }
      }
    }

    stage('Tests') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/test_gate.sh'
        }
      }
    }

    stage('Performance') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/performance_gate.sh'
        }
      }
    }

    stage('Media Reliability') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/media_reliability_gate.sh'
        }
      }
    }

    stage('Input Transport (Isolated Opt-In)') {
      when {
        expression { return params.RUN_DISRUPTIVE_INPUT_TESTS }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" LESAVKA_ALLOW_DISRUPTIVE_INPUT_TESTS=1 scripts/ci/input_transport_gate.sh'
        }
      }
    }

    stage('Bare-Metal Lab Gates (Opt-In)') {
      when {
        expression { return params.RUN_LAB_HARDWARE_GATES || params.LESAVKA_CI_PROFILE == 'lab' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" LESAVKA_ALLOW_LAB_HARDWARE_TESTS=1 scripts/ci/baremetal_lab_gate.sh'
        }
      }
    }

    stage('Gate Glue') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/gate_glue_gate.sh'
        }
      }
    }

    stage('SonarQube') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/sonarqube_gate.sh'
        }
      }
    }

    stage('Build Dist') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'scripts/ci/build-dist.sh'
        }
      }
    }

    stage('Supply Chain Artifact Security') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' }
      }
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/supply_chain_gate.sh'
        }
      }
    }

    stage('Docker Login') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.PUSH_IMAGES }
      }
      steps {
        withCredentials([
          usernamePassword(
            credentialsId: params.REGISTRY_CREDENTIALS_ID,
            usernameVariable: 'REGISTRY_USER',
            passwordVariable: 'REGISTRY_PASS'
          )
        ]) {
          sh 'echo "$REGISTRY_PASS" | docker login "$REGISTRY" -u "$REGISTRY_USER" --password-stdin'
        }
      }
    }

    stage('Build Images') {
      when {
        expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.PUSH_IMAGES }
      }
      steps {
        sh 'PUSH_IMAGES=${PUSH_IMAGES} scripts/ci/build-images.sh'
      }
    }
  }

  post {
    always {
      script {
        try {
          archiveArtifacts artifacts: 'dist/**,target/test-gate/**,target/quality-gate/**,target/hygiene-gate/**,target/daily-master-gate/**,target/performance-gate/**,target/media-reliability-gate/**,target/input-transport-gate/**,target/baremetal-lab-gate/**,target/video-downstream-gate/**,target/gate-glue-gate/**,target/sonarqube-gate/**,target/supply-chain-gate/**', fingerprint: true, allowEmptyArchive: true
        } catch (Throwable err) {
          echo "archive step unavailable: ${err.class.simpleName}"
        }
      }
    }
  }
}
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`pipeline {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`agent {`
			`kubernetes {`
			`label 'lesavka-tests'`
			`defaultContainer 'rust-ci'`
			`yaml """`
			`apiVersion: v1`
			`kind: Pod`
			`spec:`
			`nodeSelector:`
			`kubernetes.io/arch: arm64`
			`node-role.kubernetes.io/worker: "true"`
			`containers:`
			`- name: rust-ci`
ci(lesavka): align Jenkins rust image with builders 2026-04-23 10:35:10 -03:00			`image: rust:1.88-bookworm`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`command: ["cat"]`
			`tty: true`
			`volumeMounts:`
			`- name: workspace-volume`
			`mountPath: /home/jenkins/agent`
			`volumes:`
			`- name: workspace-volume`
			`emptyDir: {}`
			`"""`
			`}`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00
			`options {`
			`disableConcurrentBuilds()`
ci: disable pipeline resume to avoid false-success after Jenkins restarts 2026-04-12 05:43:32 -03:00			`disableResume()`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`

			`parameters {`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`booleanParam(name: 'PUSH_IMAGES', defaultValue: false, description: 'Push images to registry (enable for release runs)')`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`choice(name: 'LESAVKA_CI_PROFILE', choices: ['safe', 'daily', 'lab'], description: 'Safe is the normal non-disruptive gate; daily is intended for scheduled master/main runs; lab enables explicitly configured bare-metal probes.')`
			`booleanParam(name: 'RUN_DISRUPTIVE_INPUT_TESTS', defaultValue: false, description: 'Run virtual HID tests only on an isolated worker/session; these can emit keyboard/mouse events.')`
			`booleanParam(name: 'RUN_LAB_HARDWARE_GATES', defaultValue: false, description: 'Run opt-in bare-metal lab gates for Theia/Tethys/RCT probes when the Jenkins worker is prepared for them.')`
ci: publish lesavka gate metrics with stable status labels 2026-04-10 16:38:41 -03:00			`string(name: 'QUALITY_GATE_PUSHGATEWAY_URL', defaultValue: 'http://platform-quality-gateway.monitoring.svc.cluster.local:9091', description: 'Pushgateway base URL for quality gate metrics')`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`string(name: 'REGISTRY_CREDENTIALS_ID', defaultValue: 'registry-bstein-dev', description: 'Jenkins credentials id for registry.bstein.dev')`
			`}`

			`environment {`
			`REGISTRY = 'registry.bstein.dev'`
			`IMAGE_PREFIX = "${REGISTRY}/lesavka"`
			`CARGO_TERM_COLOR = 'always'`
			`DOCKER_BUILDKIT = '1'`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`LESAVKA_CI_PROFILE = "${params.LESAVKA_CI_PROFILE}"`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`

			`stages {`
			`stage('Checkout') {`
			`steps {`
			`checkout scm`
			`}`
			`}`

ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`stage('Bootstrap CI Toolchain') {`
			`steps {`
			`container('rust-ci') {`
			`sh '''`
			`set -eu`
			`apt-get update`
			`DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \`
			`python3 \`
			`curl \`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`file \`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`clang \`
			`llvm \`
			`pkg-config \`
			`libssl-dev \`
lesavka/ci: fix apt multiline syntax for gstreamer deps 2026-04-12 06:29:14 -03:00			`ca-certificates \`
lesavka/ci: install gstreamer dev libs in Jenkins bootstrap 2026-04-12 06:27:26 -03:00			`libgstreamer1.0-dev \`
lesavka/ci: fix apt install block line continuations 2026-04-12 06:36:19 -03:00			`libgstreamer-plugins-base1.0-dev \`
lesavka/ci: fix protobuf line continuation in apt block 2026-04-12 06:44:41 -03:00			`protobuf-compiler \`
lesavka/ci: install pango/cairo/gdk-pixbuf dev deps 2026-04-12 06:44:14 -03:00			`libpango1.0-dev \`
			`libcairo2-dev \`
lesavka/ci: fix apt continuation for gtk4 package 2026-04-12 06:59:13 -03:00			`libgdk-pixbuf-2.0-dev \`
lesavka/ci: install libgtk-4-dev for gdk4-sys 2026-04-12 06:58:56 -03:00			`libgtk-4-dev`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`rm -rf /var/lib/apt/lists/*`
lesavka/ci: install clippy in Jenkins bootstrap 2026-04-12 06:22:15 -03:00			`rustup component add rustfmt llvm-tools-preview clippy`
lesavka/ci: mark Jenkins workspace as git safe.directory 2026-04-12 10:05:51 -03:00			`git config --global --add safe.directory "$WORKSPACE"`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`if ! cargo llvm-cov --version >/dev/null 2>&1; then`
			`cargo install --locked cargo-llvm-cov`
			`fi`
			`'''`
			`}`
			`}`
			`}`

release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`stage('Daily Master Gate') {`
			`when {`
			`expression { return params.LESAVKA_CI_PROFILE == 'daily' }`
			`}`
			`steps {`
			`container('rust-ci') {`
			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/daily_master_gate.sh'`
			`}`
			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('Style Docs LOC Naming') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`sh 'scripts/ci/hygiene_gate.sh'`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('Coverage') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/quality_gate.sh'`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('Tests') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
ci: centralize integration tests under testing 2026-04-10 17:00:33 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
fix(ci): stabilize hygiene and test gates 2026-04-21 21:38:22 -03:00			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/test_gate.sh'`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`}`
ci: centralize integration tests under testing 2026-04-10 17:00:33 -03:00			`}`
			`}`

release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`stage('Performance') {`
			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
			`steps {`
			`container('rust-ci') {`
			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/performance_gate.sh'`
			`}`
			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('Media Reliability') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/media_reliability_gate.sh'`
fix(ci): stabilize hygiene and test gates 2026-04-21 21:38:22 -03:00			`}`
			`}`
			`}`

release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`stage('Input Transport (Isolated Opt-In)') {`
			`when {`
			`expression { return params.RUN_DISRUPTIVE_INPUT_TESTS }`
			`}`
			`steps {`
			`container('rust-ci') {`
			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" LESAVKA_ALLOW_DISRUPTIVE_INPUT_TESTS=1 scripts/ci/input_transport_gate.sh'`
			`}`
			`}`
			`}`

			`stage('Bare-Metal Lab Gates (Opt-In)') {`
			`when {`
			`expression { return params.RUN_LAB_HARDWARE_GATES \|\| params.LESAVKA_CI_PROFILE == 'lab' }`
			`}`
			`steps {`
			`container('rust-ci') {`
			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" LESAVKA_ALLOW_LAB_HARDWARE_TESTS=1 scripts/ci/baremetal_lab_gate.sh'`
			`}`
			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('Gate Glue') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
fix(ci): stabilize hygiene and test gates 2026-04-21 21:38:22 -03:00			`steps {`
			`container('rust-ci') {`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/gate_glue_gate.sh'`
fix(ci): stabilize hygiene and test gates 2026-04-21 21:38:22 -03:00			`}`
			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('SonarQube') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
fix(ci): stabilize hygiene and test gates 2026-04-21 21:38:22 -03:00			`steps {`
			`container('rust-ci') {`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/sonarqube_gate.sh'`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: add ratcheting quality and hygiene gates 2026-04-10 15:56:18 -03:00			`stage('Build Dist') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
			`sh 'scripts/ci/build-dist.sh'`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`stage('Supply Chain Artifact Security') {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`when {`
			`expression { return params.LESAVKA_CI_PROFILE != 'daily' }`
			`}`
ci: add lesavka hygiene gate and launcher crash guard 2026-04-23 01:13:29 -03:00			`steps {`
			`container('rust-ci') {`
			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/supply_chain_gate.sh'`
			`}`
			`}`
			`}`

master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`stage('Docker Login') {`
			`when {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.PUSH_IMAGES }`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`steps {`
			`withCredentials([`
			`usernamePassword(`
			`credentialsId: params.REGISTRY_CREDENTIALS_ID,`
			`usernameVariable: 'REGISTRY_USER',`
			`passwordVariable: 'REGISTRY_PASS'`
			`)`
			`]) {`
			`sh 'echo "$REGISTRY_PASS" \| docker login "$REGISTRY" -u "$REGISTRY_USER" --password-stdin'`
			`}`
			`}`
			`}`

			`stage('Build Images') {`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`when {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`expression { return params.LESAVKA_CI_PROFILE != 'daily' && params.PUSH_IMAGES }`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
			`sh 'PUSH_IMAGES=${PUSH_IMAGES} scripts/ci/build-images.sh'`
			`}`
			`}`
			`}`

			`post {`
			`always {`
ci: make lesavka artifact archive tolerant when no workspace context 2026-04-12 05:25:43 -03:00			`script {`
			`try {`
release: ship 0.22.1 media transport hardening 2026-05-10 23:14:15 -03:00			`archiveArtifacts artifacts: 'dist/,target/test-gate/,target/quality-gate/,target/hygiene-gate/,target/daily-master-gate/,target/performance-gate/,target/media-reliability-gate/,target/input-transport-gate/,target/baremetal-lab-gate/,target/video-downstream-gate/,target/gate-glue-gate/,target/sonarqube-gate/,target/supply-chain-gate/**', fingerprint: true, allowEmptyArchive: true`
ci: make lesavka artifact archive tolerant when no workspace context 2026-04-12 05:25:43 -03:00			`} catch (Throwable err) {`
			`echo "archive step unavailable: ${err.class.simpleName}"`
			`}`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`
			`}`