lesavka/Jenkinsfile

pipeline {
  agent {
    kubernetes {
      label 'lesavka-tests'
      defaultContainer 'rust-ci'
      yaml """
apiVersion: v1
kind: Pod
spec:
  nodeSelector:
    kubernetes.io/arch: arm64
    node-role.kubernetes.io/worker: "true"
  containers:
    - name: rust-ci
      image: rust:1.87-bookworm
      command: ["cat"]
      tty: true
      volumeMounts:
        - name: workspace-volume
          mountPath: /home/jenkins/agent
  volumes:
    - name: workspace-volume
      emptyDir: {}
"""
    }
  }

  options {
    disableConcurrentBuilds()
    disableResume()
  }

  parameters {
    booleanParam(name: 'PUSH_IMAGES', defaultValue: false, description: 'Push images to registry (enable for release runs)')
    string(name: 'QUALITY_GATE_PUSHGATEWAY_URL', defaultValue: 'http://platform-quality-gateway.monitoring.svc.cluster.local:9091', description: 'Pushgateway base URL for quality gate metrics')
    string(name: 'REGISTRY_CREDENTIALS_ID', defaultValue: 'registry-bstein-dev', description: 'Jenkins credentials id for registry.bstein.dev')
  }

  environment {
    REGISTRY = 'registry.bstein.dev'
    IMAGE_PREFIX = "${REGISTRY}/lesavka"
    CARGO_TERM_COLOR = 'always'
    DOCKER_BUILDKIT = '1'
  }

  stages {
    stage('Checkout') {
      steps {
        checkout scm
      }
    }

    stage('Bootstrap CI Toolchain') {
      steps {
        container('rust-ci') {
          sh '''
            set -eu
            apt-get update
            DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
              python3 \
              curl \
              clang \
              llvm \
              pkg-config \
              libssl-dev \
              ca-certificates
            rm -rf /var/lib/apt/lists/*
            rustup component add rustfmt llvm-tools-preview clippy
            if ! cargo llvm-cov --version >/dev/null 2>&1; then
              cargo install --locked cargo-llvm-cov
            fi
          '''
        }
      }
    }

    stage('Format') {
      steps {
        container('rust-ci') {
          sh 'cargo fmt --all -- --check'
        }
      }
    }

    stage('Hygiene') {
      steps {
        container('rust-ci') {
          sh 'scripts/ci/hygiene_gate.sh'
        }
      }
    }

    stage('Testing') {
      steps {
        container('rust-ci') {
          sh 'cargo test -p lesavka_testing'
        }
      }
    }

    stage('Quality Gate') {
      steps {
        container('rust-ci') {
          sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/quality_gate.sh'
        }
      }
    }

    stage('Build Dist') {
      steps {
        container('rust-ci') {
          sh 'scripts/ci/build-dist.sh'
        }
      }
    }

    stage('Docker Login') {
      when {
        expression { return params.PUSH_IMAGES }
      }
      steps {
        withCredentials([
          usernamePassword(
            credentialsId: params.REGISTRY_CREDENTIALS_ID,
            usernameVariable: 'REGISTRY_USER',
            passwordVariable: 'REGISTRY_PASS'
          )
        ]) {
          sh 'echo "$REGISTRY_PASS" | docker login "$REGISTRY" -u "$REGISTRY_USER" --password-stdin'
        }
      }
    }

    stage('Build Images') {
      when {
        expression { return params.PUSH_IMAGES }
      }
      steps {
        sh 'PUSH_IMAGES=${PUSH_IMAGES} scripts/ci/build-images.sh'
      }
    }
  }

  post {
    always {
      script {
        try {
          archiveArtifacts artifacts: 'dist/*.tar.gz', fingerprint: true, allowEmptyArchive: true
        } catch (Throwable err) {
          echo "archive step unavailable: ${err.class.simpleName}"
        }
      }
    }
  }
}
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`pipeline {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`agent {`
			`kubernetes {`
			`label 'lesavka-tests'`
			`defaultContainer 'rust-ci'`
			`yaml """`
			`apiVersion: v1`
			`kind: Pod`
			`spec:`
			`nodeSelector:`
			`kubernetes.io/arch: arm64`
			`node-role.kubernetes.io/worker: "true"`
			`containers:`
			`- name: rust-ci`
ci: use rust 1.87 image for cargo-llvm-cov compatibility 2026-04-12 06:03:09 -03:00			`image: rust:1.87-bookworm`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`command: ["cat"]`
			`tty: true`
			`volumeMounts:`
			`- name: workspace-volume`
			`mountPath: /home/jenkins/agent`
			`volumes:`
			`- name: workspace-volume`
			`emptyDir: {}`
			`"""`
			`}`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00
			`options {`
			`disableConcurrentBuilds()`
ci: disable pipeline resume to avoid false-success after Jenkins restarts 2026-04-12 05:43:32 -03:00			`disableResume()`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`

			`parameters {`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`booleanParam(name: 'PUSH_IMAGES', defaultValue: false, description: 'Push images to registry (enable for release runs)')`
ci: publish lesavka gate metrics with stable status labels 2026-04-10 16:38:41 -03:00			`string(name: 'QUALITY_GATE_PUSHGATEWAY_URL', defaultValue: 'http://platform-quality-gateway.monitoring.svc.cluster.local:9091', description: 'Pushgateway base URL for quality gate metrics')`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`string(name: 'REGISTRY_CREDENTIALS_ID', defaultValue: 'registry-bstein-dev', description: 'Jenkins credentials id for registry.bstein.dev')`
			`}`

			`environment {`
			`REGISTRY = 'registry.bstein.dev'`
			`IMAGE_PREFIX = "${REGISTRY}/lesavka"`
			`CARGO_TERM_COLOR = 'always'`
			`DOCKER_BUILDKIT = '1'`
			`}`

			`stages {`
			`stage('Checkout') {`
			`steps {`
			`checkout scm`
			`}`
			`}`

ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`stage('Bootstrap CI Toolchain') {`
			`steps {`
			`container('rust-ci') {`
			`sh '''`
			`set -eu`
			`apt-get update`
			`DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \`
			`python3 \`
			`curl \`
			`clang \`
			`llvm \`
			`pkg-config \`
			`libssl-dev \`
			`ca-certificates`
			`rm -rf /var/lib/apt/lists/*`
lesavka/ci: install clippy in Jenkins bootstrap 2026-04-12 06:22:15 -03:00			`rustup component add rustfmt llvm-tools-preview clippy`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`if ! cargo llvm-cov --version >/dev/null 2>&1; then`
			`cargo install --locked cargo-llvm-cov`
			`fi`
			`'''`
			`}`
			`}`
			`}`

master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`stage('Format') {`
			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
			`sh 'cargo fmt --all -- --check'`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: add ratcheting quality and hygiene gates 2026-04-10 15:56:18 -03:00			`stage('Hygiene') {`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
			`sh 'scripts/ci/hygiene_gate.sh'`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: centralize integration tests under testing 2026-04-10 17:00:33 -03:00			`stage('Testing') {`
			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
			`sh 'cargo test -p lesavka_testing'`
			`}`
ci: centralize integration tests under testing 2026-04-10 17:00:33 -03:00			`}`
			`}`

ci: add ratcheting quality and hygiene gates 2026-04-10 15:56:18 -03:00			`stage('Quality Gate') {`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
			`sh 'QUALITY_GATE_PUSHGATEWAY_URL="${QUALITY_GATE_PUSHGATEWAY_URL}" scripts/ci/quality_gate.sh'`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

ci: add ratcheting quality and hygiene gates 2026-04-10 15:56:18 -03:00			`stage('Build Dist') {`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
ci: run lesavka pipeline on rust kubernetes agent 2026-04-12 05:59:13 -03:00			`container('rust-ci') {`
			`sh 'scripts/ci/build-dist.sh'`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`

			`stage('Docker Login') {`
			`when {`
			`expression { return params.PUSH_IMAGES }`
			`}`
			`steps {`
			`withCredentials([`
			`usernamePassword(`
			`credentialsId: params.REGISTRY_CREDENTIALS_ID,`
			`usernameVariable: 'REGISTRY_USER',`
			`passwordVariable: 'REGISTRY_PASS'`
			`)`
			`]) {`
			`sh 'echo "$REGISTRY_PASS" \| docker login "$REGISTRY" -u "$REGISTRY_USER" --password-stdin'`
			`}`
			`}`
			`}`

			`stage('Build Images') {`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`when {`
			`expression { return params.PUSH_IMAGES }`
			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`steps {`
			`sh 'PUSH_IMAGES=${PUSH_IMAGES} scripts/ci/build-images.sh'`
			`}`
			`}`
			`}`

			`post {`
			`always {`
ci: make lesavka artifact archive tolerant when no workspace context 2026-04-12 05:25:43 -03:00			`script {`
			`try {`
			`archiveArtifacts artifacts: 'dist/*.tar.gz', fingerprint: true, allowEmptyArchive: true`
			`} catch (Throwable err) {`
			`echo "archive step unavailable: ${err.class.simpleName}"`
			`}`
ci: default lesavka to quality-only runs and harden post archive 2026-04-12 05:18:42 -03:00			`}`
master: ship webcam hdmi path + secure paste + deploy tooling 2026-04-08 20:00:14 -03:00			`}`
			`}`
			`}`