bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
titan-iac/services/logging/Jenkinsfile.data-prepper

534 lines
24 KiB
Plaintext
Raw Permalink Normal View History

logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
pipeline {
agent {
kubernetes {
yaml """
apiVersion: v1
kind: Pod
spec:
restartPolicy: Never
serviceAccountName: jenkins
nodeSelector:
node-role.kubernetes.io/worker: "true"
containers:
- name: git
image: alpine/git:2.47.1
command:
- cat
tty: true
ci(quality): run sonar and supply-chain scans
2026-04-21 22:09:06 -03:00
- name: quality-tools
ci(quality): use preloaded scanner image
2026-04-21 22:50:32 -03:00
image: registry.bstein.dev/bstein/quality-tools:sonar8.0.1-trivy0.70.0-db20260422-arm64
ci(quality): run sonar and supply-chain scans
2026-04-21 22:09:06 -03:00
command:
- cat
tty: true
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
- name: kaniko
logging: use kaniko debug image
2026-01-10 05:22:27 -03:00
image: gcr.io/kaniko-project/executor:v1.23.2-debug
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
command:
- /busybox/cat
tty: true
resources:
requests:
ci(data-prepper): lower kaniko cpu request
2026-04-21 15:25:47 -03:00
cpu: "100m"
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
memory: "1Gi"
limits:
cpu: "1500m"
memory: "2Gi"
"""
}
}
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
environment {
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
SUITE_NAME = 'data_prepper'
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
PUSHGATEWAY_URL = 'http://platform-quality-gateway.monitoring.svc.cluster.local:9091'
jenkins(sonar): wire defaults and observe-mode toggles
2026-04-19 21:29:56 -03:00
SONARQUBE_HOST_URL = 'http://sonarqube.quality.svc.cluster.local:9000'
SONARQUBE_PROJECT_KEY = 'data_prepper'
ci(quality): bind sonarqube token credential in pipelines
2026-04-21 20:16:59 -03:00
SONARQUBE_TOKEN = credentials('sonarqube-token')
ci(quality): enforce sonar and supply-chain gates
2026-04-22 01:29:54 -03:00
QUALITY_GATE_SONARQUBE_ENFORCE = '1'
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
QUALITY_GATE_SONARQUBE_REPORT = 'build/sonarqube-quality-gate.json'
ci(quality): enforce sonar and supply-chain gates
2026-04-22 01:29:54 -03:00
QUALITY_GATE_IRONBANK_ENFORCE = '1'
ci(gate): enforce sonar and supply-chain checks across suites
2026-04-19 21:16:28 -03:00
QUALITY_GATE_IRONBANK_REQUIRED = '1'
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
QUALITY_GATE_IRONBANK_REPORT = 'build/ironbank-compliance.json'
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
}
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
parameters {
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
string(name: 'HARBOR_REPO', defaultValue: 'registry.bstein.dev/streaming/data-prepper', description: 'Docker repository for Data Prepper')
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
string(name: 'IMAGE_TAG', defaultValue: '2.8.0', description: 'Image tag to publish')
booleanParam(name: 'PUSH_LATEST', defaultValue: true, description: 'Also push the latest tag')
}
ci(data-prepper): add retention and archive quality artifacts
2026-04-20 10:49:54 -03:00
options {
disableConcurrentBuilds()
buildDiscarder(logRotator(daysToKeepStr: '30', numToKeepStr: '200', artifactDaysToKeepStr: '30', artifactNumToKeepStr: '120'))
}
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
stages {
stage('Checkout') {
steps {
container('git') {
checkout scm
}
}
}
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
stage('Collect quality evidence') {
steps {
ci(quality): run sonar and supply-chain scans
2026-04-21 22:09:06 -03:00
container('quality-tools') {
sh '''#!/usr/bin/env bash
set -euo pipefail
mkdir -p build
args=(
"-Dsonar.host.url=${SONARQUBE_HOST_URL}"
ci(quality): pass sonar token as login
2026-04-21 22:17:55 -03:00
"-Dsonar.login=${SONARQUBE_TOKEN}"
ci(quality): run sonar and supply-chain scans
2026-04-21 22:09:06 -03:00
"-Dsonar.projectKey=${SONARQUBE_PROJECT_KEY}"
"-Dsonar.projectName=${SONARQUBE_PROJECT_KEY}"
"-Dsonar.sources=services/logging,dockerfiles"
"-Dsonar.inclusions=services/logging/Jenkinsfile.data-prepper,dockerfiles/Dockerfile.data-prepper"
"-Dsonar.exclusions=**/.git/**,**/build/**,**/dist/**,**/node_modules/**,**/.venv/**,**/__pycache__/**"
)
set +e
sonar-scanner "${args[@]}" | tee build/sonar-scanner.log
sonar_rc=${PIPESTATUS[0]}
ci(data-prepper): harden quality evidence helpers
2026-04-22 12:58:27 -03:00
sonar_report="${QUALITY_GATE_SONARQUBE_REPORT:-build/sonarqube-quality-gate.json}"
host="${SONARQUBE_HOST_URL%/}"
query="$(printf '%s' "${SONARQUBE_PROJECT_KEY}" | sed 's/ /%20/g')"
sonar_ok=0
if [ -n "${SONARQUBE_TOKEN:-}" ]; then
auth="$(printf '%s:' "${SONARQUBE_TOKEN}" | base64 | tr -d '\\n')"
if command -v curl >/dev/null 2>&1; then
curl -fsS -H "Authorization: Basic ${auth}" "${host}/api/qualitygates/project_status?projectKey=${query}" > "${sonar_report}" && sonar_ok=1
elif command -v wget >/dev/null 2>&1; then
wget -qO "${sonar_report}" --header="Authorization: Basic ${auth}" "${host}/api/qualitygates/project_status?projectKey=${query}" && sonar_ok=1
fi
elif command -v curl >/dev/null 2>&1; then
curl -fsS "${host}/api/qualitygates/project_status?projectKey=${query}" > "${sonar_report}" && sonar_ok=1
elif command -v wget >/dev/null 2>&1; then
wget -qO "${sonar_report}" "${host}/api/qualitygates/project_status?projectKey=${query}" && sonar_ok=1
fi
if [ "${sonar_ok}" -ne 1 ]; then
cat > "${sonar_report}" <<EOF
{
"status": "ERROR",
"error": "sonarqube query failed"
}
EOF
fi
ci(data-prepper): scan staged supply-chain inputs
2026-04-21 23:29:50 -03:00
scan_root=build/data-prepper-supply-chain-scan
rm -rf "${scan_root}"
mkdir -p "${scan_root}/dockerfiles" "${scan_root}/services/logging"
cp dockerfiles/Dockerfile.data-prepper "${scan_root}/dockerfiles/Dockerfile.data-prepper"
cp services/logging/Jenkinsfile.data-prepper "${scan_root}/services/logging/Jenkinsfile.data-prepper"
trivy fs --cache-dir "${TRIVY_CACHE_DIR}" --skip-db-update --timeout 5m --no-progress --format json --output build/trivy-fs.json --scanners vuln,secret,misconfig --severity HIGH,CRITICAL "${scan_root}"
ci(quality): run sonar and supply-chain scans
2026-04-21 22:09:06 -03:00
trivy_rc=$?
set -e
printf '%s\n' "${sonar_rc}" > build/sonarqube-analysis.rc
if [ ! -s build/trivy-fs.json ]; then
cat > build/ironbank-compliance.json <<EOF
{"status":"failed","compliant":false,"scanner":"trivy","scan_type":"filesystem","error":"trivy did not produce JSON output","trivy_rc":${trivy_rc}}
EOF
exit 0
fi
critical="$(jq '[.Results[]? | .Vulnerabilities[]? | select(.Severity=="CRITICAL")] | length' build/trivy-fs.json)"
high="$(jq '[.Results[]? | .Vulnerabilities[]? | select(.Severity=="HIGH")] | length' build/trivy-fs.json)"
secrets="$(jq '[.Results[]? | .Secrets[]?] | length' build/trivy-fs.json)"
misconfigs="$(jq '[.Results[]? | .Misconfigurations[]? | select(.Status=="FAIL" and (.Severity=="CRITICAL" or .Severity=="HIGH"))] | length' build/trivy-fs.json)"
status=ok
compliant=true
if [ "${critical}" -gt 0 ] || [ "${secrets}" -gt 0 ] || [ "${misconfigs}" -gt 0 ]; then
status=failed
compliant=false
fi
jq -n --arg status "${status}" --argjson compliant "${compliant}" --argjson critical "${critical}" --argjson high "${high}" --argjson secrets "${secrets}" --argjson misconfigs "${misconfigs}" --argjson trivy_rc "${trivy_rc}" \
'{status:$status, compliant:$compliant, category:"image_compliance", scan_type:"filesystem", scanner:"trivy", critical_vulnerabilities:$critical, high_vulnerabilities:$high, secrets:$secrets, high_or_critical_misconfigurations:$misconfigs, trivy_rc:$trivy_rc, high_vulnerability_policy:"observe"}' > build/ironbank-compliance.json
'''
}
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
container('git') {
sh '''
set -euo pipefail
apk add --no-cache curl jq >/dev/null 2>&1 || true
mkdir -p build
sonar_report="${QUALITY_GATE_SONARQUBE_REPORT:-build/sonarqube-quality-gate.json}"
if [ ! -f "${sonar_report}" ]; then
if [ -n "${SONARQUBE_HOST_URL:-}" ] && [ -n "${SONARQUBE_PROJECT_KEY:-}" ]; then
host="${SONARQUBE_HOST_URL%/}"
query="$(printf '%s' "${SONARQUBE_PROJECT_KEY}" | sed 's/ /%20/g')"
sonar_ok=0
if [ -n "${SONARQUBE_TOKEN:-}" ]; then
auth="$(printf '%s:' "${SONARQUBE_TOKEN}" | base64 | tr -d '\\n')"
if curl -fsS -H "Authorization: Basic ${auth}" "${host}/api/qualitygates/project_status?projectKey=${query}" > "${sonar_report}"; then
sonar_ok=1
fi
else
if curl -fsS "${host}/api/qualitygates/project_status?projectKey=${query}" > "${sonar_report}"; then
sonar_ok=1
fi
fi
if [ "${sonar_ok}" -ne 1 ]; then
cat > "${sonar_report}" <<EOF
{
"status": "ERROR",
"error": "sonarqube query failed"
}
EOF
fi
else
cat > "${sonar_report}" <<EOF
{
"status": "ERROR",
"note": "missing SONARQUBE_HOST_URL and/or SONARQUBE_PROJECT_KEY"
}
EOF
fi
fi
ironbank_report="${QUALITY_GATE_IRONBANK_REPORT:-build/ironbank-compliance.json}"
if [ ! -f "${ironbank_report}" ]; then
status="${IRONBANK_COMPLIANCE_STATUS:-unknown}"
compliant="${IRONBANK_COMPLIANT:-}"
if [ -n "${compliant}" ]; then
compliant_lc="$(printf '%s' "${compliant}" | tr '[:upper:]' '[:lower:]')"
compliant_json="null"
case "${compliant_lc}" in
1|true|yes|on) compliant_json="true" ;;
0|false|no|off) compliant_json="false" ;;
esac
cat > "${ironbank_report}" <<EOF
{
"status": "${status}",
"compliant": ${compliant_json},
"note": "Set IRONBANK_COMPLIANCE_STATUS/IRONBANK_COMPLIANT or write build/ironbank-compliance.json in image-building repos."
}
EOF
else
cat > "${ironbank_report}" <<EOF
{
"status": "${status}",
"note": "Set IRONBANK_COMPLIANCE_STATUS/IRONBANK_COMPLIANT or write build/ironbank-compliance.json in image-building repos."
}
EOF
fi
fi
'''
}
logging/ci: make data-prepper image publish opt-in
2026-04-10 06:53:14 -03:00
}
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
}
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
stage('Validation tests') {
steps {
container('git') {
sh '''#!/usr/bin/env sh
set -eu
mkdir -p build
failures=0
cases=""
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
dockerfile_present_status="skipped"
pipeline_config_present_status="skipped"
logging_kustomization_includes_data_prepper_status="skipped"
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
add_case() {
name="$1"
message="$2"
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
status="passed"
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
if [ -n "${message}" ]; then
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
status="failed"
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
failures=$((failures + 1))
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
cases="${cases}"'<testcase classname="data_prepper.packaging" name="'"${name}"'"><failure message="'"${message}"'" /></testcase>'
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
else
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
cases="${cases}"'<testcase classname="data_prepper.packaging" name="'"${name}"'" />'
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
fi
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
case "${name}" in
dockerfile_present) dockerfile_present_status="${status}" ;;
pipeline_config_present) pipeline_config_present_status="${status}" ;;
logging_kustomization_includes_data_prepper) logging_kustomization_includes_data_prepper_status="${status}" ;;
esac
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
}
if [ -s dockerfiles/Dockerfile.data-prepper ]; then
add_case "dockerfile_present" ""
else
add_case "dockerfile_present" "dockerfiles/Dockerfile.data-prepper is missing or empty"
fi
if [ -s services/logging/scripts/data_prepper_pipelines.yaml ]; then
add_case "pipeline_config_present" ""
else
add_case "pipeline_config_present" "data_prepper_pipelines.yaml is missing or empty"
fi
ci(data-prepper): harden quality evidence helpers
2026-04-22 12:58:27 -03:00
kustomization_contents="$(cat services/logging/kustomization.yaml 2>/dev/null || true)"
case "${kustomization_contents}" in
*data-prepper-helmrelease.yaml*) add_case "logging_kustomization_includes_data_prepper" "" ;;
*) add_case "logging_kustomization_includes_data_prepper" "services/logging/kustomization.yaml does not include data-prepper HelmRelease" ;;
esac
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
cat > build/junit-data-prepper.xml <<EOF
<testsuite name="data_prepper.packaging" tests="3" failures="${failures}" errors="0" skipped="0">
${cases}
</testsuite>
EOF
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
passed=$((3 - failures))
cat > build/test-counts.env <<EOF
test_passed_count=${passed}
test_failed_count=${failures}
test_error_count=0
test_skipped_count=0
EOF
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
cat > build/testcase-status.env <<EOF
dockerfile_present_status=${dockerfile_present_status}
pipeline_config_present_status=${pipeline_config_present_status}
logging_kustomization_includes_data_prepper_status=${logging_kustomization_includes_data_prepper_status}
EOF
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
if [ "${failures}" -ne 0 ]; then
exit 1
fi
'''
}
}
}
ci(gate): enforce sonar and supply-chain checks across suites
2026-04-19 21:16:28 -03:00
stage('Enforce quality gate') {
steps {
container('git') {
sh '''
set -euo pipefail
apk add --no-cache jq >/dev/null 2>&1 || true
fail=0
enabled() {
case "$(printf '%s' "${1:-}" | tr '[:upper:]' '[:lower:]')" in
1|true|yes|on) return 0 ;;
*) return 1 ;;
esac
}
if enabled "${QUALITY_GATE_SONARQUBE_ENFORCE:-1}"; then
sonar_status="$(jq -r '.status // .projectStatus.status // .qualityGate.status // empty' build/sonarqube-quality-gate.json 2>/dev/null | tr '[:upper:]' '[:lower:]')"
[ -n "${sonar_status}" ] || sonar_status="missing"
case "${sonar_status}" in
ok|pass|passed|success) ;;
*)
echo "sonarqube gate failed: ${sonar_status}" >&2
fail=1
;;
esac
fi
if enabled "${QUALITY_GATE_IRONBANK_ENFORCE:-1}"; then
ironbank_required="${QUALITY_GATE_IRONBANK_REQUIRED:-1}"
compliant="$(jq -r '.compliant // empty' build/ironbank-compliance.json 2>/dev/null || true)"
supply_status=""
if [ "${compliant}" = "true" ]; then
supply_status="ok"
elif [ "${compliant}" = "false" ]; then
supply_status="failed"
else
supply_status="$(jq -r '.status // .result // .compliance // empty' build/ironbank-compliance.json 2>/dev/null | tr '[:upper:]' '[:lower:]')"
fi
[ -n "${supply_status}" ] || supply_status="missing"
case "${supply_status}" in
ok|pass|passed|success|compliant) ;;
not_applicable|na|n/a)
if enabled "${ironbank_required}"; then
echo "supply chain gate required but status=${supply_status}" >&2
fail=1
fi
;;
*)
if enabled "${ironbank_required}"; then
echo "supply chain gate failed: ${supply_status}" >&2
fail=1
else
echo "supply chain gate not passing (${supply_status}) but not required for this run" >&2
fi
;;
esac
fi
exit "${fail}"
'''
}
}
}
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
stage('Build & Push') {
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
steps {
container('kaniko') {
jenkins(logging): split streaming harbor credentials
2026-04-19 22:40:56 -03:00
withCredentials([usernamePassword(credentialsId: 'harbor-robot-streaming', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD')]) {
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
sh '''
set -euo pipefail
ci: fix data-prepper defaults and restore metrics publisher coverage
2026-04-19 21:57:40 -03:00
IMAGE_TAG="${IMAGE_TAG:-2.8.0}"
PUSH_LATEST="${PUSH_LATEST:-true}"
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
if [ -z "${HARBOR_REPO:-}" ] || [ "${HARBOR_REPO}" = "registry.bstein.dev/monitoring/data-prepper" ]; then
HARBOR_REPO="registry.bstein.dev/streaming/data-prepper"
logging: force data-prepper repo override
2026-01-10 05:42:39 -03:00
fi
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
mkdir -p /kaniko/.docker
ref_host="$(echo "${HARBOR_REPO}" | cut -d/ -f1)"
auth="$(printf "%s:%s" "${HARBOR_USERNAME}" "${HARBOR_PASSWORD}" | base64 | tr -d '\\n')"
cat > /kaniko/.docker/config.json <<EOF
{
"auths": {
"${ref_host}": {
"auth": "${auth}"
}
}
}
EOF
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
dest_args="--destination ${HARBOR_REPO}:${IMAGE_TAG}"
if [ "${PUSH_LATEST}" = "true" ]; then
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
dest_args="${dest_args} --destination ${HARBOR_REPO}:latest"
fi
/kaniko/executor \
--context "${WORKSPACE}" \
--dockerfile "${WORKSPACE}/dockerfiles/Dockerfile.data-prepper" \
--verbosity info \
${dest_args}
'''
}
}
}
}
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
}
post {
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
always {
script {
env.QUALITY_OUTCOME = currentBuild.currentResult == 'SUCCESS' ? 'ok' : 'failed'
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
}
container('git') {
sh '''
set -euo pipefail
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
apk add --no-cache curl jq >/dev/null 2>&1 || true
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
suite="${SUITE_NAME}"
gateway="${PUSHGATEWAY_URL}"
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
status="${QUALITY_OUTCOME:-failed}"
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
fetch_counter() {
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
status_name="$1"
line="$(curl -fsS "${gateway}/metrics" 2>/dev/null | awk -v suite="${suite}" -v status="${status_name}" '
jenkins: fix pipeline portability and jellyfin option compatibility
2026-04-10 05:41:00 -03:00
/platform_quality_gate_runs_total/ {
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
if (index($0, "job=\\"platform-quality-ci\\"") && index($0, "suite=\\"" suite "\\"") && index($0, "status=\\"" status "\\"")) {
print $2
exit
}
}
' || true)"
[ -n "${line}" ] && printf '%s\n' "${line}" || printf '0\n'
}
ok_count="$(fetch_counter ok)"
failed_count="$(fetch_counter failed)"
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
if [ "${status}" = "ok" ]; then
ok_count=$((ok_count + 1))
else
failed_count=$((failed_count + 1))
fi
sonarqube_check="not_applicable"
if [ -f build/sonarqube-quality-gate.json ]; then
sonar_status="$(jq -r '.status // .projectStatus.status // .qualityGate.status // empty' build/sonarqube-quality-gate.json 2>/dev/null | tr '[:upper:]' '[:lower:]')"
if [ -n "${sonar_status}" ]; then
case "${sonar_status}" in
ok|pass|passed|success) sonarqube_check="ok" ;;
*) sonarqube_check="failed" ;;
esac
else
sonarqube_check="failed"
fi
fi
supply_chain_check="not_applicable"
if [ -f build/ironbank-compliance.json ]; then
compliant="$(jq -r '.compliant // empty' build/ironbank-compliance.json 2>/dev/null)"
if [ "${compliant}" = "true" ]; then
supply_chain_check="ok"
elif [ "${compliant}" = "false" ]; then
supply_chain_check="failed"
else
ironbank_status="$(jq -r '.status // .result // .compliance // empty' build/ironbank-compliance.json 2>/dev/null | tr '[:upper:]' '[:lower:]')"
case "${ironbank_status}" in
ok|pass|passed|success|compliant) supply_chain_check="ok" ;;
"") supply_chain_check="failed" ;;
*) supply_chain_check="failed" ;;
esac
fi
fi
gate_glue_check="ok"
if [ "${status}" != "ok" ]; then
gate_glue_check="failed"
fi
monitoring(testing): link test metrics to build artifacts
2026-04-21 11:39:13 -03:00
metric_branch_raw="${BRANCH_NAME:-${GIT_BRANCH:-unknown}}"
metric_branch_raw="${metric_branch_raw#origin/}"
metric_branch="$(printf '%s' "${metric_branch_raw}" | jq -Rsa . | sed -e 's/^"//' -e 's/"$//')"
monitoring(testing): add branch evidence panels
2026-04-21 09:35:43 -03:00
metric_build_number="$(printf '%s' "${BUILD_NUMBER:-unknown}" | jq -Rsa . | sed -e 's/^"//' -e 's/"$//')"
monitoring(testing): link test metrics to build artifacts
2026-04-21 11:39:13 -03:00
metric_jenkins_job="$(printf '%s' "${JOB_NAME:-data-prepper}" | jq -Rsa . | sed -e 's/^"//' -e 's/"$//')"
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
export METRIC_SUITE="${suite}"
export METRIC_BRANCH_RAW="${metric_branch_raw}"
export METRIC_BUILD_NUMBER_RAW="${BUILD_NUMBER:-unknown}"
export METRIC_JENKINS_JOB_RAW="${JOB_NAME:-data-prepper}"
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
if [ ! -s build/test-counts.env ] || [ ! -s build/testcase-status.env ]; then
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
cat > build/test-counts.env <<EOF
test_passed_count=0
test_failed_count=0
test_error_count=0
test_skipped_count=1
EOF
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
cat > build/testcase-status.env <<EOF
dockerfile_present_status=skipped
pipeline_config_present_status=skipped
logging_kustomization_includes_data_prepper_status=skipped
EOF
fi
. build/testcase-status.env
if [ "${dockerfile_present_status}" = "skipped" ] && [ "${pipeline_config_present_status}" = "skipped" ] && [ "${logging_kustomization_includes_data_prepper_status}" = "skipped" ]; then
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
cat > build/testcase-metrics.prom <<METRICS
platform_quality_gate_test_case_result{suite="${suite}",branch="${metric_branch}",build_number="${metric_build_number}",jenkins_job="${metric_jenkins_job}",test="__no_test_cases__",status="skipped"} 1
ci(data-prepper): quote testcase metrics correctly
2026-04-22 13:28:35 -03:00
METRICS
else
cat > build/testcase-metrics.prom <<METRICS
platform_quality_gate_test_case_result{suite="${suite}",branch="${metric_branch}",build_number="${metric_build_number}",jenkins_job="${metric_jenkins_job}",test="data_prepper.packaging::dockerfile_present",status="${dockerfile_present_status}"} 1
platform_quality_gate_test_case_result{suite="${suite}",branch="${metric_branch}",build_number="${metric_build_number}",jenkins_job="${metric_jenkins_job}",test="data_prepper.packaging::pipeline_config_present",status="${pipeline_config_present_status}"} 1
platform_quality_gate_test_case_result{suite="${suite}",branch="${metric_branch}",build_number="${metric_build_number}",jenkins_job="${metric_jenkins_job}",test="data_prepper.packaging::logging_kustomization_includes_data_prepper",status="${logging_kustomization_includes_data_prepper_status}"} 1
ci(data-prepper): avoid xml parser in metrics publish
2026-04-22 13:04:47 -03:00
METRICS
fi
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
. build/test-counts.env
tests_check="ok"
if [ "$((test_failed_count + test_error_count))" -gt 0 ]; then
tests_check="failed"
fi
cat > build/platform-quality-metrics.prom <<METRICS
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
# TYPE platform_quality_gate_runs_total counter
platform_quality_gate_runs_total{suite="${suite}",status="ok"} ${ok_count}
platform_quality_gate_runs_total{suite="${suite}",status="failed"} ${failed_count}
logging/ci: publish data-prepper smoke test metrics
2026-04-10 06:24:51 -03:00
# TYPE data_prepper_quality_gate_tests_total gauge
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
data_prepper_quality_gate_tests_total{suite="${suite}",result="passed"} ${test_passed_count}
data_prepper_quality_gate_tests_total{suite="${suite}",result="failed"} ${test_failed_count}
data_prepper_quality_gate_tests_total{suite="${suite}",result="error"} ${test_error_count}
data_prepper_quality_gate_tests_total{suite="${suite}",result="skipped"} ${test_skipped_count}
monitoring(metrics): normalize platform gate contract and pegasus suite name
2026-04-18 16:34:20 -03:00
# TYPE platform_quality_gate_workspace_line_coverage_percent gauge
ci(data-prepper): report n/a coverage as complete
2026-04-21 16:32:42 -03:00
# No coverable project source is present in this packaging suite; report full
# non-applicable coverage so rollups do not confuse N/A with uncovered code.
platform_quality_gate_workspace_line_coverage_percent{suite="${suite}"} 100
monitoring(metrics): normalize platform gate contract and pegasus suite name
2026-04-18 16:34:20 -03:00
# TYPE platform_quality_gate_source_lines_over_500_total gauge
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
platform_quality_gate_source_lines_over_500_total{suite="${suite}"} 0
monitoring(testing): add branch evidence panels
2026-04-21 09:35:43 -03:00
# TYPE platform_quality_gate_build_info gauge
monitoring(testing): link test metrics to build artifacts
2026-04-21 11:39:13 -03:00
platform_quality_gate_build_info{suite="${suite}",branch="${metric_branch}",build_number="${metric_build_number}",jenkins_job="${metric_jenkins_job}"} 1
monitoring(metrics): normalize platform gate contract and pegasus suite name
2026-04-18 16:34:20 -03:00
# TYPE data_prepper_quality_gate_checks_total gauge
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
data_prepper_quality_gate_checks_total{suite="${suite}",check="tests",result="${tests_check}"} 1
quality: standardize suite checks and add SonarQube stack
2026-04-19 14:18:41 -03:00
data_prepper_quality_gate_checks_total{suite="${suite}",check="coverage",result="not_applicable"} 1
data_prepper_quality_gate_checks_total{suite="${suite}",check="loc",result="not_applicable"} 1
data_prepper_quality_gate_checks_total{suite="${suite}",check="docs_naming",result="not_applicable"} 1
data_prepper_quality_gate_checks_total{suite="${suite}",check="gate_glue",result="${gate_glue_check}"} 1
data_prepper_quality_gate_checks_total{suite="${suite}",check="sonarqube",result="${sonarqube_check}"} 1
data_prepper_quality_gate_checks_total{suite="${suite}",check="supply_chain",result="${supply_chain_check}"} 1
monitoring(testing): backfill placeholder test-case metrics across sparse suites
2026-04-20 09:13:34 -03:00
# TYPE platform_quality_gate_test_case_result gauge
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
METRICS
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
cat build/testcase-metrics.prom >> build/platform-quality-metrics.prom
ci(data-prepper): archive junit without plugin dependency
2026-04-22 13:21:52 -03:00
push_status="$(
curl -sS -o build/pushgateway-response.txt -w '%{http_code}' -X PUT \
--data-binary @build/platform-quality-metrics.prom \
"${gateway}/metrics/job/platform-quality-ci/suite/${suite}" || true
)"
case "${push_status}" in
200|202) ;;
*)
echo "warning: metrics push failed for suite=${suite} status=${push_status}" >&2
cat build/pushgateway-response.txt >&2 || true
;;
esac
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
'''
}
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
script {
if (fileExists('build/junit-data-prepper.xml')) {
ci(data-prepper): archive junit without plugin dependency
2026-04-22 13:21:52 -03:00
echo 'JUnit XML generated and archived under build/; Jenkins junit step is not installed on this controller.'
monitoring(testing): split quality trend panels
2026-04-22 12:42:33 -03:00
}
}
ci(data-prepper): archive full quality evidence
2026-04-21 09:24:09 -03:00
archiveArtifacts artifacts: 'build/**', allowEmptyArchive: true, fingerprint: true
jenkins: wire full quality-gate metrics across platform jobs
2026-04-10 05:19:25 -03:00
}
logging: add Jenkins build for data-prepper
2026-01-10 05:01:17 -03:00
}
}
Reference in New Issue Copy Permalink