bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci(jenkins): add multibranch quality gate

Browse Source
This commit is contained in:
Brad Stein 2026-01-20 03:21:36 -03:00
parent e2e7e58f32
commit 5fe8866623
4 changed files with 44 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
ci/Jenkinsfile.titan-iac
View File

@ -22,7 +22,6 @@ spec:
environment { environment {
PIP_DISABLE_PIP_VERSION_CHECK = '1' PIP_DISABLE_PIP_VERSION_CHECK = '1'
PYTHONUNBUFFERED = '1' PYTHONUNBUFFERED = '1'
DEPLOY_BRANCH = 'deploy'
} }
stages { stages {
stage('Checkout') { stage('Checkout') {
@ -40,7 +39,27 @@ spec:
sh 'pytest -q ci/tests/glue' sh 'pytest -q ci/tests/glue'
} }
} }
stage('Resolve Flux branch') {
steps {
script {
env.FLUX_BRANCH = sh(
returnStdout: true,
script: "awk '/branch:/{print $2; exit}' clusters/atlas/flux-system/gotk-sync.yaml"
).trim()
if (!env.FLUX_BRANCH) {
error('Flux branch not found in gotk-sync.yaml')
}
echo "Flux branch: ${env.FLUX_BRANCH}"
}
}
}
stage('Promote') { stage('Promote') {
when {
expression {
def branch = env.BRANCH_NAME ?: (env.GIT_BRANCH ?: '').replaceFirst('origin/', '')
return env.FLUX_BRANCH && branch == env.FLUX_BRANCH
}
}
steps { steps {
withCredentials([usernamePassword(credentialsId: 'gitea-pat', usernameVariable: 'GIT_USER', passwordVariable: 'GIT_TOKEN')]) { withCredentials([usernamePassword(credentialsId: 'gitea-pat', usernameVariable: 'GIT_USER', passwordVariable: 'GIT_TOKEN')]) {
sh ''' sh '''
@ -48,7 +67,7 @@ spec:
git config user.email "jenkins@bstein.dev" git config user.email "jenkins@bstein.dev"
git config user.name "jenkins" git config user.name "jenkins"
git remote set-url origin https://${GIT_USER}:${GIT_TOKEN}@scm.bstein.dev/bstein/titan-iac.git git remote set-url origin https://${GIT_USER}:${GIT_TOKEN}@scm.bstein.dev/bstein/titan-iac.git
git push origin HEAD:${DEPLOY_BRANCH} git push origin HEAD:${FLUX_BRANCH}
''' '''
} }
} }

33
services/jenkins/configmap-jcasc.yaml
View File

@ -139,24 +139,33 @@ data:
} }
} }
} }
pipelineJob('titan-iac-quality-gate') { multibranchPipelineJob('titan-iac-quality-gate') {
triggers { branchSources {
scm('H/5 * * * *') branchSource {
} source {
definition {
cpsScm {
scm {
git { git {
remote { id('titan-iac-quality-gate')
url('https://scm.bstein.dev/bstein/titan-iac.git') remote('https://scm.bstein.dev/bstein/titan-iac.git')
credentials('gitea-pat') credentialsId('gitea-pat')
}
branches('*/feature/ariadne')
} }
} }
}
}
factory {
workflowBranchProjectFactory {
scriptPath('ci/Jenkinsfile.titan-iac') scriptPath('ci/Jenkinsfile.titan-iac')
} }
} }
orphanedItemStrategy {
discardOldItems {
numToKeep(30)
}
}
triggers {
periodicFolderTrigger {
interval('12h')
}
}
} }
base.yaml: | base.yaml: |
jenkins: jenkins:

1
services/jenkins/configmap-plugins.yaml
View File

@ -9,6 +9,7 @@ data:
kubernetes kubernetes
workflow-aggregator workflow-aggregator
git git
git-branch-source
pipeline-utility-steps pipeline-utility-steps
configuration-as-code configuration-as-code
configuration-as-code-support configuration-as-code-support

2
services/maintenance/kustomization.yaml
View File

@ -26,7 +26,7 @@ resources:
images: images:
- name: registry.bstein.dev/bstein/ariadne - name: registry.bstein.dev/bstein/ariadne
newTag: 0.1.0-4 # {"$imagepolicy": "maintenance:ariadne"} newTag: 0.1.0-5 # {"$imagepolicy": "maintenance:ariadne"}
configMapGenerator: configMapGenerator:
- name: disable-k3s-traefik-script - name: disable-k3s-traefik-script