diff --git a/ci/Jenkinsfile b/ci/Jenkinsfile index 801ac52..5620927 100644 --- a/ci/Jenkinsfile +++ b/ci/Jenkinsfile @@ -1,7 +1,7 @@ -pipeline { - agent none +@Library('dch')_ - triggers { +properties([ + pipelineTriggers([ GenericTrigger( causeString: 'Webhook Trigger', genericVariables: [[ @@ -15,100 +15,75 @@ pipeline { silentResponse: true, tokenCredentialId: 'webhook-trigger', ) - } + ]) +]) - stages { - stage('RPM') { - matrix { - axes { - axis { - name 'FEDORA' - values '41', '42' - } +try { + fedoraBuild( + architectures: ['amd64'], + podTemplate: 'ci/podTemplate.yaml', + buildContainer: 'fedora', + ) { arch, fedoraVersion -> + stage("Prepare f${fedoraVersion}/${arch}") { + checkout scm + + container('fedora') { + sh '. ci/prepare.sh' + } + } + + stage("Build f${fedoraVersion}/${arch}") { + withCredentials([file( + credentialsId: 'kmod-signing-cert', + variable: 'SIGNING_KEY', + )]) { + container('fedora') { + sh '. ci/build.sh' } + } + } - agent { - kubernetes { - yamlFile 'ci/podTemplate.yaml' - yamlMergeStrategy merge() - defaultContainer 'fedora' - containerTemplate { - name 'fedora' - image "registry.fedoraproject.org/fedora:${FEDORA}" + stage("Sign f${fedoraVersion}/${arch}") { + when(BRANCH_NAME == 'main') { + withEnvironment([ + "GNUPGHOME=${env.WORKSPACE_TMP}/gnupg", + ]) { + withCredentials([ + file( + credentialsId: 'rpm-gpg-key', + variable: 'RPM_GPG_PRIVATE_KEY', + ), + file( + credentialsId: 'rpm-gpg-key-passphrase', + variable: 'RPM_GPG_KEY_PASSPHRASE', + ), + ]) { + container('fedora') { + sh '. ci/sign.sh' } } } + } + } - stages { - stage('Prepare') { - steps { - sh '. ci/prepare.sh' - } + archiveArtifacts '*.rpm' + + stage("Publish f${fedoraVersion}/${arch}") { + when(BRANCH_NAME == 'main') { + container('fedora') { + sshagent(['jenkins-repohost']) { + sh '. ci/publish.sh' } - - stage('Build') { - steps { - withCredentials([file( - credentialsId: 'kmod-signing-cert', - variable: 'SIGNING_KEY', - )]) { - sh '. ci/build.sh' - } - } - } - - stage('Sign') { - when { - branch 'main' - } - environment { - GNUPGHOME = "${env.WORKSPACE_TMP}/gnupg" - } - steps { - withCredentials([ - file( - credentialsId: 'rpm-gpg-key', - variable: 'RPM_GPG_PRIVATE_KEY', - ), - file( - credentialsId: 'rpm-gpg-key-passphrase', - variable: 'RPM_GPG_KEY_PASSPHRASE', - ), - ]) { - sh '. ci/sign.sh' - } - } - } - - stage('Archive') { - steps { - archiveArtifacts '*.rpm' - } - } - - stage('Publish') { - when { - branch 'main' - } - steps { - sshagent(['jenkins-repohost']) { - sh '. ci/publish.sh' - } - } - } - } } } } - - post { - failure { - emailext( - to: 'gyrfalcon@ebonfire.com', - subject: '$DEFAULT_SUBJECT', - body: '$DEFAULT_CONTENT', - ) - } - } +} catch (ex) { + currentBuild.result = 'FAILED' + emailext( + to: 'gyrfalcon@ebonfire.com', + subject: '$DEFAULT_SUBJECT', + body: '$DEFAULT_CONTENT', + ) + throw ex }