gasket-driver/ci/Jenkinsfile

pipeline {
    agent none

    triggers {
        GenericTrigger(
            causeString: 'Webhook Trigger',
            genericVariables: [[
                key: 'nvr',
                value: '$[*].builds[*].nvr',
            ]],
            printContributedVariables: true,
            printPostContent: true,
            regexpFilterExpression: 'kernel-.*',
            regexpFilterText: '$nvr',
            silentResponse: true,
            tokenCredential: 'webhook-trigger',
        )
    }

    stages {
        stage('RPM') {
            matrix {
                axes {
                    axis {
                        name 'FEDORA'
                        values '41', '42'
                    }
                }

                agent {
                    kubernetes {
                        yamlFile 'ci/podTemplate.yaml'
                        yamlMergeStrategy merge()
                        defaultContainer 'fedora'
                        containerTemplate {
                            name 'fedora'
                            image "registry.fedoraproject.org/fedora:${FEDORA}"
                        }
                    }
                }

                stages {
                    stage('Prepare') {
                        steps {
                            sh '. ci/prepare.sh'
                        }
                    }

                    stage('Build') {
                        steps {
                            withCredentials([file(
                                credentialsId: 'kmod-signing-cert',
                                variable: 'SIGNING_KEY',
                            )]) {
                                sh '. ci/build.sh'
                            }
                        }
                    }

                    stage('Sign') {
                        when {
                            branch 'main'
                        }
                        environment {
                            GNUPGHOME = "${env.WORKSPACE_TMP}/gnupg"
                        }
                        steps {
                            withCredentials([
                                file(
                                    credentialsId: 'rpm-gpg-key',
                                    variable: 'RPM_GPG_PRIVATE_KEY',
                                ),
                                file(
                                    credentialsId: 'rpm-gpg-key-passphrase',
                                    variable: 'RPM_GPG_KEY_PASSPHRASE',
                                ),
                            ]) {
                                sh '. ci/sign.sh'
                            }
                        }
                    }

                    stage('Archive') {
                        steps {
                            archiveArtifacts '*.rpm'
                        }
                    }

                    stage('Publish') {
                        when {
                            branch 'main'
                        }
                        steps {
                            sshagent(['jenkins-repohost']) {
                                sh '. ci/publish.sh'
                            }
                        }
                    }

                }
            }
        }
    }

    post {
        failure {
            emailext(
                to: 'gyrfalcon@ebonfire.com',
                subject: '$DEFAULT_SUBJECT',
                body: '$DEFAULT_CONTENT',
            )
        }
    }
}