Skip to content

Commit

Permalink
kie-issues#727: define push GH tokens for jenkins
Browse files Browse the repository at this point in the history
  • Loading branch information
jstastny-cz committed Nov 29, 2023
1 parent ee26177 commit 27f4a55
Show file tree
Hide file tree
Showing 6 changed files with 54 additions and 31 deletions.
16 changes: 10 additions & 6 deletions .ci/jenkins/Jenkinsfile.deploy
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ pipeline {
script {
dir(getRepoName()) {
if (githubscm.isBranchExist('origin',getPRBranch())) {
githubscm.removeRemoteBranch('origin', getPRBranch())
githubscm.removeRemoteBranch('origin', getPRBranch(), getGitAuthorPushCredsId())
}
githubscm.createBranch(getPRBranch())
}
Expand Down Expand Up @@ -228,16 +228,16 @@ void saveReports() {

void checkoutRepo() {
deleteDir()
checkout(githubscm.resolveRepository(getRepoName(), getGitAuthor(), getBuildBranch(), false))
checkout(githubscm.resolveRepository(getRepoName(), getGitAuthor(), getBuildBranch(), false, getGitAuthorCredsId()))
}

void commitAndCreatePR() {
def commitMsg = "[${getBuildBranch()}] Update version to ${getProjectVersion()}"
def prBody = "Generated by build ${BUILD_TAG}: ${BUILD_URL}.\nPlease do not merge, it should be merged automatically."

githubscm.commitChanges(commitMsg, { githubscm.findAndStageNotIgnoredFiles('pom.xml') })
githubscm.pushObject('origin', getPRBranch(), getGitAuthorCredsID())
deployProperties["${getRepoName()}.pr.link"] = githubscm.createPRWithLabels(commitMsg, prBody, getBuildBranch(), ['skip-ci'] as String[], getGitAuthorCredsID())
githubscm.pushObject('origin', getPRBranch(), getGitAuthorPushCredsId())
deployProperties["${getRepoName()}.pr.link"] = githubscm.createPRWithLabels(commitMsg, prBody, getBuildBranch(), ['skip-ci'] as String[], getGitAuthorCredsId())
}

void sendNotification() {
Expand Down Expand Up @@ -277,8 +277,12 @@ String getGitAuthor() {
return "${GIT_AUTHOR}"
}

String getGitAuthorCredsID() {
return env.AUTHOR_CREDS_ID
String getGitAuthorCredsId() {
return env.GIT_AUTHOR_CREDS_ID
}

String getGitAuthorPushCredsId() {
return env.GIT_AUTHOR_PUSH_CREDS_ID
}

String getBuildBranch() {
Expand Down
24 changes: 14 additions & 10 deletions .ci/jenkins/Jenkinsfile.promote
Original file line number Diff line number Diff line change
Expand Up @@ -57,11 +57,11 @@ pipeline {
script {
dir(getRepoName()) {
checkoutRepo()
if(githubscm.isReleaseExist(getGitTag(), getGitAuthorCredsID())) {
githubscm.deleteRelease(getGitTag(), getGitAuthorCredsID())
if(githubscm.isReleaseExist(getGitTag(), getGitAuthorCredsId())) {
githubscm.deleteRelease(getGitTag(), getGitAuthorCredsId())
}
githubscm.createReleaseWithGeneratedReleaseNotes(getGitTag(), getBuildBranch(), githubscm.getPreviousTagFromVersion(getGitTag()), getGitAuthorCredsID())
githubscm.updateReleaseBody(getGitTag(), getGitAuthorCredsID())
githubscm.createReleaseWithGeneratedReleaseNotes(getGitTag(), getBuildBranch(), githubscm.getPreviousTagFromVersion(getGitTag()), getGitAuthorCredsId())
githubscm.updateReleaseBody(getGitTag(), getGitAuthorCredsId())
}
}
}
Expand Down Expand Up @@ -158,8 +158,12 @@ String getGitAuthor() {
return env.GIT_AUTHOR
}

String getGitAuthorCredsID() {
return env.AUTHOR_CREDS_ID
String getGitAuthorCredsId() {
return env.GIT_AUTHOR_CREDS_ID
}

String getGitAuthorPushCredsId() {
return env.GIT_AUTHOR_PUSH_CREDS_ID
}

String getDeployPrLink() {
Expand All @@ -172,20 +176,20 @@ String getDeployPrLink() {

void checkoutRepo() {
deleteDir()
checkout(githubscm.resolveRepository(getRepoName(), getGitAuthor(), getBuildBranch(), false))
checkout(githubscm.resolveRepository(getRepoName(), getGitAuthor(), getBuildBranch(), false, getGitAuthorCredsId()))
// need to manually checkout branch since on a detached branch after checkout command
sh "git checkout ${getBuildBranch()}"
}

void mergeAndPush(String prLink) {
if (prLink) {
githubscm.mergePR(prLink, getGitAuthorCredsID())
githubscm.pushObject('origin', getBuildBranch(), getGitAuthorCredsID())
githubscm.mergePR(prLink, getGitAuthorCredsId())
githubscm.pushObject('origin', getBuildBranch(), getGitAuthorPushCredsId())
}
}

void tagLatest() {
if (getGitTag()) {
githubscm.tagLocalAndRemoteRepository('origin', getGitTag(), getGitAuthorCredsID(), env.BUILD_TAG, true)
githubscm.tagLocalAndRemoteRepository('origin', getGitTag(), getGitAuthorPushCredsId(), env.BUILD_TAG, true)
}
}
8 changes: 6 additions & 2 deletions .ci/jenkins/Jenkinsfile.quarkus-3.rewrite.pr
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ pipeline {
steps {
script {
dir(getRepoName()) {
githubscm.pushObject('origin', changeBranch, getGitAuthorCredsId())
githubscm.pushObject('origin', changeBranch, getGitAuthorPushCredsId())
}
}
}
Expand All @@ -91,7 +91,11 @@ String getRepoName() {
}

String getGitAuthorCredsId() {
return env.AUTHOR_CREDS_ID
return env.GIT_AUTHOR_CREDS_ID
}

String getGitAuthorPushCredsId() {
return env.GIT_AUTHOR_PUSH_CREDS_ID
}

MavenCommand getMavenCommand() {
Expand Down
8 changes: 6 additions & 2 deletions .ci/jenkins/Jenkinsfile.quarkus-3.rewrite.standalone
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ pipeline {
steps {
script {
dir(getRepoName()) {
githubscm.pushObject('origin', isPRSourceBranch() ? getBuildBranch() : getPRBranch(), getGitAuthorCredsId())
githubscm.pushObject('origin', isPRSourceBranch() ? getBuildBranch() : getPRBranch(), getGitAuthorPushCredsId())
}
}
}
Expand Down Expand Up @@ -167,7 +167,11 @@ boolean isPRSourceBranch() {
}

String getGitAuthorCredsId() {
return env.AUTHOR_CREDS_ID
return env.GIT_AUTHOR_CREDS_ID
}

String getGitAuthorPushCredsId() {
return env.GIT_AUTHOR_PUSH_CREDS_ID
}

String getPRBranch() {
Expand Down
12 changes: 8 additions & 4 deletions .ci/jenkins/Jenkinsfile.setup-branch
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ pipeline {
def commitMsg = "Update version to Kogito ${getKogitoVersion()} / Drools ${getDroolsVersion()}"

githubscm.commitChanges(commitMsg, { githubscm.findAndStageNotIgnoredFiles('pom.xml') })
githubscm.pushObject('origin', getBuildBranch(), getGitAuthorCredsID())
githubscm.pushObject('origin', getBuildBranch(), getGitAuthorPushCredsId())
} else {
println '[WARN] no changes to commit'
}
Expand Down Expand Up @@ -125,7 +125,7 @@ void sendNotification() {
void checkoutRepo(String repository, String branch) {
dir(repository) {
deleteDir()
checkout(githubscm.resolveRepository(repository, getGitAuthor(), branch, false))
checkout(githubscm.resolveRepository(repository, getGitAuthor(), branch, false, getGitAuthorCredsId()))
// need to manually checkout branch since on a detached branch after checkout command
sh "git checkout ${branch}"
}
Expand Down Expand Up @@ -164,8 +164,12 @@ String getDroolsVersion() {
return params.DROOLS_VERSION
}

String getGitAuthorCredsID() {
return env.AUTHOR_CREDS_ID
String getGitAuthorCredsId() {
return env.GIT_AUTHOR_CREDS_ID
}

String getGitAuthorPushCredsId() {
return env.GIT_AUTHOR_PUSH_CREDS_ID
}

MavenCommand getMavenCommand(String directory) {
Expand Down
17 changes: 10 additions & 7 deletions .ci/jenkins/dsl/jobs.groovy
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,8 @@ void createSetupBranchJob() {
JENKINS_EMAIL_CREDS_ID: "${JENKINS_EMAIL_CREDS_ID}",

GIT_AUTHOR: "${GIT_AUTHOR_NAME}",
AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}",

MAVEN_SETTINGS_CONFIG_FILE_ID: "${MAVEN_SETTINGS_FILE_ID}",

Expand All @@ -182,8 +183,8 @@ void setupReleaseDeployJob() {
JENKINS_EMAIL_CREDS_ID: "${JENKINS_EMAIL_CREDS_ID}",
GIT_AUTHOR: "${GIT_AUTHOR_NAME}",

AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GITHUB_TOKEN_CREDS_ID: "${GIT_AUTHOR_TOKEN_CREDENTIALS_ID}",
GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}",

MAVEN_SETTINGS_CONFIG_FILE_ID: "${MAVEN_SETTINGS_FILE_ID}",
MAVEN_DEPENDENCIES_REPOSITORY: "${MAVEN_ARTIFACTS_REPOSITORY}",
Expand Down Expand Up @@ -225,8 +226,8 @@ void setupReleasePromoteJob() {

GIT_AUTHOR: "${GIT_AUTHOR_NAME}",

AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GITHUB_TOKEN_CREDS_ID: "${GIT_AUTHOR_TOKEN_CREDENTIALS_ID}",
GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}",

MAVEN_SETTINGS_CONFIG_FILE_ID: "${MAVEN_SETTINGS_FILE_ID}",
MAVEN_DEPENDENCIES_REPOSITORY: "${MAVEN_ARTIFACTS_REPOSITORY}",
Expand Down Expand Up @@ -265,7 +266,8 @@ void setupPrQuarkus3RewriteJob() {
commitContext: 'Quarkus 3 rewrite',
])
jobParams.env.putAll([
AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}",
MAVEN_SETTINGS_CONFIG_FILE_ID: "${MAVEN_SETTINGS_FILE_ID}",
])
KogitoJobTemplate.createPRJob(this, jobParams)
Expand All @@ -276,7 +278,8 @@ void setupStandaloneQuarkus3RewriteJob() {
jobParams.env.putAll(EnvUtils.getEnvironmentEnvVars(this, 'quarkus-3'))
JobParamsUtils.setupJobParamsAgentDockerBuilderImageConfiguration(this, jobParams)
jobParams.env.putAll([
AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_CREDS_ID: "${GIT_AUTHOR_CREDENTIALS_ID}",
GIT_AUTHOR_PUSH_CREDS_ID: "${GIT_AUTHOR_PUSH_CREDENTIALS_ID}",
JENKINS_EMAIL_CREDS_ID: "${JENKINS_EMAIL_CREDS_ID}",
BASE_BRANCH: Utils.getGitBranch(this),
BASE_AUTHOR: Utils.getGitAuthor(this),
Expand Down

0 comments on commit 27f4a55

Please sign in to comment.