96 lines
3.0 KiB
Groovy
96 lines
3.0 KiB
Groovy
pipeline {
|
|
agent none
|
|
|
|
environment {
|
|
HOME = "${env.WORKSPACE}"
|
|
PYTHON_IMAGE = 'python:3.10-slim-bullseye'
|
|
CREDENTIALS_ID = 'digital-ocean-ailuridae-registry'
|
|
REGISTRY = 'https://registry.digitalocean.com'
|
|
IMAGE_NAME = 'registry.digitalocean.com/ailuridae-registry/ailuridae.io/everybodymov'
|
|
IMAGE_BUILD = ''
|
|
APP_ID = credentials('digital-ocean-app-id')
|
|
}
|
|
|
|
stages {
|
|
stage('Check') {
|
|
agent {
|
|
docker {
|
|
image env.PYTHON_IMAGE
|
|
args '--rm'
|
|
}
|
|
}
|
|
steps {
|
|
sh 'python -m pip install --no-cache-dir --upgrade --user pip'
|
|
sh 'python -m pip install --no-cache-dir --user pipenv'
|
|
sh 'python -m pipenv install --dev --deploy'
|
|
sh 'python -m pipenv check --clear'
|
|
sh 'python -m pipenv run bandit *.py'
|
|
}
|
|
}
|
|
stage('Build') {
|
|
agent {
|
|
label 'main'
|
|
}
|
|
steps {
|
|
script {
|
|
IMAGE_BUILD = docker.build("${IMAGE_NAME}")
|
|
}
|
|
}
|
|
}
|
|
stage('Publish') {
|
|
agent {
|
|
label 'main'
|
|
}
|
|
when {
|
|
branch 'main'
|
|
}
|
|
steps {
|
|
script {
|
|
// withCredentials is annoyingly required to mask token occurrences.
|
|
withCredentials([usernamePassword(
|
|
credentialsId: env.CREDENTIALS_ID,
|
|
usernameVariable: 'API_TOKEN_USER',
|
|
passwordVariable: 'API_TOKEN_PASS'
|
|
)]) {
|
|
docker.withRegistry(env.REGISTRY, env.CREDENTIALS_ID) {
|
|
IMAGE_BUILD.push("${BUILD_NUMBER}")
|
|
IMAGE_BUILD.push('latest')
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
stage('Deploy') {
|
|
agent {
|
|
label 'main'
|
|
}
|
|
// when {
|
|
// branch 'main'
|
|
// }
|
|
steps {
|
|
script {
|
|
withCredentials([usernamePassword(
|
|
credentialsId: env.CREDENTIALS_ID,
|
|
usernameVariable: 'API_TOKEN_USER',
|
|
passwordVariable: 'API_TOKEN_PASS'
|
|
)]) {
|
|
sh '''
|
|
curl -H "Authorization: Bearer $API_TOKEN_PASS" -H "Content-Type: application/json" \
|
|
-X POST "https://api.digitalocean.com/v2/apps/$APP_ID/deployments" \
|
|
-d "{ \"force_build\" : true }"
|
|
'''
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
post {
|
|
always {
|
|
node('main') {
|
|
cleanWs()
|
|
}
|
|
}
|
|
}
|
|
}
|