generated from hmcts/spring-boot-template
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathJenkinsfile_nightly
78 lines (62 loc) · 2.51 KB
/
Jenkinsfile_nightly
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!groovy
properties([
// H allow predefined but random minute see https://en.wikipedia.org/wiki/Cron#Non-standard_characters
//PCQ-1536 (Stop running Nightly builds on weekends). Original schedule was 'H 05 * * *'
pipelineTriggers([cron('H 08 * * 1-5')]),
parameters([
string(name: 'URL_TO_TEST', defaultValue: 'http://pcq-backend-aat.service.core-compute-aat.internal', description: 'The URL you want to run these tests against'),
string(name: 'SecurityRules',
defaultValue: 'http://raw.githubusercontent.com/hmcts/security-test-rules/master/conf/security-rules.conf',
description: 'The URL you want to run these tests against'),
])
])
@Library("Infrastructure")
def type = "java"
def product = "pcq"
def component = "backend"
def secrets = [
'pcq-${env}': [
secret('backend-POSTGRES-PASS', 'PCQ_DB_PASSWORD'),
secret('s2s-secret-pcq-consolidation-service', 'S2S_CS_SECRET'),
secret('jwt-secret', 'JWT_SECRET'),
secret('backend-encryption-key', 'DB_ENCRYPTION_KEY'),
secret('pcq-storage-account-primary-connection-string', 'STORAGE_ACCOUNT_CONNECTION_STRING')
]
]
static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
[ $class: 'AzureKeyVaultSecret',
secretType: 'Secret',
name: secretName,
version: '',
envVariable: envVar
]
}
withNightlyPipeline(type, product, component) {
env.TEST_URL = "http://pcq-backend-aat.service.core-compute-aat.internal"
env.TEST_S2S_URL = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.STORAGE_URL = "https://pcqsharedaat.blob.core.windows.net"
env.Rules = params.SecurityRules
loadVaultSecrets(secrets)
enableSlackNotifications('#pcq-builds')
enableMutationTest()
enableFullFunctionalTest()
enableFortifyScan()
afterAlways('fortify-scan') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/Fortify Scan/**/*'
// executing Groovy commands in Jenkins is not allowed therefore a workaround
// to run security scan on 16th day of every month
currentDay = sh(returnStdout: true, script: 'date "+%d"').trim()
if (currentDay == '16') {
enableSecurityScan()
}
}
afterAlways('securityScan') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'functional-output/**/*'
}
afterAlways('fullFunctionalTest') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'target/**/*'
}
afterAlways('mutationTest') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'functional-output/**/*'
}
}