diff --git a/Jenkinsfile b/Jenkinsfile index 4847c62..ec86fa2 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -65,38 +65,42 @@ pipeline { withCredentials([usernamePassword(credentialsId: 'gitea-token-gitops', usernameVariable: 'GITEA_USER', passwordVariable: 'GITEA_PASS')]) { branches.each { envSet -> - sh """ echo "==============================" echo "Updating GitOps for branch: ${envSet.name}" echo "==============================" - # Install yq kalau belum ada - if ! command -v ./yq &> /dev/null; then - echo "Installing yq locally..." - wget -qO ./yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 - chmod +x ./yq - fi + // Gunakan block dengan masking aktif + sh( + script: """ + # Install yq kalau belum ada + if ! command -v ./yq &> /dev/null; then + echo "Installing yq locally..." + wget -qO ./yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 + chmod +x ./yq + fi - # Clone branch GitOps yang sesuai - rm -rf gitops - git -c http.sslVerify=false clone -b ${envSet.name} https://$GITEA_USER:$GITEA_PASS@git.winteraccess.id/syifa/datasiswa-gitops.git gitops - cd gitops + # Clone branch GitOps yang sesuai + rm -rf gitops + git -c http.sslVerify=false clone -b ${envSet.name} https://$GITEA_USER:$GITEA_PASS@git.winteraccess.id/syifa/datasiswa-gitops.git gitops + cd gitops - # Update image tags - echo "Updating ${envSet.overlay}/patch-deployment.yaml..." - ../yq e -i ".spec.template.spec.containers[] |= select(.name == \\"backend\\").image = env(BACKEND_TAG)" ${envSet.overlay}/patch-deployment.yaml - ../yq e -i ".spec.template.spec.containers[] |= select(.name == \\"frontend\\").image = env(FRONTEND_TAG)" ${envSet.overlay}/patch-deployment.yaml + # Update image tags + echo "Updating ${envSet.overlay}/patch-deployment.yaml..." + ../yq e -i ".spec.template.spec.containers[] |= select(.name == \\"backend\\").image = env(BACKEND_TAG)" ${envSet.overlay}/patch-deployment.yaml + ../yq e -i ".spec.template.spec.containers[] |= select(.name == \\"frontend\\").image = env(FRONTEND_TAG)" ${envSet.overlay}/patch-deployment.yaml - # Commit & push - git config user.name "jenkins" - git config user.email "jenkins@gitea.local" - git add . - git commit -m "Update ${envSet.overlay}: backend=${BUILD_NUMBER}, frontend=${BUILD_NUMBER}" || echo "No changes to commit" - git push origin ${envSet.name} + # Commit & push + git config user.name "jenkins" + git config user.email "jenkins@gitea.local" + git add . + git commit -m "Update ${envSet.overlay}: backend=${BUILD_NUMBER}, frontend=${BUILD_NUMBER}" || echo "No changes to commit" + git push origin ${envSet.name} - cd .. - rm -rf gitops - """ + cd .. + rm -rf gitops + """, + mask: true // <--- ini kunci masking password dari log + ) } } } @@ -106,14 +110,14 @@ pipeline { post { success { - echo "โœ… GitOps update successful โ€” all branches (dev, staging, prod) updated!" + echo "GitOps update successful โ€” all branches (dev, staging, prod) updated!" } failure { - echo "โŒ Pipeline failed, check Jenkins logs for details." + echo "Pipeline failed, check Jenkins logs for details." } always { cleanWs() - echo "๐Ÿงน Workspace cleaned up." + echo "Workspace cleaned up." } } }