124 lines
5.5 KiB
Groovy
124 lines
5.5 KiB
Groovy
pipeline {
|
|
agent any
|
|
|
|
environment {
|
|
REGISTRY = "docker.io/syifamaulidya"
|
|
BACKEND_NAME = "backend-app"
|
|
FRONTEND_NAME = "frontend-app"
|
|
GITOPS_REPO = "https://git.winteraccess.id/syifa/datasiswa-gitops.git"
|
|
}
|
|
|
|
stages {
|
|
stage('Checkout Source Code') {
|
|
steps {
|
|
echo "Cloning main application repository..."
|
|
checkout scm
|
|
}
|
|
}
|
|
|
|
stage('Build & Push Backend') {
|
|
steps {
|
|
script {
|
|
echo "Building backend image..."
|
|
withCredentials([usernamePassword(credentialsId: 'gitops-dockerhub', usernameVariable: 'DOCKER_USER', passwordVariable: 'DOCKER_PASS')]) {
|
|
sh '''
|
|
docker login -u $DOCKER_USER -p $DOCKER_PASS
|
|
cd backend
|
|
docker build -t $REGISTRY/$BACKEND_NAME:$BUILD_NUMBER .
|
|
docker push $REGISTRY/$BACKEND_NAME:$BUILD_NUMBER
|
|
docker tag $REGISTRY/$BACKEND_NAME:$BUILD_NUMBER $REGISTRY/$BACKEND_NAME:latest
|
|
docker push $REGISTRY/$BACKEND_NAME:latest
|
|
'''
|
|
}
|
|
env.BACKEND_TAG = "${REGISTRY}/${BACKEND_NAME}:${BUILD_NUMBER}"
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Build & Push Frontend') {
|
|
steps {
|
|
script {
|
|
echo "Building frontend image..."
|
|
withCredentials([usernamePassword(credentialsId: 'gitops-dockerhub', usernameVariable: 'DOCKER_USER', passwordVariable: 'DOCKER_PASS')]) {
|
|
sh '''
|
|
docker login -u $DOCKER_USER -p $DOCKER_PASS
|
|
cd frontend
|
|
docker build -t $REGISTRY/$FRONTEND_NAME:$BUILD_NUMBER .
|
|
docker push $REGISTRY/$FRONTEND_NAME:$BUILD_NUMBER
|
|
docker tag $REGISTRY/$FRONTEND_NAME:$BUILD_NUMBER $REGISTRY/$FRONTEND_NAME:latest
|
|
docker push $REGISTRY/$FRONTEND_NAME:latest
|
|
'''
|
|
}
|
|
env.FRONTEND_TAG = "${REGISTRY}/${FRONTEND_NAME}:${BUILD_NUMBER}"
|
|
}
|
|
}
|
|
}
|
|
|
|
stage('Update GitOps Repos (dev, staging, production)') {
|
|
steps {
|
|
script {
|
|
def branches = [
|
|
[name: "dev", overlay: "overlays/dev"],
|
|
[name: "staging", overlay: "overlays/staging"],
|
|
[name: "prod", overlay: "overlays/production"]
|
|
]
|
|
|
|
withCredentials([usernamePassword(credentialsId: 'gitea-token-gitops', usernameVariable: 'GITEA_USER', passwordVariable: 'GITEA_PASS')]) {
|
|
branches.each { envSet ->
|
|
echo "=============================="
|
|
echo "Updating GitOps for branch: ${envSet.name}"
|
|
echo "=============================="
|
|
|
|
// Gunakan block dengan masking aktif
|
|
sh(
|
|
script: """
|
|
# Install yq kalau belum ada
|
|
if ! command -v ./yq &> /dev/null; then
|
|
echo "Installing yq locally..."
|
|
wget -qO ./yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64
|
|
chmod +x ./yq
|
|
fi
|
|
|
|
# Clone branch GitOps yang sesuai
|
|
rm -rf gitops
|
|
git -c http.sslVerify=false clone -b ${envSet.name} https://$GITEA_USER:$GITEA_PASS@git.winteraccess.id/syifa/datasiswa-gitops.git gitops
|
|
cd gitops
|
|
|
|
# Update image tags
|
|
echo "Updating ${envSet.overlay}/patch-deployment.yaml..."
|
|
../yq e -i ".spec.template.spec.containers[] |= select(.name == \\"backend\\").image = env(BACKEND_TAG)" ${envSet.overlay}/patch-deployment.yaml
|
|
../yq e -i ".spec.template.spec.containers[] |= select(.name == \\"frontend\\").image = env(FRONTEND_TAG)" ${envSet.overlay}/patch-deployment.yaml
|
|
|
|
# Commit & push
|
|
git config user.name "jenkins"
|
|
git config user.email "jenkins@gitea.local"
|
|
git add .
|
|
git commit -m "Update ${envSet.overlay}: backend=${BUILD_NUMBER}, frontend=${BUILD_NUMBER}" || echo "No changes to commit"
|
|
git push origin ${envSet.name}
|
|
|
|
cd ..
|
|
rm -rf gitops
|
|
""",
|
|
mask: true // <--- ini kunci masking password dari log
|
|
)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
post {
|
|
success {
|
|
echo "GitOps update successful — all branches (dev, staging, prod) updated!"
|
|
}
|
|
failure {
|
|
echo "Pipeline failed, check Jenkins logs for details."
|
|
}
|
|
always {
|
|
cleanWs()
|
|
echo "Workspace cleaned up."
|
|
}
|
|
}
|
|
}
|