generated from hmcts/spring-boot-template
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Jenkinsfile_nightly
131 lines (114 loc) · 4.99 KB
/
Jenkinsfile_nightly
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!groovy
properties([
// H allow predefined but random minute see https://en.wikipedia.org/wiki/Cron#Non-standard_characters
pipelineTriggers([cron('27 07 * * 1-5')]),
parameters([
string(name: 'URL_TO_TEST', defaultValue: 'http://am-role-assignment-service-aat.service.core-compute-aat.internal', description: 'The URL you want to run these tests against'),
string(name: 'SecurityRules',
defaultValue: 'http://raw.githubusercontent.com/hmcts/security-test-rules/master/conf/security-rules.conf',
description: 'The URL you want to run these tests against'),
])
])
@Library("Infrastructure")
def type = "java"
def product = "am"
def component = "role-assignment-service"
def secrets = [
's2s-${env}': [
secret('microservicekey-am-role-assignment-service', 'BEFTA_S2S_CLIENT_SECRET'),
secret('microservicekey-am-role-assignment-service', 'S2S_SECRET'),
secret('microservicekey-am-org-role-mapping-service', 'AM_ORG_S2S_SECRET')
],
'am-${env}': [
secret('role-assignment-service-IDAM-CLIENT-SECRET', 'ROLE_ASSIGNMENT_IDAM_CLIENT_SECRET'),
secret('role-assignment-service-LD-SDK-KEY', 'LD_SDK_KEY'),
secret('test-am-user1-befta-pwd', 'TEST_AM_USER1_BEFTA_PWD'),
secret('test-am-user2-befta-pwd', 'TEST_AM_USER2_BEFTA_PWD'),
secret('test-am-user3-befta-pwd', 'TEST_AM_USER3_BEFTA_PWD'),
secret('role-assignment-service-IDAM-CLIENT-SECRET', 'OAUTH2_CLIENT_SECRET')
],
'ccd-${env}': [
secret('ccd-data-s2s-secret', 'CCD_DATA_S2S_SECRET')
],
'rpx-${env}': [
secret('xui-webapp', 'XUI_WEBAPP_S2S_SECRET')
]
]
static LinkedHashMap<String, Object> secret(String secretName, String envVar) {
[$class : 'AzureKeyVaultSecret',
secretType : 'Secret',
name : secretName,
version : '',
envVariable: envVar
]
}
def vaultOverrides = [
'preview' : 'aat',
'spreview': 'saat'
]
withNightlyPipeline(type, product, component) {
if (env.BRANCH_NAME.startsWith("PR")) {
env.LAUNCH_DARKLY_ENV = "pr"
}
else if (env.BRANCH_NAME == 'master') {
env.LAUNCH_DARKLY_ENV = "aat"
}
else {
env.LAUNCH_DARKLY_ENV = env.BRANCH_NAME
}
env.IDAM_URL = "https://idam-api.aat.platform.hmcts.net"
env.TEST_URL = "http://am-role-assignment-service-aat.service.core-compute-aat.internal"
env.IDAM_S2S_URL = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.S2S_URL = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.S2S_URL_BASE = "http://rpe-service-auth-provider-aat.service.core-compute-aat.internal"
env.BEFTA_S2S_CLIENT_ID = "am_role_assignment_service"
env.DEFINITION_STORE_HOST = "http://ccd-definition-store-api-aat.service.core-compute-aat.internal"
env.DEFINITION_STORE_URL_BASE = "http://ccd-definition-store-api-aat.service.core-compute-aat.internal"
env.CCD_DATA_STORE_URL = "http://ccd-data-store-api-aat.service.core-compute-aat.internal"
env.OAUTH2_CLIENT_ID = "am_role_assignment"
env.OAUTH2_REDIRECT_URI = "http://am-role-assignment-service-aat.service.core-compute-aat.internal/oauth2redirect"
env.OAUTH2_ACCESS_TOKEN_TYPE = "OIDC"
env.BEFTA_RESPONSE_HEADER_CHECK_POLICY = "JUST_WARN"
env.OAUTH2_SCOPE_VARIABLES = "openid%20profile%20roles%20authorities"
env.IDAM_CLIENT_ID = "am_role_assignment"
env.OPENID_SCOPE_VARIABLES = "openid+profile+roles+authorities"
env.MICROSERVICE_NAME = "am_role_assignment_service"
env.EXTERNAL_FLAG_QUERY_PATH = "am/role-assignments/fetchFlagStatus?flagName="
env.IDAM_API_URL_BASE = "https://idam-api.aat.platform.hmcts.net"
env.Rules = params.SecurityRules
// Var to turn FTAs that rely on the RAS-CCD case validation on/off, i.e. when CCD is not available.
env.AZURE_CASE_VALIDATION_FTA_ENABLED = "true"
// Vars for Azure Container Registries DTSAM-370
env.TESTCONTAINERS_HOST_OVERRIDE="localhost"
env.TESTCONTAINERS_HUB_IMAGE_NAME_PREFIX="hmctspublic.azurecr.io/imported/"
overrideVaultEnvironments(vaultOverrides)
loadVaultSecrets(secrets)
enableMutationTest()
enableSecurityScan()
enableFullFunctionalTest()
enableFortifyScan()
before('fullFunctionalTest') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'build/reports/tests/integration/**/*'
}
afterSuccess('build') {
stage("integration tests") {
sh "./gradlew integration"
steps.archiveArtifacts allowEmptyArchive: true, artifacts: 'build/reports/tests/integration/**/*'
}
}
afterAlways('fullFunctionalTest') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/target/cucumber/**/*'
publishHTML target: [
allowMissing : true,
alwaysLinkToLastBuild: true,
keepAll : true,
reportDir : "target/cucumber/functional-html-reports",
reportFiles : "overview-features.html,overview-failures.html,",
reportTitles : "Features,Failures",
reportName : "Functional Test Report"
]
}
afterAlways('fortify-scan') {
steps.archiveArtifacts allowEmptyArchive: true, artifacts: '**/Fortify Scan/**/*'
}
}