Self Serve Release Jobs¶
Self serve release jobs allow a project to create a releases directory and then place a release file in it. Jenkins will pick this up and then promote the artifact from the staging log directory (log_dir) and tag the release with the defined version. maven_central_url is optional
Note
Example of a project’s release file:
$ cat releases/1.0.0.yaml
---
distribution_type: 'maven'
version: '1.0.0'
project: 'example-test-release'
log_dir: 'example-test-release-maven-stage-master/17/'
maven_central_url: 'oss.sonatype.org'
Note
Example of a terse Jenkins job to call global-jjb macro:
- project:
name: '{project-name}-gerrit-release-jobs'
project: 'example-test-release'
build-node: centos7-builder-2c-1g
project-name: example-test-release
jobs:
- '{project-name}-gerrit-release-jobs'
Note
Example of a verbose Jenkins job to call global-jjb macro:
- project:
name: '{project-name}-releases-verify'
project: 'example-test-release'
build-node: centos7-builder-2c-1g
project-name: example-test-release
jobs:
- 'gerrit-releases-verify'
- project:
name: '{project-name}-releases-merge'
project: 'example-test-release'
build-node: centos7-builder-2c-1g
project-name: example-test-release
jobs:
- 'gerrit-releases-merge'
Note
Release Engineers Please follow the setup guide before adding the job definition:
Setup for LFID Nexus Jenkins and Gerrit:¶
LFID¶
Create an lfid
and an ssh-key
RELEASE_USERNAME
RELEASE_EMAIL
ssh-key example:
ssh-keygen -t rsa -C "collab-it+odl-release@linuxfoundation.org" -f /tmp/odl-release
Nexus¶
Create a Nexus account called 'jenkins-release'
with promote privileges.
Gerrit¶
Log into your Gerrit with RELEASE_USERNAME
, upload the ssh-key
you created earlier.
Log out of Gerrit and log in again with your normal account for the next steps.
In Gerrit create a new group called self-serve-release
and give it direct push rights via All-Projects
push - refs/heads/*
- Add a push reference
- Set the ref as refs/heads/*
- Make sure “force push” is not checked
Add RELEASE_USERNAME
to group self-serve-release
and group Non-Interactive Users
Give group self-serve-release
Forge Committer rights on refs/tags/*
Give group self-serve-release
Allow on Create Signed Tag
Give group self-serve-release
Allow on Create Annotated Tag
Jenkins¶
Add a global credential to Jenkins called jenkins-release
and set the ID: 'jenkins-release'
as its value insert the ssh-key
that you uploaded to Gerrit.
Add Global vars in Jenkins: Jenkins configure -> Global properties -> Environment variables
RELEASE_USERNAME = $RELEASE_USERNAME
RELEASE_EMAIL = $RELEASE_EMAIL
Jenkins configure -> Managed Files -> Custom File
id: signing-pubkey Name: SIGNING_PUBKEY (optional) Comment: SIGNING_PUBKEY (optional)
Content: (ask andy) —–BEGIN PGP PUBLIC KEY BLOCK—–
Add or edit the managed file in Jenkins called lftoolsini
, appending a nexus section:
Jenkins Settings -> Managed files -> Add (or edit) -> Custom file
[nexus]
username=jenkins-release
password=redacted
Ci-management¶
Upgrade your projects global-jjb if needed add this to your global defaults file (eg: jjb/defaults.yaml).
jenkins-ssh-release-credential: 'jenkins-release'
Macros¶
lf-release¶
Release verify and merge jobs are the same except for their scm, trigger, and builders definition. This anchor is the common template.
Job Templates¶
Release Merge¶
Runs:
- sigul-install
- sigul-configuration
- checkout ref from taglist.log
- applies the $PROJECT.bundle
- signs, tags and pushes
lftools nexus release --server $NEXUS_URL $STAGING_REPO
Template Name: |
|
||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Comment Trigger: | |||||||||||||||||||||
remerge |
|||||||||||||||||||||
Required parameters: | |||||||||||||||||||||
|
|||||||||||||||||||||
Optional parameters: | |||||||||||||||||||||
|
Release Verify¶
Release verify job checks the schema and ensures that the staging-repo.txt.gz is available on the job.
- sigul-install
- sigul-configuration
- checkout ref from taglist.log
- applies the $PROJECT.bundle
- signs and shows signature
Template Names: |
|
||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Comment Trigger: | |||||||||||||||||||||||||||||||
recheck|reverify |
|||||||||||||||||||||||||||||||
Required Parameters: | |||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||
Optional Parameters: | |||||||||||||||||||||||||||||||
|