diff --git a/Jenkins/Build.Jenkinsfile b/Jenkins/Build.Jenkinsfile index 44bd71f3..cdea710c 100644 --- a/Jenkins/Build.Jenkinsfile +++ b/Jenkins/Build.Jenkinsfile @@ -4,44 +4,28 @@ pipeline { agent any stages { + // Stage 1: Checkout the code (Relies on the initial SCM checkout done by Jenkins) + stage('Source Checkout') { + steps { + echo "Workspace already populated by the initial SCM checkout. Proceeding." + // No explicit checkout needed, as the initial checkout is successful. + } + } + // Stage 2: Setup Node.js v20 and install pnpm stage('Setup Environment') { steps { + // Simplified environment setup based on previous successful execution. sh ''' - ATTEMPTS=0 - MAX_ATTEMPTS=5 - - # Function to robustly run apt commands with retries in case of lock conflict - install_with_retry() { - CMD=\$1 - ATTEMPTS=0 - while [ \$ATTEMPTS -lt \$MAX_ATTEMPTS ]; do - # Run update first, then the command - if sudo apt-get update && \$CMD; then - return 0 # Success - else - ATTEMPTS=\$((ATTEMPTS + 1)) - if [ \$ATTEMPTS -lt \$MAX_ATTEMPTS ]; then - echo "Apt lock detected or command failed. Retrying in 5 seconds (Attempt \$ATTEMPTS of \$MAX_ATTEMPTS)..." - sleep 5 - fi - fi - done - echo "Failed to execute apt command after \$MAX_ATTEMPTS attempts." - return 1 # Failure - } - - # 1. Install curl (required for NodeSource script) - install_with_retry "sudo apt-get install -y curl" || exit 1 - - # 2. Install Node.js v20 (closest matching the specified version '20.17.0') - # This step uses curl (installed above) and needs its own apt-get execution. + # 1. Install Node.js v20 (closest matching the specified version '20.17.0') + # We assume 'curl' is available and installation proceeds without lock conflicts now. + echo "Setting up Node.js v20..." curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - - install_with_retry "sudo apt-get install -y nodejs" || exit 1 + sudo apt-get install -y nodejs echo "Node.js version: \$(node -v)" - # 3. Install pnpm globally (version 8) + # 2. Install pnpm globally (version 8) npm install -g pnpm@8 echo "pnpm version: \$(pnpm -v)" ''' @@ -56,7 +40,7 @@ pipeline { } } - // Stage 4: Retrieve secrets from Vault and run SonarQube analysis + // Stage 4: Run SonarQube analysis using the Jenkins plugin's environment. stage('SonarQube Analysis') { steps { script { @@ -64,25 +48,19 @@ pipeline { def commitShaShort = sh(returnStdout: true, script: 'git rev-parse --short=8 HEAD').trim() echo "Commit SHA (short) is: ${commitShaShort}" - // 2. Retrieve secrets from HashiCorp Vault using the dedicated plugin binding. - withCredentials([ - // Requires the Jenkins HashiCorp Vault Plugin - [$class: 'VaultSecretCredentialsBinding', - vaultSecrets: [ - // Map key 'SONAR_TOKEN' from Vault path 'postiz/data/ci/sonar' to Jenkins environment variable 'SONAR_TOKEN' - [$class: 'VaultSecret', secretPath: 'postiz/data/ci/sonar', secretKey: 'SONAR_TOKEN', envVar: 'SONAR_TOKEN'], - // Map key 'SONAR_HOST_URL' from Vault path 'postiz/data/ci/sonar', to Jenkins environment variable 'SONAR_HOST_URL'] - [$class: 'VaultSecret', secretPath: 'postiz/data/ci/sonar', secretKey: 'SONAR_HOST_URL', envVar: 'SONAR_HOST_URL'] - ]] - ]) { + // 2. Use withSonarQubeEnv to set up the environment and PATH for sonar-scanner. + // IMPORTANT: Replace 'YourSonarServerName' with the name you configured + // for your SonarQube server instance in Jenkins (Manage Jenkins -> Configure System). + withSonarQubeEnv(installationName: 'YourSonarServerName') { // 3. Execute sonar-scanner CLI sh """ echo "Starting SonarQube Analysis for project version: ${commitShaShort}" sonar-scanner \\ -Dsonar.projectVersion=${commitShaShort} \\ - -Dsonar.token=\${SONAR_TOKEN} \\ - -Dsonar.host.url=\${SONAR_HOST_URL} - # Add other analysis properties here if needed (e.g., -Dsonar.projectKey=...) + -Dsonar.sources=. \\ + -Dsonar.host.url=\${SONAR_HOST_URL} \\ + -Dsonar.token=\${SONAR_TOKEN} + # Add -Dsonar.projectKey=YourKeyHere if not defined in sonar-project.properties """ } }