285 lines
14 KiB
Plaintext
285 lines
14 KiB
Plaintext
def runWindowsPowerShell(String scriptName, String scriptBody) {
|
||
def scriptPath = ".jenkins-${scriptName}.ps1"
|
||
writeFile file: scriptPath, text: scriptBody, encoding: 'UTF-8'
|
||
bat label: "PowerShell ${scriptName}", script: """
|
||
@echo off
|
||
setlocal
|
||
set "GENARRATIVE_POWERSHELL=%SystemRoot%\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"
|
||
if not exist "%GENARRATIVE_POWERSHELL%" (
|
||
echo [jenkins-powershell] powershell.exe not found: %GENARRATIVE_POWERSHELL%
|
||
exit /b 1
|
||
)
|
||
echo [jenkins-powershell] user:
|
||
whoami
|
||
echo [jenkins-powershell] exe: %GENARRATIVE_POWERSHELL%
|
||
"%GENARRATIVE_POWERSHELL%" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Bypass -Command "\$path = '%CD%\\${scriptPath}'; \$text = [System.IO.File]::ReadAllText(\$path, [System.Text.Encoding]::UTF8); \$utf8Bom = New-Object System.Text.UTF8Encoding(\$true); [System.IO.File]::WriteAllText(\$path, \$text, \$utf8Bom)"
|
||
if errorlevel 1 exit /b %ERRORLEVEL%
|
||
"%GENARRATIVE_POWERSHELL%" -NoLogo -NoProfile -NonInteractive -ExecutionPolicy Bypass -File "%CD%\\${scriptPath}"
|
||
exit /b %ERRORLEVEL%
|
||
"""
|
||
}
|
||
|
||
pipeline {
|
||
agent {
|
||
label 'windows'
|
||
}
|
||
|
||
options {
|
||
disableConcurrentBuilds()
|
||
skipDefaultCheckout(true)
|
||
buildDiscarder(logRotator(numToKeepStr: '20', artifactNumToKeepStr: '20'))
|
||
}
|
||
|
||
environment {
|
||
GIT_REMOTE_URL = 'https://git.genarrative.world/GenarrativeAI/Genarrative.git'
|
||
CARGO_HOME = '${env.WORKSPACE_TMP}/cargo-home'
|
||
CARGO_TARGET_DIR = '${env.WORKSPACE_TMP}/cargo-target/prod-release'
|
||
CARGO_INCREMENTAL = '0'
|
||
RUSTC_WRAPPER = 'sccache'
|
||
SCCACHE_DIR = '${env.USERPROFILE}\\.cache\\sccache-stdb-module'
|
||
SCCACHE_CACHE_SIZE = '30G'
|
||
}
|
||
|
||
parameters {
|
||
string(name: 'SOURCE_BRANCH', defaultValue: 'master', description: '源码分支,默认 master 最新提交')
|
||
string(name: 'COMMIT_HASH', defaultValue: '', description: '可选,指定属于 SOURCE_BRANCH 的 Git commit')
|
||
string(name: 'BUILD_VERSION', defaultValue: '', description: '发布版本号,留空则使用 Jenkins BUILD_NUMBER')
|
||
string(name: 'NOTIFICATION_EMAILS', defaultValue: '', description: '本次运行追加通知邮箱;会与 Jenkins Secret Text 凭据 genarrative-notification-emails 合并发送')
|
||
string(name: 'MIGRATION_BOOTSTRAP_SECRET_CREDENTIAL_ID', defaultValue: '', description: '可选,复用既有迁移 bootstrap secret 的 Jenkins Secret Text 凭据 ID;留空则本次构建自动生成')
|
||
booleanParam(name: 'PUBLISH_AFTER_BUILD', defaultValue: false, description: '构建成功后是否触发 Stdb module 发布')
|
||
string(name: 'DEPLOY_JOB_NAME', defaultValue: 'Genarrative-Stdb-Module-Publish', description: 'Stdb module 发布流水线作业名')
|
||
choice(name: 'DEPLOY_TARGET', choices: ['development', 'release'], description: 'PUBLISH_AFTER_BUILD=true 时的逻辑部署目标;development 使用当前 Linux 开发/构建/开发部署 agent')
|
||
booleanParam(name: 'CONFIRM_RELEASE_DEPLOY_AGENT', defaultValue: false, description: 'PUBLISH_AFTER_BUILD=true 且目标为 release 时必须确认已有独立 release 部署 agent')
|
||
string(name: 'DATABASE', defaultValue: 'genarrative-prod', description: '生产 SpacetimeDB database')
|
||
}
|
||
|
||
stages {
|
||
stage('Checkout') {
|
||
steps {
|
||
checkout([
|
||
$class: 'GitSCM',
|
||
branches: [[name: "*/${params.SOURCE_BRANCH}"]],
|
||
doGenerateSubmoduleConfigurations: false,
|
||
extensions: [
|
||
[$class: 'CleanBeforeCheckout'],
|
||
[$class: 'CloneOption', shallow: true, depth: 1, noTags: true, timeout: 30, honorRefspec: true],
|
||
],
|
||
userRemoteConfigs: [[url: "${GIT_REMOTE_URL}", refspec: "+refs/heads/${params.SOURCE_BRANCH}:refs/remotes/origin/${params.SOURCE_BRANCH}"]],
|
||
])
|
||
script {
|
||
runWindowsPowerShell('stdb-checkout', '''
|
||
$ErrorActionPreference = 'Stop'
|
||
$sourceBranch = if ($env:SOURCE_BRANCH) { $env:SOURCE_BRANCH } else { 'master' }
|
||
$commitHash = if ($env:COMMIT_HASH) { $env:COMMIT_HASH } else { '' }
|
||
$gitRemoteUrl = if ($env:GIT_REMOTE_URL) { $env:GIT_REMOTE_URL } else { 'https://git.genarrative.world/GenarrativeAI/Genarrative.git' }
|
||
|
||
function Invoke-GitCommand {
|
||
param(
|
||
[string]$Label,
|
||
[string[]]$Arguments
|
||
)
|
||
|
||
Write-Host "[stdb-checkout] $Label"
|
||
& git @Arguments
|
||
$exitCode = $LASTEXITCODE
|
||
if ($exitCode -ne 0) {
|
||
throw "[stdb-checkout] $Label failed with exit code $exitCode"
|
||
}
|
||
}
|
||
|
||
Write-Host "[stdb-checkout] sourceBranch: $sourceBranch"
|
||
Write-Host "[stdb-checkout] remote: $gitRemoteUrl"
|
||
$currentCommit = (git rev-parse HEAD).Trim()
|
||
if ($LASTEXITCODE -ne 0 -or -not $currentCommit) {
|
||
throw '[stdb-checkout] cannot resolve current HEAD'
|
||
}
|
||
Write-Host "[stdb-checkout] current HEAD: $currentCommit"
|
||
|
||
if ($commitHash) {
|
||
Write-Host "[stdb-checkout] requested commit: $commitHash"
|
||
$resolvedCommit = (git rev-parse --verify "${commitHash}^{commit}" 2>$null).Trim()
|
||
if ($LASTEXITCODE -eq 0 -and $resolvedCommit -eq $currentCommit) {
|
||
Write-Host '[stdb-checkout] requested commit already matches Jenkins GitSCM checkout'
|
||
} else {
|
||
Invoke-GitCommand -Label 'fetch source branch history' -Arguments @(
|
||
'fetch',
|
||
'--no-tags',
|
||
'--prune',
|
||
$gitRemoteUrl,
|
||
"+refs/heads/${sourceBranch}:refs/remotes/origin/${sourceBranch}"
|
||
)
|
||
$isShallowRepository = (git rev-parse --is-shallow-repository 2>$null).Trim()
|
||
if ($LASTEXITCODE -ne 0) {
|
||
throw '[stdb-checkout] cannot determine whether repository is shallow'
|
||
}
|
||
if ($isShallowRepository -eq 'true') {
|
||
Invoke-GitCommand -Label 'deepen source branch history' -Arguments @(
|
||
'fetch',
|
||
'--unshallow',
|
||
'--no-tags',
|
||
$gitRemoteUrl,
|
||
"+refs/heads/${sourceBranch}:refs/remotes/origin/${sourceBranch}"
|
||
)
|
||
}
|
||
Invoke-GitCommand -Label 'validate source branch ref' -Arguments @(
|
||
'cat-file',
|
||
'-e',
|
||
"refs/remotes/origin/${sourceBranch}^{commit}"
|
||
)
|
||
Invoke-GitCommand -Label 'validate requested commit' -Arguments @(
|
||
'cat-file',
|
||
'-e',
|
||
"${commitHash}^{commit}"
|
||
)
|
||
$resolvedCommit = (git rev-parse --verify "${commitHash}^{commit}").Trim()
|
||
if ($LASTEXITCODE -ne 0 -or -not $resolvedCommit) {
|
||
throw "[stdb-checkout] cannot resolve requested commit: $commitHash"
|
||
}
|
||
Invoke-GitCommand -Label 'validate requested commit belongs to branch' -Arguments @(
|
||
'merge-base',
|
||
'--is-ancestor',
|
||
$resolvedCommit,
|
||
"refs/remotes/origin/${sourceBranch}"
|
||
)
|
||
Invoke-GitCommand -Label "checkout commit $resolvedCommit" -Arguments @(
|
||
'checkout',
|
||
'--force',
|
||
$resolvedCommit
|
||
)
|
||
}
|
||
} else {
|
||
Write-Host "[stdb-checkout] COMMIT_HASH empty, reusing Jenkins GitSCM checkout result"
|
||
}
|
||
|
||
$resolvedCommit = (git rev-parse HEAD).Trim()
|
||
$utf8NoBom = New-Object System.Text.UTF8Encoding $false
|
||
[System.IO.File]::WriteAllText((Join-Path (Get-Location) '.jenkins-source-commit'), "$resolvedCommit`n", $utf8NoBom)
|
||
''')
|
||
env.SOURCE_COMMIT = readFile('.jenkins-source-commit').replace('\uFEFF', '').trim()
|
||
env.EFFECTIVE_BUILD_VERSION = params.BUILD_VERSION?.trim() ? params.BUILD_VERSION.trim() : env.BUILD_NUMBER
|
||
}
|
||
}
|
||
}
|
||
|
||
stage('Build Stdb Module') {
|
||
steps {
|
||
script {
|
||
def buildStep = {
|
||
runWindowsPowerShell('stdb-build', '''
|
||
$ErrorActionPreference = 'Stop'
|
||
$workspaceTmp = if ($env:WORKSPACE_TMP) { $env:WORKSPACE_TMP } else { "$env:WORKSPACE@tmp" }
|
||
$env:CARGO_HOME = "$workspaceTmp/cargo-home"
|
||
$env:CARGO_TARGET_DIR = "$workspaceTmp/cargo-target/prod-release"
|
||
$env:SCCACHE_DIR = "$env:USERPROFILE/.cache/sccache-stdb-module"
|
||
$env:PATH = "$env:CARGO_HOME/bin;$env:PATH"
|
||
$gitBash = @(
|
||
$env:GENARRATIVE_BASH,
|
||
'C:/Program Files/Git/bin/bash.exe',
|
||
'C:/Program Files/Git/usr/bin/bash.exe',
|
||
'C:/msys64/usr/bin/bash.exe',
|
||
'bash'
|
||
) | Where-Object { $_ -and (($_ -eq 'bash') -or (Test-Path $_)) } | Select-Object -First 1
|
||
if (-not $gitBash) {
|
||
throw '[stdb-build] Windows 构建节点缺少 Git Bash,无法执行仓库现有生产构建脚本。请先安装 Git for Windows,并确保 bash 在 PATH 中。'
|
||
}
|
||
$env:GENARRATIVE_BASH = $gitBash
|
||
if (-not (Get-Command cargo -ErrorAction SilentlyContinue)) {
|
||
throw '[stdb-build] 缺少 cargo。请先在 Windows 构建节点安装 Rust 工具链,并确保 cargo 在 PATH 中。'
|
||
}
|
||
# sccache 只是可选缓存;PATH 中存在但不可执行时必须回退到 rustc。
|
||
$sccacheCommand = Get-Command sccache -ErrorAction SilentlyContinue
|
||
$sccacheUsable = $false
|
||
if ($sccacheCommand) {
|
||
try {
|
||
& $sccacheCommand.Source --version | Out-Host
|
||
$sccacheUsable = $true
|
||
} catch {
|
||
Write-Host "[stdb-build] sccache 无法执行:$($_.Exception.Message)"
|
||
}
|
||
}
|
||
if (-not $sccacheUsable) {
|
||
Write-Host '[stdb-build] 未找到可用 sccache,改用 rustc 直接构建。'
|
||
Remove-Item Env:RUSTC_WRAPPER -ErrorAction SilentlyContinue
|
||
}
|
||
npm run build:production-release -- --component spacetime-module --name "$env:EFFECTIVE_BUILD_VERSION"
|
||
'''
|
||
)
|
||
}
|
||
if (params.MIGRATION_BOOTSTRAP_SECRET_CREDENTIAL_ID?.trim()) {
|
||
withCredentials([
|
||
string(credentialsId: params.MIGRATION_BOOTSTRAP_SECRET_CREDENTIAL_ID.trim(), variable: 'GENARRATIVE_SPACETIME_MIGRATION_BOOTSTRAP_SECRET')
|
||
]) {
|
||
buildStep()
|
||
}
|
||
} else {
|
||
buildStep()
|
||
}
|
||
}
|
||
}
|
||
}
|
||
|
||
stage('Archive') {
|
||
steps {
|
||
archiveArtifacts artifacts: "build/${env.EFFECTIVE_BUILD_VERSION}/spacetime_module.wasm,build/${env.EFFECTIVE_BUILD_VERSION}/spacetime_module.wasm.sha256,build/${env.EFFECTIVE_BUILD_VERSION}/release-manifest.json", fingerprint: true
|
||
archiveArtifacts artifacts: "build/${env.EFFECTIVE_BUILD_VERSION}/migration-bootstrap-secret.txt", fingerprint: false
|
||
}
|
||
}
|
||
|
||
stage('Publish') {
|
||
when {
|
||
expression { return params.PUBLISH_AFTER_BUILD }
|
||
}
|
||
steps {
|
||
build job: params.DEPLOY_JOB_NAME,
|
||
wait: true,
|
||
propagate: true,
|
||
parameters: [
|
||
string(name: 'SOURCE_BRANCH', value: params.SOURCE_BRANCH),
|
||
string(name: 'COMMIT_HASH', value: env.SOURCE_COMMIT),
|
||
string(name: 'BUILD_VERSION', value: env.EFFECTIVE_BUILD_VERSION),
|
||
string(name: 'NOTIFICATION_EMAILS', value: params.NOTIFICATION_EMAILS ?: ''),
|
||
string(name: 'DEPLOY_TARGET', value: params.DEPLOY_TARGET),
|
||
booleanParam(name: 'CONFIRM_RELEASE_DEPLOY_AGENT', value: params.CONFIRM_RELEASE_DEPLOY_AGENT),
|
||
string(name: 'BUILD_JOB_NAME', value: env.JOB_NAME),
|
||
string(name: 'BUILD_NUMBER_TO_DEPLOY', value: env.BUILD_NUMBER),
|
||
string(name: 'DATABASE', value: params.DATABASE),
|
||
]
|
||
}
|
||
}
|
||
}
|
||
|
||
post {
|
||
always {
|
||
script {
|
||
def notificationParameters = [
|
||
string(name: 'SOURCE_JOB_NAME', value: env.JOB_NAME),
|
||
string(name: 'SOURCE_BUILD_NUMBER', value: env.BUILD_NUMBER),
|
||
string(name: 'SOURCE_BUILD_URL', value: env.BUILD_URL ?: ''),
|
||
string(name: 'SOURCE_RESULT', value: currentBuild.currentResult ?: 'UNKNOWN'),
|
||
string(name: 'SOURCE_BRANCH', value: params.SOURCE_BRANCH ?: ''),
|
||
string(name: 'SOURCE_COMMIT', value: env.SOURCE_COMMIT ?: (params.COMMIT_HASH ?: '')),
|
||
string(name: 'BUILD_VERSION', value: env.EFFECTIVE_BUILD_VERSION ?: (params.BUILD_VERSION ?: '')),
|
||
string(name: 'DEPLOY_TARGET', value: params.DEPLOY_TARGET ?: ''),
|
||
string(name: 'DATABASE', value: params.DATABASE ?: ''),
|
||
string(name: 'SUMMARY', value: 'Stdb module 构建流水线结束'),
|
||
]
|
||
def notificationRecipients = params.NOTIFICATION_EMAILS?.trim()
|
||
if (notificationRecipients) {
|
||
notificationParameters.add(string(name: 'EMAIL_RECIPIENTS', value: notificationRecipients))
|
||
}
|
||
try {
|
||
build job: 'Genarrative-Notify-Email',
|
||
wait: false,
|
||
propagate: false,
|
||
parameters: notificationParameters
|
||
} catch (error) {
|
||
echo "邮件通知触发失败: ${error.message}"
|
||
}
|
||
}
|
||
}
|
||
success {
|
||
echo "Stdb module 构建完成: version=${env.EFFECTIVE_BUILD_VERSION}, commit=${env.SOURCE_COMMIT}"
|
||
}
|
||
}
|
||
}
|