From b49459dc8f90228c7f44645ea859d57f75c880d9 Mon Sep 17 00:00:00 2001 From: "Miguel A. Alonso" Date: Wed, 4 Dec 2024 00:41:57 +0100 Subject: [PATCH] bxci.schema-3.x. Added new schema version 3.0 (#4255) --- src/api/json/catalog.json | 3 +- .../bxci-cache-with-unknown-types.yml | 17 + .../bxci-helm-missing-properties.yml | 11 + ...-missing-output-package-channel-branch.yml | 13 + .../bxci-missing-output-package-publish.yml | 12 + ...ci-output-docker-additional-properties.yml | 14 + ...output-docker-image-missing-properties.yml | 15 + ...utput-image-with-additional-properties.yml | 13 + ...bxci-output-with-additional-properties.yml | 14 + ...output-with-invalid-vulnerability-scan.yml | 16 + .../bxci-stages-parallel-stage-no-stages.yml | 12 + .../bxci-stages-singe-stage-no-steps.yml | 14 + .../bxci-stages-wrong-fail-fast.yml | 8 + .../bxci-wrong-checkmarx-thresholds.yml | 14 + .../bxci.schema-3.x/bxci-wrong-checkmarx.yml | 12 + .../bxci-wrong-commit-threshold.yml | 11 + src/schemas/json/bxci.schema-3.x.json | 823 ++++++++++++++++++ src/test/bxci.schema-3.x/bxci.yml | 121 +++ 18 files changed, 1142 insertions(+), 1 deletion(-) create mode 100644 src/negative_test/bxci.schema-3.x/bxci-cache-with-unknown-types.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-helm-missing-properties.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-missing-output-package-channel-branch.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-missing-output-package-publish.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-output-docker-additional-properties.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-output-docker-image-missing-properties.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-output-image-with-additional-properties.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-output-with-additional-properties.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-output-with-invalid-vulnerability-scan.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-stages-parallel-stage-no-stages.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-stages-singe-stage-no-steps.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-stages-wrong-fail-fast.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx-thresholds.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx.yml create mode 100644 src/negative_test/bxci.schema-3.x/bxci-wrong-commit-threshold.yml create mode 100644 src/schemas/json/bxci.schema-3.x.json create mode 100644 src/test/bxci.schema-3.x/bxci.yml diff --git a/src/api/json/catalog.json b/src/api/json/catalog.json index b204227b8e7..4a18815204c 100644 --- a/src/api/json/catalog.json +++ b/src/api/json/catalog.json @@ -869,7 +869,8 @@ "1.0": "https://json.schemastore.org/bxci.schema-1.0.json", "1.0.1": "https://json.schemastore.org/bxci.schema-1.0.1.json", "2.0.0": "https://json.schemastore.org/bxci.schema-2.0.0.json", - "2.x": "https://json.schemastore.org/bxci.schema-2.x.json" + "2.x": "https://json.schemastore.org/bxci.schema-2.x.json", + "3.x": "https://json.schemastore.org/bxci.schema-2.x.json" } }, { diff --git a/src/negative_test/bxci.schema-3.x/bxci-cache-with-unknown-types.yml b/src/negative_test/bxci.schema-3.x/bxci-cache-with-unknown-types.yml new file mode 100644 index 00000000000..6b131c9c5f1 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-cache-with-unknown-types.yml @@ -0,0 +1,17 @@ +project: + name: any + +config: + cache: + repository: + address: https://binary-repository.com/directory + credentials: SOME_CREDENTIALS + + items: + - type: unknown + enabled: true + +stages: + first: + steps: + - echo "Hello" diff --git a/src/negative_test/bxci.schema-3.x/bxci-helm-missing-properties.yml b/src/negative_test/bxci.schema-3.x/bxci-helm-missing-properties.yml new file mode 100644 index 00000000000..1dc52b573d8 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-helm-missing-properties.yml @@ -0,0 +1,11 @@ +project: + type: npm + +config: + build: + commit_time_threshold: 2 + +stages: + first: + steps: + - echo "Hello" diff --git a/src/negative_test/bxci.schema-3.x/bxci-missing-output-package-channel-branch.yml b/src/negative_test/bxci.schema-3.x/bxci-missing-output-package-channel-branch.yml new file mode 100644 index 00000000000..100696d9309 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-missing-output-package-channel-branch.yml @@ -0,0 +1,13 @@ +project: + name: some-project + type: npm + +stages: + my stage: + steps: + - echo first + +output: + package: + publish: + - channel: stable diff --git a/src/negative_test/bxci.schema-3.x/bxci-missing-output-package-publish.yml b/src/negative_test/bxci.schema-3.x/bxci-missing-output-package-publish.yml new file mode 100644 index 00000000000..3b8dd97369d --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-missing-output-package-publish.yml @@ -0,0 +1,12 @@ +project: + name: some-project + type: npm + +stages: + my stage: + steps: + - echo first + +output: + package: + - channel: stable diff --git a/src/negative_test/bxci.schema-3.x/bxci-output-docker-additional-properties.yml b/src/negative_test/bxci.schema-3.x/bxci-output-docker-additional-properties.yml new file mode 100644 index 00000000000..756e3bb3bd0 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-output-docker-additional-properties.yml @@ -0,0 +1,14 @@ +project: + name: any + +stages: + first: + steps: + - echo "Hello" + +output: + docker: + images: + - dockerfile: Dockerfile + image_name: britebill/image-name + not_allowed: true diff --git a/src/negative_test/bxci.schema-3.x/bxci-output-docker-image-missing-properties.yml b/src/negative_test/bxci.schema-3.x/bxci-output-docker-image-missing-properties.yml new file mode 100644 index 00000000000..b5d508ebdce --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-output-docker-image-missing-properties.yml @@ -0,0 +1,15 @@ +project: + name: any + +stages: + first: + steps: + - echo "Hello" + +output: + docker: + images: + - name: my-image + args: + - key: GIT_COMMIT + value: some value diff --git a/src/negative_test/bxci.schema-3.x/bxci-output-image-with-additional-properties.yml b/src/negative_test/bxci.schema-3.x/bxci-output-image-with-additional-properties.yml new file mode 100644 index 00000000000..c19d3b56fb8 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-output-image-with-additional-properties.yml @@ -0,0 +1,13 @@ +project: + type: npm + +stages: + first: + steps: + - echo "Hello" + +output: + helm: + charts: + - chart_name: my-chart + not_allowed: true diff --git a/src/negative_test/bxci.schema-3.x/bxci-output-with-additional-properties.yml b/src/negative_test/bxci.schema-3.x/bxci-output-with-additional-properties.yml new file mode 100644 index 00000000000..2d5d2b48c70 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-output-with-additional-properties.yml @@ -0,0 +1,14 @@ +project: + type: npm + +stages: + first: + steps: + - echo "Hello" + +output: + docker: + images: + - dockerfile: path/to/Dockerfile + image_name: my-image + this_is_not_allowed: true diff --git a/src/negative_test/bxci.schema-3.x/bxci-output-with-invalid-vulnerability-scan.yml b/src/negative_test/bxci.schema-3.x/bxci-output-with-invalid-vulnerability-scan.yml new file mode 100644 index 00000000000..d4dc79de598 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-output-with-invalid-vulnerability-scan.yml @@ -0,0 +1,16 @@ +project: + type: npm + +stages: + first: + steps: + - echo "Hello" + +output: + docker: + images: + - dockerfile: path/to/Dockerfile + image_name: my-image + vulnerability_scan: + enabled: false + not_allowed: true diff --git a/src/negative_test/bxci.schema-3.x/bxci-stages-parallel-stage-no-stages.yml b/src/negative_test/bxci.schema-3.x/bxci-stages-parallel-stage-no-stages.yml new file mode 100644 index 00000000000..bfa6651337d --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-stages-parallel-stage-no-stages.yml @@ -0,0 +1,12 @@ +project: + name: any + +stages: + single_stage: + steps: + - one + parallel_stages: + fail_fast: true + when: + branch: master + parallel: diff --git a/src/negative_test/bxci.schema-3.x/bxci-stages-singe-stage-no-steps.yml b/src/negative_test/bxci.schema-3.x/bxci-stages-singe-stage-no-steps.yml new file mode 100644 index 00000000000..dffb5d1f732 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-stages-singe-stage-no-steps.yml @@ -0,0 +1,14 @@ +project: + name: any + +stages: + single_stage: + + parallel_stages: + parallel: + parallel_stage_one: + steps: + - one + parallel_stage_two: + steps: + - two diff --git a/src/negative_test/bxci.schema-3.x/bxci-stages-wrong-fail-fast.yml b/src/negative_test/bxci.schema-3.x/bxci-stages-wrong-fail-fast.yml new file mode 100644 index 00000000000..0efa7dd0998 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-stages-wrong-fail-fast.yml @@ -0,0 +1,8 @@ +project: + name: any + +stages: + single_stage: + fail_fast: true + steps: + - one diff --git a/src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx-thresholds.yml b/src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx-thresholds.yml new file mode 100644 index 00000000000..57ed7340531 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx-thresholds.yml @@ -0,0 +1,14 @@ +project: + name: any + +config: + build: + checkmarx: + highThreshold: '1' + mediumThreshold: '1' + lowThreshold: '1' + +stages: + first: + steps: + - echo "Hello" diff --git a/src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx.yml b/src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx.yml new file mode 100644 index 00000000000..e5e08026169 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-wrong-checkmarx.yml @@ -0,0 +1,12 @@ +project: + name: any + +config: + build: + checkmarx: + exclusionsSetting: invalid + +stages: + first: + steps: + - echo "Hello" diff --git a/src/negative_test/bxci.schema-3.x/bxci-wrong-commit-threshold.yml b/src/negative_test/bxci.schema-3.x/bxci-wrong-commit-threshold.yml new file mode 100644 index 00000000000..1dc52b573d8 --- /dev/null +++ b/src/negative_test/bxci.schema-3.x/bxci-wrong-commit-threshold.yml @@ -0,0 +1,11 @@ +project: + type: npm + +config: + build: + commit_time_threshold: 2 + +stages: + first: + steps: + - echo "Hello" diff --git a/src/schemas/json/bxci.schema-3.x.json b/src/schemas/json/bxci.schema-3.x.json new file mode 100644 index 00000000000..c30d285d54f --- /dev/null +++ b/src/schemas/json/bxci.schema-3.x.json @@ -0,0 +1,823 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "$id": "https://json.schemastore.org/bxci.schema-3.x.json", + "definitions": { + "branchPattern": { + "description": "Regular expression for validating branch names", + "type": "string" + }, + "timeout": { + "description": "Timeout in seconds", + "type": "integer" + }, + "credentials": { + "description": "Jenkins credentials ID", + "type": "string" + }, + "binaryRepository": { + "type": "object", + "description": "Binary repository details", + "properties": { + "address": { + "type": "string", + "format": "uri", + "description": "Repository URL" + }, + "credentials": { + "$ref": "#/definitions/credentials", + "description": "Jenkins credentials ID for connecting to this repository" + } + }, + "additionalProperties": false, + "required": ["address", "credentials"] + }, + "checkmarx": { + "type": "object", + "title": "CheckMarx", + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "description": "Sets whether the scan should be run" + }, + "branch_pattern": { + "$ref": "#/definitions/branchPattern", + "description": "Specifies in which branches this stage will be executed", + "default": "^master$|^release/.*$" + }, + "groupId": { + "type": "string", + "default": "55", + "description": "Fully qualified team name for the project" + }, + "preset": { + "type": "string", + "default": "36", + "description": "Scan preset for the project" + }, + "sourceEncoding": { + "type": "string", + "default": "5", + "description": "Language encoding ID associated to the source code character encoding (5: Multi-Language Scan)" + }, + "serverUrl": { + "type": "string", + "default": "http://cxpbgmgmtserver/", + "description": "Checkmarx Server URL or IP address" + }, + "credentialsId": { + "type": "string", + "default": "BB-Checkmarx", + "description": "Jenkins credentials ID" + }, + "isProxy": { + "type": "boolean", + "default": false + }, + "useOwnServerCredentials": { + "type": "boolean", + "default": true, + "description": "Enables the use of the default server credentials or disables and provides server and credentials that override the defaults" + }, + "projectName": { + "type": "string", + "description": "Unique project name. Will be inferred from the repository name if not provided" + }, + "exclusionsSetting": { + "enum": ["job", "global"], + "default": "job", + "description": "Specifies which exclusions settings to use: global (Jenkins global settings) or job (current pipeline)" + }, + "excludeFolders": { + "type": "string", + "description": "Comma separated list of folders to be excluded from the CxSAST scan", + "examples": ["folder-1, folder-2, folder-3"] + }, + "filterPattern": { + "type": "string", + "description": "Defines the include/exclude wildcard patterns. Does not have effect when \"exclusionsSetting\" is set to \"global\"", + "examples": [ + "\"!**/_cvs/**/*, !**/.svn/**/*, !**/.hg/**/*, !**/.git/**/*\"" + ] + }, + "hideDebugLogs": { + "type": "boolean", + "default": true, + "description": "Sets whether debug logs are visible in the job output" + }, + "waitForResultsEnabled": { + "type": "boolean", + "default": true, + "description": "Sets whether the scan should be executed synchronously (default). The Synchronous mode allows viewing scan results in Jenkins" + }, + "vulnerabilityThresholdEnabled": { + "type": "boolean", + "default": true, + "description": "Sets whether the scan should fail if the number of vulnerabilities is above the configured thresholds. This option is only available if the waitForResultsEnabled parameter is enabled" + }, + "highThreshold": { + "type": "integer", + "default": 0, + "description": "Sets the maximum number of High vulnerabilities allowed" + }, + "mediumThreshold": { + "type": "integer", + "default": 10, + "description": "Sets the maximum number of Medium vulnerabilities allowed" + }, + "lowThreshold": { + "type": "integer", + "default": null, + "description": "Sets the maximum number of Low vulnerabilities allowed" + } + }, + "additionalProperties": false + }, + "sonar": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": true + }, + "breaks_build": { + "type": "boolean", + "description": "Waits for analysis result and breaks the build when the project fails for some quality gates", + "default": false + }, + "branch_analysis": { + "type": "boolean", + "description": "Indicates whether sonnar server supports branch analysis, to provide dedicated parameters.", + "default": true + }, + "branch_pattern": { + "type": "string", + "description": "Indicates on which branches static analysis will be performed.", + "examples": ["^master$|^release/.+$", "master"] + }, + "image": { + "type": "string", + "description": "Prebuilt Docker image for running scan into it. If not specified, it will use the same image used for main build.", + "examples": ["myrepo:port/my-awesome-image:1.2.3"] + }, + "timeout": { + "$ref": "#/definitions/timeout", + "description": "Seconds to wait for the result of the quality gate. Only applies when breaks_build is set to true", + "default": 120 + }, + "exclusions": { + "type": "string", + "description": "Comma separated list of wildcard patterns defining files to be excluded from the SonarQube scan", + "examples": ["**/excluded-folder/**, **/example/*.html"] + } + }, + "additionalProperties": false + }, + "when": { + "type": "object", + "title": "When", + "description": "Condition that should be met to run this step", + "properties": { + "branch": { + "$ref": "#/definitions/branchPattern", + "title": "Branch" + } + } + }, + "steps": { + "type": "array", + "description": "List of steps to run", + "title": "Steps" + }, + "singleStage": { + "type": "object", + "title": "Stage", + "properties": { + "steps": { + "$ref": "#/definitions/steps" + }, + "when": { + "$ref": "#/definitions/when" + } + }, + "required": ["steps"], + "additionalProperties": false + }, + "failFast": { + "type": "boolean", + "title": "Fail Fast", + "default": false, + "description": "Forces parallel stages to all be aborted when one of them fails" + }, + "parallelStage": { + "type": "object", + "title": "Parallel Stage", + "properties": { + "when": { + "$ref": "#/definitions/when" + }, + "fail_fast": { + "$ref": "#/definitions/failFast" + }, + "parallel": { + "type": "object", + "description": "List of stages to be executed in parallel", + "patternProperties": { + "^\\w+( \\w+)*$": { + "$ref": "#/definitions/singleStage", + "description": "Stage name in the Jenkins pipeline" + } + } + } + }, + "required": ["parallel"], + "additionalProperties": false + }, + "stage": { + "type": "object", + "properties": { + "when": { + "$ref": "#/definitions/when" + }, + "steps": { + "$ref": "#/definitions/steps" + }, + "fail_fast": { + "$ref": "#/definitions/failFast" + }, + "parallel": { + "type": "object", + "title": "Parallel", + "patternProperties": { + "^\\w+( \\w+)*$": { + "$ref": "#/definitions/singleStage" + } + } + } + }, + "anyOf": [ + { + "$ref": "#/definitions/singleStage" + }, + { + "$ref": "#/definitions/parallelStage" + } + ], + "additionalProperties": false + }, + "releaseChannel": { + "type": "string", + "description": "Release channel name" + }, + "releaseChannelBranch": { + "$ref": "#/definitions/branchPattern", + "description": "Indicates on which branches the artifact will be published" + }, + "dockerfile": { + "description": "Dockerfile path", + "type": "string" + }, + "outputDockerImage": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Docker image name" + }, + "dockerfile": { + "$ref": "#/definitions/dockerfile", + "description": "Path to Dockerfile used to generate the docker image" + }, + "args": { + "type": "array", + "description": "List of build args (--build-arg) to pass in docker build", + "title": "Docker build args", + "items": { + "$ref": "#/definitions/outputDockerBuildArgs" + } + }, + "vulnerability_scan": { + "type": "object", + "description": "Configuration for running vulnerability scans on published Docker images", + "title": "Vulnerability scan", + "properties": { + "enabled": { + "type": "boolean", + "default": true, + "description": "Whether the vulnerability scan step should be run" + } + }, + "required": ["enabled"], + "additionalProperties": false + } + }, + "required": ["name", "dockerfile"], + "additionalProperties": false + }, + "outputDocker": { + "type": "object", + "properties": { + "images": { + "type": "array", + "items": { + "$ref": "#/definitions/outputDockerImage" + } + }, + "publish": { + "$ref": "#/definitions/outputDockerPublish", + "description": "Docker publishing information. If not present, no images will be published" + }, + "multiArch": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean", + "default": false, + "description": "Whether the multi-arch build should be enabled" + }, + "architectures": { + "type": "array", + "items": { + "type": "string", + "description": "List of architectures to build", + "examples": ["amd64", "arm64", "arm"] + } + } + } + } + }, + "required": ["images"], + "additionalProperties": false + }, + "outputDockerPublish": { + "type": "array", + "items": { + "$ref": "#/definitions/dockerReleaseChannel" + } + }, + "outputDockerBuildArgs": { + "type": "object", + "oneOf": [ + { + "properties": { + "key": { + "type": "string", + "description": "ARG name" + }, + "value": { + "type": "string", + "description": "Value of the ARG" + }, + "additionalProperties": false + }, + "required": ["key", "value"] + }, + { + "properties": { + "key": { + "type": "string", + "description": "ARG name" + }, + "env": { + "type": "string", + "pattern": "^[A-Za-z_][A-Za-z0-9_]*$", + "description": "Environment variable whose value will be used to set the ARG" + }, + "additionalProperties": false + }, + "required": ["key", "env"] + } + ], + "properties": { + "key": { + "type": "string", + "description": "ARG name" + }, + "env": { + "type": "string", + "pattern": "^[A-Za-z_][A-Za-z0-9_]*$", + "description": "Environment variable whose value will be used to set the ARG" + }, + "value": { + "type": "string", + "description": "Value of the ARG" + } + } + }, + "dockerReleaseChannel": { + "type": "object", + "properties": { + "channel": { + "$ref": "#/definitions/releaseChannel" + }, + "branch": { + "$ref": "#/definitions/releaseChannelBranch" + }, + "registry": { + "type": "string", + "description": "Docker registry. Must include protocol (http|https) and port", + "format": "uri" + }, + "credentials": { + "$ref": "#/definitions/credentials", + "description": "Jenkins credentials ID for publishing into the specified Docker registry" + } + }, + "required": ["channel", "branch", "registry", "credentials"], + "additionalProperties": false + }, + "outputHelmChart": { + "type": "object", + "properties": { + "path": { + "type": "string", + "description": "Path to the Helm chart directory" + }, + "updates": { + "type": "array", + "description": "List of files to update", + "items": { + "$ref": "#/definitions/outputHelmUpdates" + } + } + }, + "required": ["path"], + "additionalProperties": false + }, + "outputHelm": { + "type": "object", + "properties": { + "charts": { + "type": "array", + "items": { + "$ref": "#/definitions/outputHelmChart" + } + }, + "publish": { + "$ref": "#/definitions/outputHelmPublish", + "description": "Helm chart publishing configuration. If not present, no charts will be published" + } + }, + "required": ["publish"], + "additionalProperties": false + }, + "outputHelmUpdates": { + "type": "object", + "additionalProperties": false, + "properties": { + "file": { + "type": "string", + "description": "Name (including path from Helm object path) of the file to be updated. Only supports yaml files" + }, + "properties": { + "type": "array", + "description": "A list of properties to update. It can be updated with a fixed value or environment variable", + "items": { + "$ref": "#/definitions/outputHelmUpdatesProperties" + } + } + }, + "required": ["file", "properties"] + }, + "outputHelmUpdatesProperties": { + "type": "object", + "oneOf": [ + { + "properties": { + "key": { + "type": "string", + "description": "Yaml property (full path) to be updated" + }, + "env": { + "type": "string", + "pattern": "^[A-Za-z_][A-Za-z0-9_]*$", + "description": "Environment variable whose value will be used to update the property" + }, + "additionalProperties": false + }, + "required": ["key", "env"], + "additionalProperties": false + }, + { + "properties": { + "key": { + "type": "string", + "description": "Yaml property (full path) to be updated" + }, + "value": { + "type": "string", + "description": "Value to update the given property" + } + }, + "required": ["key", "value"], + "additionalProperties": false + } + ] + }, + "outputHelmPublish": { + "type": "array", + "items": { + "$ref": "#/definitions/helmReleaseChannel" + } + }, + "helmReleaseChannel": { + "type": "object", + "properties": { + "channel": { + "$ref": "#/definitions/releaseChannel" + }, + "branch": { + "$ref": "#/definitions/releaseChannelBranch" + }, + "repository": { + "type": "string", + "format": "uri", + "description": "Helm chart repository. Must include protocol, host, port (if needed) and path" + }, + "credentials": { + "$ref": "#/definitions/credentials", + "description": "Jenkins credentials Id for this repository for uploading the chart" + } + }, + "required": ["channel", "branch", "repository", "credentials"], + "additionalProperties": false + }, + "outputPackage": { + "type": "object", + "properties": { + "publish": { + "$ref": "#/definitions/outputPackagePublish", + "description": "Package publish configuration." + } + }, + "required": ["publish"], + "additionalProperties": false + }, + "outputPackagePublish": { + "type": "array", + "items": { + "$ref": "#/definitions/packagePublishChannel" + } + }, + "packagePublishChannel": { + "type": "object", + "properties": { + "channel": { + "$ref": "#/definitions/releaseChannel" + }, + "branch": { + "$ref": "#/definitions/releaseChannelBranch" + }, + "registry": { + "type": "string", + "description": "NPM registry (env variable or registry URL)", + "examples": [ + "NPM_PUBLISH_REGISTRY", + "NPM_SNAPSHOT_REGISTRY", + "https://registry.npmjs.org" + ] + }, + "credentials": { + "$ref": "#/definitions/credentials", + "description": "Jenkins credentials ID for publishing into the specified Docker registry" + }, + "maven_releases_repo": { + "type": "string", + "description": "Maven repository for deploying releases" + }, + "maven_snapshots_repo": { + "type": "string", + "description": "Maven repository for deploying snapshots" + }, + "params": { + "type": "string", + "description": "Optional params for npm publish or mvn deploy command.", + "examples": ["--tag latest", "-Dmaven.test.skip=true"] + } + }, + "required": ["channel", "branch"], + "additionalProperties": false + }, + "cacheItem": { + "type": "object", + "properties": { + "type": { + "enum": ["maven", "npm", "local"], + "description": "Cache type", + "default": "maven" + }, + "enabled": { + "type": "boolean", + "description": "Sets whether this cache type is enabled", + "default": false + }, + "source": { + "type": "string", + "description": "Location of the cache in the Jenkins workspace", + "default": ".ci-cache/" + }, + "target": { + "type": "string", + "description": "Location of the cache directory inside the Docker container", + "default": "/container-path/directory" + } + }, + "additionalProperties": false, + "required": ["type", "enabled"] + } + }, + "description": "CI configuration for Amdocs Bill Experience projects", + "properties": { + "project": { + "description": "Project properties", + "type": "object", + "properties": { + "name": { + "description": "Project's name (used by Jenkins, Docker and Sonar)", + "type": "string" + }, + "type": { + "description": "Project type", + "enum": ["npm", "maven", "mvn"], + "default": "mvn" + }, + "settings": { + "description": "ID of a managed maven or npm Jenkins file", + "type": "string", + "examples": ["bx-maven-settings", "bx-npm-settings"] + } + }, + "additionalProperties": false + }, + "config": { + "type": "object", + "properties": { + "jenkins_runtime": { + "type": "object", + "properties": { + "docker": { + "type": "object", + "description": "Specifies how to build the Docker container (from an existing image or from a local Dockerfile)", + "properties": { + "image": { + "description": "Prebuilt Docker image (has precedence over dockerfile)", + "type": "string", + "examples": ["remote-host.com/image-name:tag"] + }, + "dockerfile": { + "$ref": "#/definitions/dockerfile", + "description": "Path to a local Dockerfile", + "examples": [".ci/Dockerfile"] + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false, + "required": ["docker"] + }, + "branch": { + "type": "object", + "description": "Describes on which branch names a build will be run", + "properties": { + "branch_pattern": { + "$ref": "#/definitions/branchPattern" + }, + "disable_validation": { + "description": "Disables branch name validation", + "type": "boolean", + "default": false + } + }, + "additionalProperties": false + }, + "build": { + "type": "object", + "properties": { + "clean_workspace_after_run": { + "type": "boolean", + "description": "Whether Jenkins workspace should be cleaned after the build", + "default": true + }, + "commit_time_threshold": { + "oneOf": [ + { + "type": "integer", + "const": 0 + }, + { + "type": "string", + "pattern": "^\\d+[mhd]$" + } + ], + "description": "Commit age threshold. Disables automated builds older than this parameter. When 0, this feature is disabled", + "default": false, + "examples": [0, "2m", "30m", "1d", "30m", "10d"] + }, + "checkmarx": { + "$ref": "#/definitions/checkmarx", + "description": "Adds a Static Analysis stage for CheckMarx. See https://www.jenkins.io/doc/pipeline/steps/checkmarx/ for all the configuration options." + }, + "static_analysis": { + "$ref": "#/definitions/sonar", + "description": "Adds a Static Analysis stage for Sonar." + } + }, + "additionalProperties": false + }, + "cache": { + "type": "object", + "description": "Cache configuration for projects built inside Docker containers", + "properties": { + "repository": { + "$ref": "#/definitions/binaryRepository" + }, + "items": { + "type": "array", + "description": "List of cache types", + "items": { + "$ref": "#/definitions/cacheItem" + } + } + }, + "additionalProperties": false + } + }, + "additionalProperties": false + }, + "services": { + "type": "array", + "description": "Additional services required by the project or application.", + "items": { + "enum": [ + "Postgres", + "Postgis", + "Redis", + "Mssql", + "Mysql", + "Mongodb", + "Elasticsearch" + ] + }, + "uniqueItems": true + }, + "environment": { + "type": "object", + "description": "Custom environment variables to be added to the pipeline", + "propertyNames": { + "pattern": "^[A-Za-z_][A-Za-z0-9_]*$" + } + }, + "jenkinsEnvironment": { + "type": "array", + "description": "Jenkins environment variables that are passed to the Docker container", + "uniqueItems": true, + "items": { + "pattern": "^[A-Za-z_][A-Za-z0-9_]*$", + "type": "string" + } + }, + "stages": { + "type": "object", + "title": "Stages", + "description": "Defines the stages and steps required to build the project.", + "patternProperties": { + "^\\w+( \\w+)*$": { + "$ref": "#/definitions/stage", + "description": "Stage name in the Jenkins pipeline" + } + } + }, + "output": { + "type": "object", + "description": "Describes artifacts generated after all the stages have been run", + "properties": { + "package": { + "$ref": "#/definitions/outputPackage", + "description": "Configuration for publishing NPM or Maven packages" + }, + "docker": { + "$ref": "#/definitions/outputDocker", + "description": "Configuration for generating a Docker image" + }, + "helm": { + "$ref": "#/definitions/outputHelm", + "description": "Configuration for generating a Helm chart" + } + }, + "additionalProperties": false + }, + "archive": { + "type": "array", + "description": "List of artifacts to archive (wildcards allowed). Check out https://www.jenkins.io/doc/pipeline/steps/core/#archiveartifacts-archive-the-artifacts", + "examples": ["target/*.jar", "**/*.jar", "target/out.txt"] + }, + "timeout": { + "$ref": "#/definitions/timeout", + "description": "Build timeout in seconds", + "default": 600 + } + }, + "required": ["project"], + "type": "object" +} diff --git a/src/test/bxci.schema-3.x/bxci.yml b/src/test/bxci.schema-3.x/bxci.yml new file mode 100644 index 00000000000..56af2ddf91c --- /dev/null +++ b/src/test/bxci.schema-3.x/bxci.yml @@ -0,0 +1,121 @@ +# yaml-language-server: $schema=../../schemas/json/bxci.schema-3.x/bxci.yml + +project: + type: npm + +config: + jenkins_runtime: + docker: + image: remote-host.com/image-name:tag + + build: + clean_workspace_after_run: false + commit_time_threshold: 2h + static_analysis: + enabled: false + exclusions: '**/one, **/two/**/*.html' + branch_analysis: false + branch_pattern: '^master$|^release/.+$|^feature/.+$' + image: illin7215.corp.amdocs.com:5001/britebill/maven:3.6.3-openjdk-11-ubi8 + + branch: + disable_validation: true + +services: + - Elasticsearch + - Mysql + - Mssql + +environment: + my_env_var: value + ANOTHER_VAR: value + __CFBundleIdentifier: some value + +jenkinsEnvironment: + - SOME_VALID_VALUE + +archive: + - some-file.txt + - target/*.jar + +stages: + my stage: + steps: + - echo first + another: + steps: + - npm run lint + Another step: + when: + branch: '^master$' + steps: + - echo last + +output: + package: + publish: + - channel: stable + branch: '^master$|^release/.+$' + registry: https://host.com/package-repo/stable + params: --tag latest + + - channel: dev + branch: '^(feature|bugfix)/.+$' + registry: SOME_ENV_VARIABLE + + - channel: stable-mvn + branch: '^master$|^release/.+$' + maven_releases_repo: 'maven-bx-releases' + credentials: NEXUS_CREDS + + - channel: snapshot + branch: '^feature/.+$' + maven_snapshots_repo: 'maven-bx-snapshots' + credentials: NEXUS_CREDS + + docker: + images: + - dockerfile: path/to/Dockerfile + name: my-image + args: + - key: arg1 + value: value1 + - key: arg2 + env: envvar + publish: + - channel: stable + branch: '^master$|^release/.+$' + registry: https://some-docker-registry.com:5008 + credentials: MY_SECRET + - channel: dev + branch: '^(feature|bugfix)/.+$' + registry: https://some-docker-registry.com:5031 + credentials: MY_SECRET + multiArch: + enabled: true + platforms: + - linux/amd64 + - linux/arm64 + - linux/arm/v7 + + helm: + charts: + - path: k8s/project-name + updates: + - file: Chart.yaml + properties: + - key: version + value: asdf + - file: values.yaml + properties: + - key: image.tag + env: SOME_VALID_VALUE + publish: + - channel: stable + branch: '^master$|^release/.+$' + repository: https://host.com/helm-repo/stable + credentials: MY_SECRET + - channel: dev + branch: '^(feature|bugfix)/.+$' + repository: https://host.com/helm-repo/snapshot + credentials: MY_SECRET