JenkinsFile.Promote

#!/usr/bin/groovy

node {
  def root = pwd()
  def mvn = tool 'M3'
  def appBaseName = "pz-idam"
  def appName

  stage("Config") {
    // clone the configuration repository and copy the current configuration
    def configDir = "${root}/configuration"
    def configFile = "${root}/config.json"
    dir(configDir) {
      git url: "${env.CONFIGURATION_URL}", credentialsId: "${env.CONFIGURATION_CREDS}"
      sh "mv ${configDir}/${env.ENVIRONMENT}-config.json ${configFile}"
      deleteDir()
    }
    // read the current configuration
    def configJson = readJSON file: "${configFile}"
    for (param in configJson.credparams + configJson.jobparams) {
      env."${param.name}" = (param.type == "booleanParam") ? "${param.defaultvalue}".toBoolean() : "${param.defaultvalue}"
    }
  }

  def appvers = "${env.PROMOTE_VERSION}"

  if(!fileExists('.cf')) {
    sh "mkdir -p .cf"
  }

  withEnv(["CF_HOME=.cf"]) {

    def authenticatePcf = { ->
      withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: "${env.PCF_CREDS}", usernameVariable: "CFUSER", passwordVariable: "CFPASS"]]) {
        sh """
          cf api ${env.PCF_API_ENDPOINT}
          cf auth ${CFUSER} ${CFPASS}
        """
      }
    }

    stage('Pull Artifact') {
      authenticatePcf()
      if (appvers == "latest") {
        // Get the latest version from Phase 2
        echo "No version specified. Fetching the latest version from ${env.PHASE_TWO_PCF_SPACE}"
        sh "cf target -o ${env.PCF_ORG} -s ${env.PHASE_TWO_PCF_SPACE}"
        appName = sh(script: "cf apps | grep '${appBaseName}' | cut -f1 -d ' ' ", returnStdout: true)
        appvers = appName.trim().replace("${appBaseName}-", "")
        echo "Pulled version ${appvers} from ${env.PHASE_TWO_PCF_SPACE}"
      } else {
        appName = "${appBaseName}-${appvers}"
      }
      appName = appName.trim()

      // Get the Artifact from Nexus
      def getDependencyStatus = sh(script: """mvn -X --settings ~/.m2/settings.xml dependency:get \
        -Dmaven.repo.local="${root}/.m2/repository" \
        -DrepositoryId=nexus \
        -DartifactId=${appBaseName} \
        -Dversion=${appvers} \
        -DgroupId="org.venice.piazza" \
        -Dpackaging=tar.gz \
        -Ddest=${root}/${appBaseName}.tar.gz \
        -DremoteRepositories="nexus::default::${env.ARTIFACT_STORAGE_DEPLOY_URL}" \
      """, returnStatus: true)
      echo "dependency status = ${getDependencyStatus}"
      if (getDependencyStatus == 0) {
        // Unzip
        sh "tar -xvzf ${root}/${appBaseName}.tar.gz"
      } else {
        error("The artifact version ${appvers} could not be found in Nexus.")
      }
    }

    stage ('Deploy') {
      authenticatePcf()
      sh "cf target -o ${env.PCF_ORG} -s ${env.PROMOTE_SPACE}"

      withCredentials([
        [$class: 'UsernamePasswordMultiBinding', credentialsId: "${env.PCF_CREDS}", usernameVariable: 'CFUSER', passwordVariable: 'CFPASS'],
        string(credentialsId: "${env.JKS_PASSPHRASE}", variable: 'JKS_PASSPHRASE'),
        string(credentialsId: "${env.PZ_PASSPHRASE}", variable: 'PZ_PASSPHRASE'),
        [$class: 'StringBinding', credentialsId: "${env.GEOAXIS_CLIENT_ID}", variable: "GEOAXIS_CLIENT_ID"],
        [$class: 'StringBinding', credentialsId: "${env.GEOAXIS_SECRET}", variable: "GEOAXIS_SECRET"]
      ]) {
          // Push the app
          sh "cf push ${appName} -f manifest.jenkins.yml --hostname ${appName} -b ${env.JAVA_BUILDPACK_NAME} -d ${env.PROMOTE_DOMAIN} --no-start --no-route"
          try {
            sh "cf set-env ${appName} SPACE ${env.PROMOTE_SPACE}"
            sh "cf set-env ${appName} DOMAIN ${env.PROMOTE_DOMAIN}"
            sh "cf set-env ${appName} JKS_FILE piazza.jks"
            sh "cf set-env ${appName} JKS_PASSPHRASE ${JKS_PASSPHRASE}"
            sh "cf set-env ${appName} PZ_PASSPHRASE ${PZ_PASSPHRASE}"
            sh "cf set-env ${appName} GEOAXIS_PROFILE ${env.GEOAXIS_PROFILE_DOMAIN}"
            sh "cf set-env ${appName} GEOAXIS_TOKENS ${env.GEOAXIS_TOKENS_DOMAIN}"
            sh "cf set-env ${appName} GEOAXIS_AUTH ${env.GEOAXIS_AUTH_DOMAIN}"
            sh "cf set-env ${appName} GEOAXIS_LOGOUT ${env.GEOAXIS_LOGOUT_DOMAIN}"
            sh "cf set-env ${appName} GEOAXIS_CLIENT_ID ${GEOAXIS_CLIENT_ID}"
            sh "cf set-env ${appName} GEOAXIS_SECRET ${GEOAXIS_SECRET}"
            sh "cf start ${appName}"
          } catch (Exception e) {
            try {
              sh "cf logs --recent ${appName}"
            } catch (Exception ex) {
              echo "Printing logs failed: ${ex}"
            }
            sh "cf delete ${appName} -f -r"
            error("Error during application start. Deleting ${appName}.")
          }
        }

      // Assign Routes
      def legacyAppNames = sh(script: "cf routes | grep \"${appBaseName}\" | awk '{print \$4}'", returnStdout: true)
      sh "cf map-route ${appName} apps.internal --hostname pz-idam-${env.PROMOTE_SPACE}"
      
      // Assign Policies
      try {
        def gateway = sh(script: "cf routes | grep \"pz-gateway\" | awk '{print \$4}' | head -n1", returnStdout: true).trim()
        sh "cf add-network-policy ${gateway} --destination-app ${appName} --protocol tcp --port 8080"
      } catch (Exception ex) {
        echo "Could not establish network policies. The network policy tool should be run post-build to ensure functionality."
      }

      // Delete old Routes
      for (Object legacyApp : legacyAppNames.trim().tokenize(',')) {
        def legacyAppName = legacyApp.toString().trim()
        if (legacyAppName != appName) {
          sh "cf unmap-route ${legacyAppName} apps.internal --hostname pz-idam-${env.PROMOTE_SPACE}"
          sh "cf delete -f ${legacyAppName} -r"
        }
      }
    }
  }
}