// GUARDiA ITSM — Java Gradle 표준 파이프라인 pipeline { agent any tools { gradle 'gradle8' jdk 'JDK17' } parameters { string(name: 'ITSM_SESSION_ID', defaultValue: '', description: 'GUARDiA 바이브 세션 ID') string(name: 'ITSM_SR_ID', defaultValue: '', description: '연결된 SR ID') choice(name: 'DEPLOY_ENV', choices: ['dev', 'stg', 'prd'], description: '배포 환경') string(name: 'TARGET_SERVER', defaultValue: '', description: '배포 대상 서버명') booleanParam(name: 'SKIP_TEST', defaultValue: false, description: '테스트 건너뜀') } environment { APP_VERSION = "${env.BRANCH_NAME ?: 'unknown'}-${env.BUILD_NUMBER}" SCRIPTS_ROOT = "${WORKSPACE}/cicd/scripts/pipeline" NOTIFY_SCRIPT = "${WORKSPACE}/cicd/scripts/notify/itsm_callback.sh" GRADLE_OPTS = "-Dorg.gradle.daemon=false -Dorg.gradle.parallel=true" } options { timeout(time: 90, unit: 'MINUTES') buildDiscarder(logRotator(numToKeepStr: '30', artifactNumToKeepStr: '10')) disableConcurrentBuilds() maskPasswords() } stages { stage('Checkout') { steps { checkout scm } } stage('Build') { steps { sh "bash ${NOTIFY_SCRIPT} BUILDING '빌드 시작'" sh """ ./gradlew clean build -x test \ -Pversion=${APP_VERSION} \ --no-daemon --parallel --stacktrace """ } post { failure { sh "bash ${NOTIFY_SCRIPT} FAILED '빌드 실패' || true" } } } stage('Test') { when { expression { return !params.SKIP_TEST } } parallel { stage('Unit Test') { steps { sh """ ./gradlew test \ -Pversion=${APP_VERSION} \ --no-daemon """ } post { always { junit testResults: '**/build/test-results/test/*.xml', allowEmptyResults: true publishHTML(target: [ allowMissing: true, alwaysLinkToLastBuild: true, reportDir: 'build/reports/tests/test', reportFiles: 'index.html', reportName: 'Test Report' ]) } } } stage('SonarQube') { when { anyOf { branch 'release/*'; branch 'main' } } steps { withSonarQubeEnv('sonarqube') { sh """ ./gradlew sonar \ -Dsonar.projectVersion=${APP_VERSION} \ --no-daemon """ } timeout(time: 10, unit: 'MINUTES') { waitForQualityGate abortPipeline: true } } } } } stage('Archive') { steps { archiveArtifacts( artifacts: 'build/libs/*.jar,build/libs/*.war', fingerprint: true, allowEmptyArchive: false ) } } stage('Production Approval') { when { anyOf { branch 'main'; branch 'hotfix/*' } expression { return params.DEPLOY_ENV == 'prd' } } steps { sh "bash ${NOTIFY_SCRIPT} PENDING_APPROVAL '운영 배포 승인 대기'" timeout(time: 30, unit: 'MINUTES') { input message: "운영 배포를 승인하시겠습니까?", ok: "승인" } } } stage('Deploy') { steps { sh "bash ${NOTIFY_SCRIPT} DEPLOYING '배포 시작'" withCredentials([sshUserPrivateKey( credentialsId: "ssh-${params.TARGET_SERVER}", keyFileVariable: 'SSH_KEY', usernameVariable: 'SSH_USER' )]) { sh """ bash ${SCRIPTS_ROOT}/deploy.sh \ --server "${params.TARGET_SERVER}" \ --env "${params.DEPLOY_ENV}" \ --ssh-key "${SSH_KEY}" \ --ssh-user "${SSH_USER}" \ --artifact "\$(ls build/libs/*.jar build/libs/*.war 2>/dev/null | grep -v plain | head -1)" """ } } } stage('WAS Restart') { steps { withCredentials([sshUserPrivateKey( credentialsId: "ssh-${params.TARGET_SERVER}", keyFileVariable: 'SSH_KEY', usernameVariable: 'SSH_USER' )]) { sh """ bash ${SCRIPTS_ROOT}/was_restart.sh \ --server "${params.TARGET_SERVER}" \ --ssh-key "${SSH_KEY}" \ --ssh-user "${SSH_USER}" \ --was-type "${env.WAS_TYPE ?: 'tomcat'}" """ } } post { failure { sh "bash ${SCRIPTS_ROOT}/rollback.sh --server '${params.TARGET_SERVER}' --reason 'WAS 재기동 실패' || true" sh "bash ${NOTIFY_SCRIPT} FAILED 'WAS 재기동 실패' || true" } } } stage('Health Check') { steps { retry(3) { sh """ bash ${SCRIPTS_ROOT}/health_check.sh \ --url "${env.HEALTH_CHECK_URL ?: 'http://localhost:8080/health'}" \ --timeout 60 """ } } post { failure { sh "bash ${SCRIPTS_ROOT}/rollback.sh --server '${params.TARGET_SERVER}' --reason '헬스체크 실패' || true" sh "bash ${NOTIFY_SCRIPT} ROLLED_BACK '헬스체크 실패 — 자동 롤백' || true" } } } stage('ITSM Callback') { steps { sh "bash ${NOTIFY_SCRIPT} COMPLETED '배포 완료 (빌드 #${env.BUILD_NUMBER})'" } } } post { always { cleanWs() } failure { sh "bash ${NOTIFY_SCRIPT} FAILED '파이프라인 실패: ${env.JOB_NAME} #${env.BUILD_NUMBER}' || true" } } }