hms-dbmi · JamesPeck · Feb 19, 2026 · Feb 19, 2026 · Feb 19, 2026 · Feb 19, 2026
diff --git a/Dockerfile b/Dockerfile
@@ -1,18 +1,7 @@
-# Stage 1: Build
-# For reproducible builds, pin to a digest: maven:3.9-eclipse-temurin-21-alpine@sha256:<digest>
-FROM maven:3.9-eclipse-temurin-21-alpine AS build
-WORKDIR /app
-COPY pom.xml .
-RUN mvn dependency:go-offline -q
-COPY src ./src
-RUN mvn package -DskipTests -q
-
-# Stage 2: Runtime
-# For reproducible builds, pin to a digest: eclipse-temurin:21-jre-alpine@sha256:<digest>
 FROM eclipse-temurin:21-jre-alpine
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup
 WORKDIR /app
-COPY --from=build /app/target/pic-sure-logging-*.jar app.jar
+COPY target/pic-sure-logging-*.jar app.jar
 RUN mkdir -p /app/logs && chown appuser:appgroup /app/logs
 USER appuser
 EXPOSE ${PORT:-8080}

diff --git a/jenkinsfile b/jenkinsfile
@@ -1,50 +1,85 @@
 pipeline {
-    agent any
-
-    parameters {
-        string(name: 'DOCKER_REGISTRY', description: 'Docker registry URL (e.g., ECR URL)', defaultValue: 'hms-dbmi')
-        string(name: 'REPOSITORY_NAME', description: 'Docker repository name', defaultValue: 'pic-sure-logging')
-        choice(name: 'DEPLOY_METHOD', description: 'Deployment method', choices: ['docker', 's3', 'none'])
-        string(name: 'TARGET_STACK', description: 'Target stack for deployment (required for s3 deploy)', defaultValue: '')
-        string(name: 'STACK_S3_BUCKET', description: 'S3 bucket for image upload (required for s3 deploy)', defaultValue: '')
+  agent any
+
+  parameters {
+    string(name: 'DOCKER_REGISTRY', description: 'Docker registry URL (e.g., ECR URL)', defaultValue: 'hms-dbmi')
+    string(name: 'REPOSITORY_NAME', description: 'Docker repository name', defaultValue: 'pic-sure-logging')
+    choice(name: 'DEPLOY_METHOD', description: 'Deployment method', choices: ['docker', 's3', 'none'])
+    string(name: 'TARGET_STACK', description: 'Target stack for deployment (required for s3 deploy)', defaultValue: '')
+    string(name: 'STACK_S3_BUCKET', description: 'S3 bucket for image upload (required for s3 deploy)', defaultValue: '')
+  }
+
+  environment {
+    DOCKER_BUILD_ARGS = "--build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy --build-arg no_proxy=\"$no_proxy\" " +
+      "--build-arg HTTP_PROXY=$http_proxy --build-arg HTTPS_PROXY=$http_proxy --build-arg NO_PROXY=\"$no_proxy\""
+  }
+
+  stages {
+    stage('init') {
+      steps {
+        script {
+          env.GIT_BRANCH_SHORT = sh(script: 'echo "${GIT_BRANCH}" | awk -F/ \'{print $NF}\'', returnStdout: true).trim()
+          env.GIT_COMMIT_SHORT = sh(script: 'echo "${GIT_COMMIT}" | cut -c1-7', returnStdout: true).trim()
+          env.IMAGE_TAG        = "${env.GIT_BRANCH_SHORT}_${env.GIT_COMMIT_SHORT}"
+          env.LATEST_TAG       = params.DEPLOY_METHOD == 's3' ? 'latest' : 'LATEST'
+          env.IMAGE_NAME       = "${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}"
+        }
+      }
+    }
+
+    stage('build jar (docker run)') {
+      steps {
+        sh '''
+          set -euo pipefail
+
+          docker run --rm \
+            -v "$DOCKER_CONFIG_DIR/jenkins_home/workspace/$JOB_NAME/:/app" \
+            -v maven_m2_cache:/root/.m2 \
+            -w /app \
+            maven:3.9.9-amazoncorretto-24 \
+            sh -lc "mvn clean install -B -T 1C -DskipTests"
+
+          ls -lah target || true
+        '''
+      }
     }
 
-    environment {
-        DOCKER_BUILD_ARGS = "--build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy --build-arg no_proxy=\"$no_proxy\" --build-arg HTTP_PROXY=$http_proxy --build-arg HTTPS_PROXY=$http_proxy --build-arg NO_PROXY=\"$no_proxy\""
-        GIT_BRANCH_SHORT = sh(script: 'echo ${GIT_BRANCH} | cut -d "/" -f 2', returnStdout: true).trim()
-        GIT_COMMIT_SHORT = sh(script: 'echo ${GIT_COMMIT} | cut -c1-7', returnStdout: true).trim()
-        IMAGE_TAG = "${GIT_BRANCH_SHORT}_${GIT_COMMIT_SHORT}"
+    stage('build image') {
+      steps {
+        sh '''
+          set -euo pipefail
+          docker build ${DOCKER_BUILD_ARGS} -t "${IMAGE_NAME}:${IMAGE_TAG}" .
+          docker tag "${IMAGE_NAME}:${IMAGE_TAG}" "${IMAGE_NAME}:${LATEST_TAG}"
+        '''
+      }
     }
 
-    stages {
-        stage('build') {
-            steps {
-                script {
-                    env.LATEST_TAG = params.DEPLOY_METHOD == 's3' ? 'latest' : 'LATEST'
-                }
-                sh "docker build ${DOCKER_BUILD_ARGS} -t ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${IMAGE_TAG} ."
-                sh "docker tag ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${IMAGE_TAG} ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${LATEST_TAG}"
-            }
-        }
-        stage('deploy') {
-            steps {
-                script {
-                    if (params.DEPLOY_METHOD == 'docker') {
-                        sh "docker stop pic-sure-logging || true"
-                        sh "docker rm pic-sure-logging || true"
-                        sh """docker run --name=pic-sure-logging --restart always \
-                            --network=picsure \
-                            --env-file /usr/local/docker-config/pic-sure-logging/logging.env \
-                            -v /usr/local/docker-config/pic-sure-logging/logs:/app/logs \
-                            -d ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${IMAGE_TAG}"""
-                    } else if (params.DEPLOY_METHOD == 's3') {
-                        sh "docker save ${params.DOCKER_REGISTRY}/${params.REPOSITORY_NAME}:${LATEST_TAG} | gzip > pic-sure-logging.tar.gz"
-                        sh "aws s3 --sse=AES256 cp pic-sure-logging.tar.gz s3://${params.STACK_S3_BUCKET}/${params.TARGET_STACK}/containers/pic-sure-logging.tar.gz"
-                    } else {
-                        echo "Deployment skipped."
-                    }
-                }
-            }
+    stage('deploy') {
+      steps {
+        script {
+          if (params.DEPLOY_METHOD == 'docker') {
+            sh '''
+              set +e
+              docker stop pic-sure-logging
+              docker rm pic-sure-logging
+              set -e
+
+              docker run --name=pic-sure-logging --restart always \
+                --network=picsure \
+                --env-file $DOCKER_CONFIG_DIR/pic-sure-logging/logging.env \
+                -v $DOCKER_CONFIG_DIR/pic-sure-logging/logs:/app/logs \
+                -d "${IMAGE_NAME}:${IMAGE_TAG}"
+            '''
+          } else if (params.DEPLOY_METHOD == 's3') {
+            sh '''
+              docker save "${IMAGE_NAME}:${LATEST_TAG}" | gzip > pic-sure-logging.tar.gz
+              aws s3 --sse=AES256 cp pic-sure-logging.tar.gz "s3://${STACK_S3_BUCKET}/${TARGET_STACK}/containers/pic-sure-logging.tar.gz"
+            '''
+          } else {
+            echo "Deployment skipped."
+          }
         }
+      }
     }
+  }
 }