JArigbabu/pipeline-examples-1

Pipeline examples

This repo contains example Jenkins Pipelines inside the jobs directory.

The related Pipeline jobs in Jenkins can be generated by JobDSL

Start

1. install the JobDSL[https://wiki.jenkins.io/display/JENKINS/Job+DSL+Plugi] Plugin

2. Create and run a new Pipeline job which points to Jenkinsfile
   (http://github-api.kohsuke.org/ is used to scan the GH organisation, see Seed.groovy to adjust the values, if required)

3. jobs are generated in the pipeline-example folder

if you try to run the Jenkinsfiles standalone, you have to fix the path to the yamlFile of some jobs/Jenkinsfile-* in this area to your belongings

agent {
    kubernetes {
        yamlFile 'yaml/podTemplate.yml'
    }
}

Pre-requirerments: Set up credentials

Setup the following credentials: (used by some pipelines)

• githubuserssh =GH User and SSH key (Type SSH user and private key)
• githubaccesstoken=GH Access token (Type secret text)
• as well as the dockerhub credentials for the kaniko docker build/push job: (see jobs/Jenkinsfile-docker-build-kaniko.groovy) for how to add the k8s secret for dockerhub. *Note#: GCR is not implemented yet, docker hub is used in the example pipeline See instructions below to set up

A simple-docker-kaniko-pipeline-example

A simple Dockerfile to build with kaniko see https://docs.cloudbees.com/docs/cloudbees-core/latest/cloud-admin-guide/using-kaniko#_create_a_new_kubernetes_secret for further details

Configure

rename kubctl-create-secret.sh.default

cp -f scripts/kubctl-create-secret.sh.default kubctl-create-secret.sh

adjust your docker registry values

NORTE: Special characters in password must escape!

kubectl create secret docker-registry docker-credentials \
    --docker-username=><USER>  \
    --docker-password=<PASSWORD> \
    --docker-email=<EMAIL>

create the scercet

./kubctl-create-secret.sh

docker push manually

docker login
sudo docker build -t caternberg/hellonode:1.1 .
docker push caternberg/hellonode:1.1

Debugging pods

see https://github.com/jenkinsci/kubernetes-plugin#debugging

Links

see

• https://go.cloudbees.com/docs/cloudbees-core/cloud-install-guide/kubernetes-using-kaniko/
• https://support.cloudbees.com/hc/en-us/articles/360019236771-How-to-build-my-own-docker-images-in-CloudBees-Core-on-Modern-Cloud-Platforms
• https://support.cloudbees.com/hc/en-us/articles/360031223512-What-you-need-to-know-when-using-Kaniko-from-Kubernetes-Jenkins-Agents
• https://kubernetes.io/docs/concepts/configuration/secret/#decoding-a-secret
• https://kubernetes.io/docs/concepts/configuration/secret/#overview-of-secrets
• https://www.thenativeweb.io/blog/2018-08-14-11-32-kubernetes-building-docker-images-within-a-cluster/

Beedemo Pipeline Shared Library

Pipeline Shared Library for SA Jenkins demo environments.

For more information on setting up and using Pipeline Global Libraries please see the documentation on GitHub: https://github.com/jenkinsci/workflow-cps-global-lib-plugin.

It is good practice to maintain your Pipeline Global Libraries in an external SCM, in addition to pushing to the Jenkins hosted workflowLibs Pipeline Global Library Git repoisitory. This also helps to manage sharing a Pipeline Global Library across multipe masters. Also, you could use a script such at this one to pull in externally managed Pipeline Global Libraries to the embedded Pipeline Global Library Git repository.

Pipline Global Libraries may be configured at the master, folder or job level.

Global Steps

mavenProject

Provides a template for maven builds. Additionally, it provides automated creation/updates of customized build images using docker commit to include caching all maven dependencies inside of the repo specific custom build image; dramatically speeding up build times.

configuration:

• mavenProject: provides simple config as Pipeline for maven based projects
  • org: GitHub organization or user repo is under
  • repo: GitHub repository being built
  • hipChatRoom: id or name of HipChat room to send build messages
  • jdk: version of JDK to use for build as string value
  • maven: version of Maven to use for build as string value
  • rebuildBuildImage: boolean that controls whether or not to refresh existing repo specific Docker build image based on the `maven' image
  • protectedBranches: allows to specify name(s) of branch(es) to protected and use Jenkins to control status, uses the githubProtrectBranch step documented below

Example:

	mavenProject {
		org = 'sa-team'
		repo = 'todo-api'
		hipChatRoom = '1613593'
		jdk = '8'
		maven = '3.3.3'
		rebuildBuildImage = true
		protectedBranches = ['master']
	}

githubProtectBranch

Uses the GitHub API to set up protected branches on repository being built.

configuration:

• githubProtectBranch: sets protection status of rep branch(es)
  • branches: list of strings specifying branches to set protected status on
  • API URL: GitHub API URL to use
  • Credentials ID: ID of GitHub username/password credentials set to use from Jenkins
  • org: org/user of repo - for example sa-demo in sa-demo/todo-api
  • repo: name of repo of branch

Example:

githubProtectBranch(['master','feature-one'],
  'https://github.enterprise.com/api/v3',
  '3ebff2f8-1013-42ff-a1e4-6d74e99f4ca1',
  'sa-team',
  'todo-api')