/simple-java-maven-app

For an introductory tutorial on how to use Jenkins to build a simple Java application with Maven.

Primary LanguageSmarty

simple-java-maven-app

This repository is a CI/CD pipeline example.

This repository uses Git webhooks to trigger a build in a Jenkins installation in a Kubernetes cluster to build/test the Java app and create a Docker image.

Flow:

  • a developer pushes to the "master" branch
  • a Github Webhook calls the build URL (generated by the "Build Authorization Token Root Plugin" plugin with the token)
  • Jenkins starts a build
    • the "Kubernetes" plugin in Jenkins schedules a pod in the Kubernetes cluster to act as an agent (its definition is in the Jenkins file)
  • the post build step takes the .jar file and creates a docker image, pushes it to a Nexus Docker registry and deploys the Helm chart (todo)

There is one Kubernetes installation, created with "minikube". Inside the cluster Jenkins and Nexus are running. There is not any ingress configured since minikube does not expose its IP anyway. Instead, I configured Jenkins and Nexus as NodePort services and exposed those ports using "socat". However, socat only binds to localhost.

There is another container running in the Kubernetes host. (alongside minikube) It is used as a reverse proxy to serve HTTPS certificates (generated by Let's Encrypt) for https://jenkins.tartismaliyiz.com, https://nexus.tartismaliyiz.com and https://docker.tartismaliyiz.com It is based on a fork of NGINX Proxy Manager and run using this CMD: docker run -d --name=nginx-proxy-manager --net=host -v /docker/appdata/nginx-proxy-manager:/config:rw jlesage/nginx-proxy-manager

Nexus is installed using this chart: oteemo-charts/sonatype-nexus Used values are in: nexus-values.yaml

Jenkins is installed using this chart: jenkinsci/jenkins Used values are in: jenkins-values.yaml

Jenkins: https://jenkins.tartismaliyiz.com/ Nexus: https://nexus.tartismaliyiz.com/ Docker Repository Push URL: https://docker.tartismaliyiz.com/ You can contact me to get some demo accounts. (all of the HTTPS certificates are legitimate Let's Encrypt certificates, in fact you can query TXT records to see the obsolete challange)

You can find an overview here of the whole system: https://docs.google.com/presentation/d/1CEEb1Gx7jTTTwxDjCAtq4m0ozR7q0iGtBt95OmqrCK8/edit?usp=sharing