Demonstration of using Liquibase (via SQLcl) and Jenkins for CI/CD using Oracle Cloud Infrastructure (OCI) Resources.
As this is a demonstration of Jenkins/GitHub integration for CI/CD, you must use your own GitHub account to run it. Please fork or copy the repository into your own GitHub account before continuing.
- An existing OCI tenancy
- An existing GitHub Account
- You have forked this repository into your own GitHub account
By default, Always Free resources will be used. If you do not have any Always Free resources available and are using paid tenancy, this demonstration can still be run by changing the Terraform variable to is_paid=true
(as documented in the infra/README.md).
There are two main ways to deploy this Architecture:
- OCI Cloud Shell
- Terraform Client (Advanced)
View the infra/README.md for more information.
Once the infrastructure is deployed, Jenkins and GitHub will need to be configured to interact. This is done using the Github Branch Source Plugin
- In your Github Account, navigate to
Settings -> Developer settings -> GitHub Apps
- Select "New GitHub App" (Confirm Password, if prompted)
- Register new GitHub App, Unless other specified below, leave the defaults
- GitHub App name: Jenkins - < Github Account Name >
- Homepage URL: Link to your GitHub Page; example:
https://github.com/gotsysdba
- Webhook URL: Link to your Jenkins Server; example:
https://jenkins.example.com/github-webhook/
. The trailing slash is important - Repository permissions:
- Commit statuses - Read and Write
- Contents: Read-only
- Pull requests: Read-only
- Subscribe to events: Select All
- Where can this GitHub App be installed? Only on this account
- Click "Create GitHub App"
- Record the
App ID
to be used later - Scroll down to "Private keys" and Generate a private key (will be prompted to save; save it to a safe location)
- Scroll back up the page and click "Install App"
- Click "Install" next to your GitHub account name
- Only select repositories; choose
<your GitHub Repository Name>/oci-liquibase-jenkins
- Install
In order for Jenkins to use the private key, saved above, convert it:
openssl pkcs8 -topk8 -inform PEM -outform PEM -in <key-in-your-downloads-folder.pem> -out converted-github-app.pem -nocrypt
If openssl
is not installed on your local machine, you can use OCI Cloud Shell to convert.
- Open Cloud Shell from the OCI Console
- Either drag and drop the file from your local machine into the Cloud Shell window, or use the "Upload" button from the Cloud Shell hamburger menu.
- Run the above
openssl
command in the Cloud Shell
- Login to your Jenkins Controller as admin and the password specified during the infrastructure deployment
- The URL will have been output at the end of the infrastructure deployment
- Navigate to:
Manage Jenkins > Manage Credentials
- Under "Stores scoped to Jenkins", click "Jenkins"
- Click "Global credentials (unrestricted)"
- Click "Add Credentials" in the Left Hand Navigation bar
- Kind: GitHub App
- ID: GitHubAppDemo
- App ID: < App ID > (Recorded above)
- Key: < Contents of converted-github-app.pem created above >
- Click "Test Connection" which should be successful.
- Click "OK"
From the Jenkins Dashboard:
- Navigate to:
Manage Jenkins > Manage Credentials
- Under "Stores scoped to Jenkins", click "Jenkins"
- Click "Global credentials (unrestricted)"
- Click "Add Credentials" in the Left Hand Navigation bar
- Kind: Username with password
- Username: ADMIN
- Password:
<Password for ADB Admin Account>
- ID: JENKINSDB_ADMIN
- Click "OK"
From the Jenkins Dashboard:
- Click "New Item"
- Item Name: Demonstration
- Select:
Multibranch Pipeline > OK
- Display Name: Demonstration
- Branch Source: GitHub
- Credentials: GitHubAppDemo
- Repository HTTPS URL: < Link to GitHub Repo; example:
https://github.com/<your GitHub Repository Name>/oci-liquibase-jenkins
>
- Click "Validate" under the "Repository HTTPS URL" field
- Response should be: "Credentials ok. Connected to
<GitHub Repo>
."
- Response should be: "Credentials ok. Connected to
- Scroll down and "Save"
- A "Scan Repository Log" screen will appear with "Finished: SUCCESS"
Integration is Configured! Proceed to the Hands On Demonstration