Go back to your Jenkins, let’s now add your GitHub credentials.
-
If you don’t have one yet, generate an API token ⇒ Open https://github.com/settings/tokens
This token needs to have all permissions on repo, admin:org, admin:repo_hook, admin:org_hook and user:email.
You will then use that token as a password alternative.
|
Caution
|
Attention, GitHub will not let you see the token again afterwards, save it correctly somewhere. |
-
On your Jenkins instance, open http://<YOUR_IP>:8080/credentials/store/system/domain/_/
Add credentials with your Github login, using the token previously generated as the password.
|
Note
|
For your information, you are the only one allowed to access your Jenkins instance, and the API token is encrypted on the disk. However, it is obviously strongly recommended that you revoke that token at the end of the workshop. |
-
Open GitHub with your account, and create a new organization. Give it a name you love :-).
-
Fork the repo https://github.com/ToulouseJAM/spring-petclinic to your organization
Let’s now add a Jenkinsfile to your project.
-
On your machine, clone the previously forked repo: [email protected]:${YOUR_ORGANIZATION}/spring-petclinic.git
-
Create a
Jenkinsificationbranch from themasterone, and create aJenkinsfilefile at the root of your repo:
$> git checkout -b Jenkinsification && touch Jenkinsfile-
Transform the Scripted Pipeline created during the first part of the workshop, into a
Declarative Pipeline(must begin withpipeline{ … })
|
Note
|
To make your life easier, you can try to scaffold your Pipeline using the Blue Ocean Visual Editor. Follow instructions on http://${IP_JENKINS}:8080/blue/organizations/jenkins/create-pipeline This project is still in early stages, though it’s improving very quickly, so you could see some discrepancies [1]. |
|
Tip
|
You should find the following helpful: https://jenkins.io/doc/book/pipeline/ |
Using documentation du CLI Jenkins to verify the syntax of your Jenkinsfile remotely.
To be able to connect to the Jenkins CLI, you will need to generate an SSH keypair, and add the public key in your user account in the typical way. Cf. https://jenkins.io/doc/book/managing/cli/#authentication
|
Note
|
If you don’t know what to do with the previous, please ask us! :-) |
You should be able to run the following command (GitBash on Windows) :
$> java -jar cli.jar -i your_SSH_key -s http://${IP_JENKINS}:8080 declarative-linter --username ${YOUR_JENKINS_USER} --password ${YOUR_PASSWORD} < path/to/your/JenkinsfileSame command on Windows:
cat .\Jenkinsfile | java -jar jenkins-cli.jar -i your_SSH_key -s http://${IP_JENKINS}:8080 declarative-linter|
Tip
|
the CLI lets you do a big amount of things remotely.
Use the help command to output the exhaustive list of possible actions
(or use http://${IP_JENKINS}:8080/cli).
|
-
Once you’ve validated your Jenkinsfile, commit and push those modifications to your fork.
-
On Jenkins, create a new
GitHub Organizationjob and complete the configuration to point to your organization. Select the credentials you created previously. Using the default options for the rest should be enough.
Jenkins should now scan all the branches of all the repositories of your organization, looking for Jenkinsfiles.
Then it will create and execute the associated jobs.
|
Note
|
When you have successfully ran a build, you may notice a sentence at the end of the build GitHub has been notified of this commit’s build result.
On GitHub’s side, for each of your commit that is successful or failing, the build status will be shown next to it.
|
|
Tip
|
When in "development mode" for Jenkins Pipeline, it is generally recommended to now use the Replay feature to avoid having to commit & push to test changes.
|
Let’s now fill in the last "holes" in our Pipeline so that it becomes at least a bit useful :-).
-
In the
build & unit testsstage, configure your pipeline to run a Maven build. There are many ways to achieve this, as always, we recommend using thewithMavenstep (see doc) -
In the
build & unit testsstage, after the Maven build, add a step tostashthe generated binariestarget/\*.jar. -
In the
staginganddeploystages, add anunstashstep for the binaries. Make sure the binary is available in the workspace usingls -l targetafter theunstashcall. -
As Jenkins reuses workspaces by default when possible, it’s recommended to always cleanup workspaces when using steps like
unstashto make sure the workspace is clean each time and avoid issues. So add that cleanup just before callingunstash.
|
Note
|
Use the Pipeline documentation and the Snippet Generator.
|
-
Open your SonarQube instance: the default credentials are admin/admin. Change directly the admin password.
-
Generate a SonarQube API token in the Security part in the options of the admin user: see http://${IP_SONARQUBE}:9000/account/security/
-
In the global configuration of Jenkins, configure the informations to access your SonarQube instance.
-
Improve the
static-analysisstage to allow a SonarQube analysis (seewithSonarQubeEnvstep ⇒ documentation)
Re-run your Pipeline, you should now see the SonarQube icon next to your build. Open SonarQube and check the analysis went fine.
As we generally work with many branches with Git, it can be complex to manage many deployments of different versions of our applications to different deployment environments.
To keep things simple, we’re going to restrict deploys to the master branch only.
-
Using the Pipeline documenration, adjust things so that the
staging,manual-approvalanddeploystages trigger only when the current branch ismaster. -
Push your modifications to the
Jenkinsificationbranch and observe how it goes. Thestaging,manual-approvalanddeploystages should now be shown as skipped -
Merge the
Jenkinsificationbranch onmasternow, push your modifications and have a look at the build. The deployment steps should now be enabled.