This repo is used to build a customized OpenShift Jenkins 2 image with source to image (S2I). The base OpenShift Jenkins S2I can be found at registry.access.redhat.com/openshift3/jenkins-2-rhel7
. The resulting image is a Jenkins master, and should be used in a master / slaves architecture. This image is configured to provide slaves as k8s pods via the k8s Jenkins plugin. Thus, this repo doesn't define any build tools or the like, as they are the responsibility of the slaves.
With s2i
installed; you can run the following to build and test your changes to the S2I locally.
s2i build --loglevel 5 jenkins-master openshift/jenkins-2-centos7 jenkins-s2i:latest
The directory structure is dictated by OpenShift Jenkins S2I image. In particular:
Handy oneliner to get the right format for the plugins in jenkins after an update:
Jenkins.instance.pluginManager.plugins.each{
plugin ->
println ("${plugin.getShortName()}:${plugin.getVersion()}")
}
To Integrate with slack follow the steps at https://github.com/jenkinsci/slack-plugin. Particularly, create a webhook at https://customteamname.slack.com/services/new/jenkins-ci. After the webhook setup is complete at slack, record and add the below environmental variables. You can retrieve the values on your slack dashboard. Make sure you are logged into the correct team.
SLACK_BASE_URL
SLACK_ROOM
SLACK_TOKEN_CREDENTIAL_ID
. When creating this credential in OpenShift, create a secret that syncs withe jenkins and uses the key secrettext. The namespace will automatically be prepended to the credential name. For example, if you create a secret named slack-token
in the namespace jenkins
then this variable would be slack-token
and jenkins will look for the sync'd credential jenkins-slack-token
.SLACK_TEAM
Here is an example of the slack token credential secret created in OpenShift
kind: Secret
type: Opaque
metadata:
labels:
credential.sync.jenkins.openshift.io: 'true'
build: "jenkins"
app: "jenkins"
name: "slack-token"
stringData:
secrettext: "super-secret-token"
By default the deployment will attempt to connect to SonarQube and configure its setup including an authentication token. The default url is http://sonarqube:9000. This can be overriden adding an environment variable named SONARQUBE_URL
. To disable SonarQube entirely set an environment variable named DISABLE_SONAR
with any value.
Inject the git
credentials to Jenkins-s2i when it is being built by editing configuration/init.groovy.d/configure-credentials.groovy
or by exposing a new environment Variable to the Jenkins deployment tempate.
A DSL Seed job is included in the s2i. The purpose of this job is to automatically generate multi branc pipelines for each project in a given GitLab namespace that has a Jenkinsfile
. To set this up, configure the Deployment Config for your Jenkins with the following ENVIRONMENT
variables or just edit the configuration/jobs/seed-multibranch-pipelines/config.xml
file. If you don't want or need this job, just delete it from the configuration/jobs
directory.
GITLAB_HOST is the Http address of the GitLab Project eg 'https://gitlab.apps.proj.example.com'
GITLAB_TOKEN is the GitLab API token to access repos and projects eg 'token123'
GITLAB_GROUP_NAME is the GitLab group name where projects are stored eg 'rht-labs'
An optional shared global library can be used to add method calls to pipelines which can help to simplify and organize a pipeline. The global library will be implicitly available to all pipelines.
To configure a library environment variables need to be made available to your image. In OCP, add environment variables to your deployment config. The following variables can be set
master
There are some helpers to get configuration out of a running Jenkins.