Jenkins
OpenDevStack provides several customized Jenkins Docker Images based on the official OpenShift images. The idea is, that you do not need to configure anything on Jenkings before you can start using it.
In ods-core/jenkins
, you find the following directory structure:
Directory | Description |
---|---|
master |
Dockerfile for Jenkins Master |
ocp-config |
OpenShift templates and Tailorfile |
slave-base |
Dockerfile and customization for Jenkins Slave Images |
webhook-proxy |
Dockerfile and source code for Bitbucket webhook proxy |
Jenkins Master
The following customizations are applied to enable more automatic deployment of Jenkins.
Configured Plugins
We have included some base plugins
token-macro:2.3 |
greenballs:1.15 |
credentials-binding:1.12 |
email-ext:2.63 |
sonar:2.6.1 |
ansicolor:0.5.2 |
Init groovy scripts
Jira offers to deploy post-initialization scripts.
Script | Description |
---|---|
url.groovy |
Sets the Jenkins Location based on the OpenShift route |
sonarqube.groovy |
Sets the sonarserver url and auth token based on the configured secrets and config maps |
The following environment variables must be available to Jenkins:
- SONAR_SERVER_URL
-
specifies the location of the sonarqube server.
- SONAR_AUTH_TOKEN
-
this is the sonarqube auth token that is generated when deploying and configuring sonarqube
Jenkins Slave
We have a base image for different jenkins slaves. The concrete slave images are then configured as part of the quickstarters. The base image contains the following customizations
-
Sonarqube Scanner
-
Sonarqube CNES Report Plugin
-
OWASP Dependency Checker
-
Tailor
-
Setting of Enterprise Proxy
When the docker image is built, it fetches automatically the OpenShift root CA certificate and stores it, so that the oc
-cli tool
can pick it up later and also adds the base domain wildcard certificate to the Java certificate store.
The setting of the enterprise proxy takes care that Jenkins slave works also on OpenShift clusters in enterprises that use a web proxy.
Webhook Proxy
Provides one endpoint accepting webhooks from BitBucket and forwards them to the corresponding Jenkins pipeline (which is determined based on the branch name). If there is no corresponding pipeline yet, it will be created on the fly. Once a branch is deleted or a pull request declined/merged, the corresponding Jenkins pipeline is deleted as well.
Usage
Go to "Repository Settings > Webhooks" and click on "Create webhook". Enter
Jenkins
as Title and the route URL (see following Setup section) as
URL. Under "Repository events", select Push
. Under "Pull request events",
select Merged
and Declined
. Save your changes and you’re done! Any other
webhooks already setup to trigger Jenkins are not needed anymore and should be
deactivated or deleted.