In my org, currently we are deploying the branches manually.
the steps are
tsh login "my auth details"
tsh ssh myusername#server
sudo su
run_command
this gives me a list of options like, branch , env etc. then the deployments starts. I was told this can be automated using jenkins. But I am not sure how and where to start.
Can anybody help in pointing out the resources from where I can learn about this and implement ?
Related
I have setup a new Jenkins instance in docker.
Now am trying to create a new job. But the problem that am facing is my Source Code is in ADE.
But under "Source Code Management" i see only 2 options: 1) None 2) Git.
I dont see "ADE" option.
Is there any Plugin for ADE in jenkins?
Please do help
I worked at Oracle for some months and I used ade. Since ADE is a propietary SCM from Oracle, it is fully integrated in Oracle products. As far as I know, ADE can´t be integrated with jenkins natively but I think you could create a transaction in your jenkins server. When you need to build in jenkins, you would need to pull the transaction on your machine to the jenkins server. If you can set an observer or listener in jenkins when something changes in your transaction then trigger the build.
I am not sure if this can help you.
I have installed Jenkins in a docker container hosted on my Linux machine. Now the problem am facing is that I am unable to login to my Jenkins instance(UI) as my Unix\Linux user.
When i navigate to "Manage Jenkins >> Security >> Configure Global Security", under "Security Realm", I see an option called "Unix user/group database". If i select that option its asks(prompts) for "Service Name". I enter "sshd" and then click on "Test" button. On doing so it gives the below error: "User ‘jenkins’ needs to belong to group shadow to read /etc/shadow".
I am not sure how to fix it as am very new to docker as well as jenkins. Finally what i want to achieve is "i want to be able to login using my Unix\Linux credentials".
Context Simple Jenkins CD
I wrote a small app (spring boot) along with a Jenkins CD pipeline.
The (simple) declarative pipeline does the following:
build
unit tests
integration tests
deploy
Since spring boot generates a single artifact ("foo.jar" uber-jar), deployment simply "scp's" to the artifact to the production box (using jenkins ssh plugin).
The "ci/cd" setup presupposes that "production box" already has its config file. (e.g in spring boot, application.yml).
The Wrinkle
The setup works fine when the app does not require any configuration change.
However, if developers change code to require a "configuration change" (e.g. add a new port, password, etc), I do not want to auto deploy.
(Nor do I want to update the servers configuration, i.e. slip in "port=8443" , without admins "actively knowing" the change.)
Instead, I want to "flag administrators", "action required on your end", i.e. and have them actively add the config value (e.g. port or password) before deploying.
Question
What's the Jenkins-native way to "tell" admins "you must update your config before deploying new version of the application" ?
Any other recommendations?
Thanks in advance
Jenkins is here to automate your CI/CD, so the best approach would be to update the config file with another jenkins step or within the deploy step.
Now if you cannot automate this part, but we still want to be in an ideal world, a good practice is to deploy your artifact not to production but to a binary repository (Nexus or Artifactory) first. Then you could tell admins that the artifact is ready to be deployed.
The actual message you could send to admins could be an email or a slack with a template message that tells them that a new artifact is available and recall them how deployment must be proceed
https://wiki.jenkins.io/display/JENKINS/Email-ext+plugin
https://wiki.jenkins.io/display/JENKINS/Slack+Plugin
I'm little confused about Jenkins and was hoping someone could clarify some matter for me.
After reading up on Jenkins, both from official docs and various tutorials I get this:
If I wanna set up auto deplyoment or anything Jenkins related, I could just install docker jenkins image, launch it and access it via localhost. That is clear to me.
Then, I just put Jenkinsfile into my repository, so that it knows what and how to build my repo and stuff.
The questions that I have are:
It seems to me that Jenkins needs to be running all the time, so that it can watch for all the repo changes and trigger code building, testing and deploying. If that is the case, I'd have to install Jenkins on my droplet server. But how do I then access my dashboard, if all I have is ssh access?
If Jenkins doesn't need to be up and running 24/7, then how does it watch for any changes?
I'll try to deploy my backend and front apps on docker-compose file on my server. I'm not sure where does Jenkins integrates in all that.
How Jenkins can watch for all the repository changes and trigger code building, testing and deploying?
If Jenkins doesn't need to be up and running 24/7, then how does it watch for any changes?
Jenkins and other automation servers offer two options to watch source code changes:
Poll SCM: Download and compare source code at predefined intervals.This is simple but, hardware consumption is elevated and is a little outdated
Webhooks: Optimal functionality offered by github, bitbucket, gitlab, etc. in which Github, for example, at any git event, makes an http request to your automation server, sending all the information like branch name, commit author, etc). Here more info about webhooks and jenkins.
If you don't want a 24/7 dedicated server, you can use:
Some serverless platform or just a simple application able to receive http posts + webhook strategy. For instance, Github will perform a post requet to your app/servlerless and at this point, just execute your build, test or any other commands to deploy your application.
https://buddy.works/. It is like a mini-jenkins.
If I'd have to install Jenkins on my droplet server. But how do I then access my dashboard, if all I have is ssh access?
Yes. Jenkins is an automation server, so it needs its own dedicated server.
You can install jenkins manually or use docker in your droplet. Configure 8080 port for your jenkins. If everyting is ok, just access to your droplet public ip offered by digitalocean, like: http://197.154.458.456:8080. This url must load the Jenkins dashboard.
I've just setup Jenkins and i have some Repositories in my Stash.
I installed the "Git plugin" in jenkins.
I can now enter the repository url but there is nothing to enter my credentials.
It's possible using
http://username:password#mydomain/xx/yy.git
but that is something i dont want to do.
What else can i do to authenticate?
I am the author of this stash plugin that might help you: https://github.com/palantir/stashbot
Taking selectively from the readme:
To work with Jenkins, you MUST install the following jenkins plugins first.
Jenkins GIT plugin
Post build task
Next, build and install the plugin using the plugin SDK (more details in the readme)
Next, the stash admin goes into the Stashbot Admin page and creates a jenkins server config - here you give it the URL, username/password, etc details of the jenkins server.
Next, for each repository a "Stashbot CI Admin" link shows up for repo admins. From there you can check the "enabled" checkbox and tell it what branches you want build (via a regex) and what command it should run to do the build (optionally verifies and publishes).
After this point, the remainder is completely self-service. Any repo admin can ask for their project to "have CI" by filling out that form, and the jobs will automatically be created in the jenkins server.
Hope that helps.
Set up an SSH key for the user that runs your Jenkins builds and add it to the repository's SSH keys in Stash. See the Stash docs for instructions.
Two things to add to Gareth's answer.
While I agree that using SSH keys are definitely better than hard-coding the username/password, it's worth mentioning that Stash (currently) scales better with HTTP when it comes to CI. If you have quite a few builds we generally recommend using HTTP. We are currently extending our Git cache support to support SSH so this no longer an issue.
Somewhat related, you might be interested in watching and voting for the following feature which will make it easier to create CI specific keys.
Lastly having build icons show up in Stash is surprisingly handy, and you should have a look at the following plugin if you haven't already:
https://github.com/jenkinsci/stashNotifier-plugin
Since version 2.0 of "Git Plugin" for jenkins you should be able to directly add the required credentials for both ssh and username/password (based on credentials plugin).
See changelog of Git plugin: https://wiki.jenkins-ci.org/display/JENKINS/Git+Plugin#GitPlugin-Changelog for details.
For further integration of git and stash regarding pull requests you additionally need the "Stash Webhook for jenkins" add-on in stash and the "Stash Notifier" plugin for jenkins to connect each other.
We're trying to setup Jenkins, but we are having a couple issues.
We have a "Jenkins Server" (Master) and have connected it to Fisheye. Jenkins is able to get the Git repo and run the tests.
Is there some kind of built in process for Jenkins to give it capabilites to SSH into a server and run commands like "git pull origin master" ?
Yes there is ssh capabilities in Jenkins. You can add a build step for either running SSH or sending files over SSH (you have to define target server in config). Theres also a post build plugin for sending artifacts over ssh which can be used to also execute remote commands.
I'd recommend a book by John Smart which covers Jenkins setup. Its at http://www.wakaleo.com/books/jenkins-the-definitive-guide
I think you want the SSH Plugin for Jenkins. This will let you define SSH servers in your global configuration, and then define commands to be run before and after the build.