I am trying to create a process that blocks a github PR from being approved and merged to the main branch until a Jenkins pipeline can confirm that a terraform plan (or whatever checks need to happen for that repo) are successful.
There are two restrictions with though
we're not allowed to install plugins that aren't approved by the company, and that's just too much hassle!
the Jenkins instance is internal so I can't use a webhook
I'm trying to use a multibranch pipeline to execute when a PR is raised but I can't see how to approve the PR once the check is complete, perhaps this isn't the best way to go?
I'd appreciate any help/pointers on this
Thanks
Related
We are using Bitbucket cloud to host our repos and Jenkins for CI/CD.
I have setup a multibranch pipeline which has develop and release branches. I want to trigger develop branch whenever a PR is merged from the feature branches to develop a branch (In fact on any manual webhook edit).
Below are the cases I tried:
Setup Manage hook in Jenkin:
This creates a webhook in bitbucket and when PR is merged, build is triggered.
But when I disable the Repository Push option in the webhook, the build is not triggering on PR merge.
Setup the webhook manually:
In this case, the Jenkins logs show the branch name as PR-XY since not triggering the develop branch.
I have set up a regex to filter branches (only develop and release are allowed) and when I add regex like PR(.*) then build gets triggers from the PR section (not desired case).
I want the build to be triggered from the develop branch, not as the PR branch. I have followed most of the options available in the forums but it's not working. Any help regarding this will be appreciated.
I faced the same issue, it's look like most of jenkins plugins like bitbucket plugin does not trigger the pipeline on merge only. even though i set the bitbucket trigger options like this:
unless you add a check mark next to push option.
to solve this i used another Jenkins plugin called Bitbucket Push and Pull Request
just make sure to uninstall Bitbucket plugin if you have it.
so you can use this one as they mentioned in there docs.
and follow the setup instructions.
note: i only test it with normal pipeline job
we need to trigger the jenkins job in multibranch Pipeline (Jenkinsfile)
below points:
my multibranch detects 5 branches like 1,2,3,4,5 and master.(GITHUB)
Condition:
Raise a PR for branch 1 and request for review, once review completed by approved, then build should be triggered.
After approved the review, merge the branch1 in master then build should be triggered.
You could consider a GitHub Action, which would, when your criteria are matched, run a Jenkins job, using appleboy/jenkins-action.
But that supposes your Jenkins can be seen by GitHub, which, for github.com, means your Jenkins is rechable through internet.
Not a good idea (for security reasons).
That approach is however more sensible if by "GitHub" you mean an on-premise GHE (GitHub for Enterprise).
If this is about github.com, then you need a GitHub Jenkins plugin, but it only deals with post-receive hook and also needs a public URL to contact your Jenkins.
You would need to develop a script to query GitHub event and check your PR review is in the required state: jenkinsci/pipeline-github-plugin could help.
I think I'm missing something quite simple here so I thought I would ask.
I have a development branch that developers raise PR's against, when this occurs I would like my Jenkins pipeline to automatically trigger.
Then once a merge happens and a push goes to the development branch, I want to do some extra steps which I have configured in the pipeline successfully.
The problem is how do I get Jenkins to automatically checkout and build branches that have a PR raised against development?
Currently I'm using GitHub hook trigger for GITScm polling and I can see the triggers in github being fired but it just constantly rebuilds the master branch instead of the branch that the PR is being raised on.
We are using github-branch-source and this automatically builds PRs.
There is a nice documentation: cloudbees docu
we have a need to set up a jenkins declarative pipeline to manage automated builds/deployments for terraform based project repos in GitHub. Basically what we need here is that for any terraform project repo in GitHub, when a pull request is submitted from a feature branch to some base branch like master, then the single multibranch-pipeline job for that repo runs a build against that feature branch and then for the command where it does a terraform commnand like the below :-
terraform plan -out=tfplan -input=false
it then posts that output to the corresponding github PR under the comment section (not as issue comment but just the PR comment), so that the reviewer can review the plan output and approve/reject the PR or add further comments on what needs to be modified in the source code. If its approved then there will be a separate job off that base branch to just do the terraform apply which we have already configured.
So the short of it is that regardless of terraform being the case here all we are looking here is how to add something back to GitHub PR as comment as part of jenkins build. I did install GitHub pull request builder plugin and could post comment on the issues, but not sure how to do that for the actual PR. I would like to have that coded in my declarative pipeline, so very much looking to your help/suggestions on that.
Just not sure how to grab the PR id each time any feature build is run or probably have a way where the build triggers on the branch only when there is a PR from that branch as source branch. Any help or suggestions here will be greatly appreciated as always.
i was able to figure this out by following the below post :- Create comment on pull request. I think i wasn't quite understanding that github treats every PR as an issue while not vice-versa, and so what you could achieve by doing a POST /repos/:owner/:repo/issues/:number/comments, is exactly what i was looking here.
I need simple thing:
Download Jenkinsfile from some repository. This is done on Jenkins project configuration GUI.
After downloading Jenkinsfile and starting the job, I need to get access to url from which the Jenkinsfile "I am in" was downloaded.
Checkout master branch (on multiple parallel nodes) using the url descirbed in point 2.
I am stacked on point number 2. Is it possible to access the url for repository from which the Jenkinsfile was downloaded? I don't want to hardcode it in Jenkinsfile.
That's really interesting case!
I have assumption that you are using git for checkout Jenkinsfile. So here is code for you:
println Hudson.instance.getItem(env.JOB_NAME).definition.scm.userRemoteConfigs[0].url
Jenkins will complain about security so you must approve signatures in Manage Jenkins -> In-process Script Approval
I am using scm.userRemoteConfigs[0].url, but I am not sure whether you need an actual checkout scm step for the object to be present. The Script Approval is also necessary.
I would like to post this as a comment to the accepted answer but my reputation is too low :(