Im trying to build a Jenkins pipeline which enforces gitflow.
My requirements are that when there is a merge from the release branch (e.g. release/v1.0.0) to master i will use the same docker image that was created during the last commit on the release branch, before the merge commit (in other words, use latest image that was approved in staging).
I'm trying to figure out how to access the GitHub PullRequestEvent event payload in my groovy jenkins pipeline, so i can see if the source branch is a release branch and tag the container with the release version tag. Then I'll use them in my pipeline.
Related
Currently i'm using in my jenkins pipeline the List Git Branches system, and its working very well, when i'm gonna build the pipeline, i choose the branch that is automatic pulled from git repository that i specify in the pipeline configs. But i have a problem, i need to make a new pipeline model that the user gonna choose the git repository link with a jenkins choise parameter before the build starts and when the build starts, the branchs gonna be pulled and displayed to choise, so well, i'm needing a way to pause the pipeline build to user choise the especified branch and after that the proccess continues normally.
I am using GitHub pull request builder to trigger pipeline builds from GitHub webhooks when developers make a PR.
To make sure I pull the pipeline script related to the PR I am using Pipeline script from SCM and specifying ${sha1} as the branch specifier. The issue is that when I trigger the build manually, Jenkins is trying to pull a ${sha1} branch (since the env variable doesn't exist).
Is there a way to default to master when triggering the build manually?
I am currently using Cloudbees Jenkins Coreas my Jenkins solution.
I am using Jenkins Pipelines to write our Jenkins job configuration. These pipelines are stored in GitHub repositories. Each Jenkins job when created is connected to a GitHub Repository where the source code is pulled from, and that's where the Jenkinsfile is stored and Jenkins reads from.
Below are some high-level photos for how our Jenkins jobs are configured.
The advantage of the way these jobs are configured is the Jenkinsfile is always read from the master branch. Meaning if a rouge developer tries to remove stages from the Jenkinsfile from within there own branch, it doesn't matter because the Jenkinsfile is always read from the master branch (which is always protected).
However, the one massive drawback to this - is how do teams and developers who are devops engineerings make changes to the Jenkinsfile? For example, let's say a developer creates a branch called feature-jenkins-search and they edit the Jenkinsfile adding a new stage in the pipeline. Whenever they push these changes to GitHub to test - they can't test as it's always read from the master branch? Meaning devops engineerings have to work directly on the master branch? Surely this is not the best way to go and there is a better configuration to set?
We do want to still provide the security that if a developer is rougue and
You should really look into the Jenkins multi-branch pipeline feature. The Jenkins multi-branch pipeline allows to create a single configuration item in Jenkins (a bit like a folder) that can detect all the branches and pull requests in a GitHub repository with a Jenkinsfile and build them using automatically created jobs. Inside this multi-branch pipeline object when it is configured in Jenkins, you will find a number of jobs to build the various branches and pull-requests in the GitHub repository.
So your developers should maintain a Jenkinsfile in every branch they work on in GitHub to build that branch in your Jenkins server.
It is possible to make the Jenkinsfile do branch specific handling if required with conditional stages / when conditions in the Jenkinsfile pipelines in each branch.
You can lock down the master branch so that code and Jenkinsfile changes from other branches can only be merged with an approved PR (pull request). There is good integration between Jenkins and GitHub such that you can configure the master branch to only allow a PR to be merged if the PR is buildable in Jenkins. So if developers add new stages / processing to a Jenkinsfile on a branch being merged to master, it should be validated so that builds of your master branch are not broken.
There is a lot of configurability in the Jenkins multi-branch pipeline object for detection and handling of branches and it may be necessary to experiment to get it right for what you need with your team. If you cannot find this feature in Jenkins, it is probably because the correct Jenkins pipeline and GitHub related plugins are not installed.
You could also have a look at a similar Jenkins feature called the Jenkins GitHub Organization Folder which allows to detect and build all repos and branches at a GitHub Organization level. But when starting out, I would suggest to look into the multi-branch pipeline at the single repo level first.
These features are discussed in the Jenkins pipeline documentation. We use these features with our internal GitHub and Jenkins server and it works very well.
I think you will find the idea of using a single Jenkinsfile in the master branch to be used for building all branches is unworkable, as you have seen!
I have added the GitLab plugin to jenkins and set a webhook so GitLab triggers a Jenkins build. Jenkins pulls the revision and merges it locally with the target branch. Afterwards it builds the merged code. So far everything is fine.
Now I want Sonarqube to analyse the merged code and add comments to the GitLab merge request (using the Sonarqube GitLab plugin). For this I would need the remote commit SHA from Jenkins to be passed into Sonarqube as sonar.gitlab.commit_sha
However in Jenkins in this case the variable $GIT_COMMIT refers to the locally created merge commit - which of course cannot be found in GitLab and therefore no comment can be added.
Is there any solution to this? Am I on the wrong track doing it this way and should I just provide the sonarqube comments for pushes to the feature branches (before the merge request)?
Thanks for any input.
I've setup the Jenkins for the rails3 app to build the specs.
One can find many posts via google on how to setup the build trigger on the github push.
But what I want is to build the new remote branch pushed to Github.
e.g.
I've a repo origin/master. I cloned the repo, created a new branch, did some commits and pushed that branch to origin git push -u origin new_branch
Now I want the Jenkins to build this newly pushed branch on the origin.
If the build is successful, then Jenkins should merge it into origin/master automatically.
The Jenkins plugin has github, git plugin. But it requires to put the branch name. Instead I want to build the new_branch dynamically.
How can I setup such process?
If I remember correctly branch name is not a required entry. You need to test it, but I think if you do not fill it, Jenkins tests all new commit in the repo regardless which branch is affected.
But I recommend you do not merge automatically. You do not want that, trust me. :-)
It seems can not do that with only github and gitgub parameter plugin. If you specify branch_regex*** in Branch to build, Jenkins always build the latest commit in the bunch of branches that it saw. Must specify a branch in order Jenkins to build on the latest commit in that branch. I also see some answer with Multi Branch Pipeline but not sure how to deploy that way. There is no specific instruction at all.