I have a public git repository that has a Jenkinsfile. The Jenkinsfile needs to be able to build three environments: dev, staging and production.
There's a set of variables that need to be set for each environment - some of these are sensitive and I wouldn't want to put them in the public repo. Some examples:
S3_BUCKET_URL
API_ENDPOINT
API_USERNAME
API_PASSWORD
etc.
In an ideal world I'd like a build parameter, e.g. BUILD_ENV that has the options: 'dev', 'staging' and 'prod' and some logic that sets the relevant vars dependent on env selection.
I've looked at the credentials pluglins, but they don't handle multiple envs and the UI seems awkward. Plus the env vars are accessible centrally, whereas we need them to be directly tied to the build job.
I've also looked at the env inject plugin, which works for setting properties, but there doesn't appear to be a way to make it vary those properties based on a chosen build parameter.
Is there a way to achieve this with the build pipeline? Surely there must be a plugin that already provides this capability?
Related
I want to use a variable with multiple values for different environments(Test, prod & QA). For example i have a variable DB_Name with values DB_Test, DB_Prod and DB_QA in jenkins UI with another variable of scope which has value Test,QA and Prod so when i build pipeline with Test so jenkins should pick up all the variable of scope=Test and replace them in a json file in jenkins (As shown in picture). This functionality is available in octopus deploy but i want to do it in jenkins.
You may want to have a look at parametrized configuration in Jenkins job...
So i have a Python script which does grant access (whitelist) users in websphere.
I have integrated this with Jenkins and a properties file in GIT that has list of users.
When I execute the jenkins job which runs on a slave machine as restricted in the setup.
What i now need to do is to differentiate the deployment env from non-prod and prod.
whitelists / passwords for prod Systems should not be stored as part of the repo but somewhere else on the target machine / prod System or even as a manual input to the target location if you do not deploy that frequently.
This being said, you can use conditional pipeline steps. The block after the when keyword will be executed only if the expression evaluates to true: Examples: env.TARGET_SYSTEM = 'prod' or GIT_BRANCH.startsWith("PROD")
You can have a block for non-prod systems where you copy the whitelist file to the apps target dir, and an other one for prod ones where you just check for the existence of the file (if it does not exist you can request a manual interaction and send out an email to copy the file here and there)
In case for you it is totally fine to have production data as part of the repo then simply use good old filename convention:
sh "cp whitelist.${params.TARGET_SYSTEM}.properties /my/target/dir"
where filenames are like: whitelist.non-prod.properties and whitelist.prod.properties . TARGET_SYSTEM is a parameter of the job
Is there any environment variable available for getting the Jenkins Pipeline Title?
I know we can use $JOB_NAME to get title for a freestyle job,
but is there anything that can be used for getting Pipeline name?
You can access the same environment variables from groovy using the same names (e.g. JOB_NAME or env.JOB_NAME).
From the documentation:
Environment variables are accessible from Groovy code as env.VARNAME or simply as VARNAME. You can write to such properties as well (only using the env. prefix):
env.MYTOOL_VERSION = '1.33'
node {
sh '/usr/local/mytool-$MYTOOL_VERSION/bin/start'
}
These definitions will also be available via the REST API during the build or after its completion, and from upstream Pipeline builds using the build step.
For the rest of the documentation, click the "Pipeline Syntax" link from any Pipeline job
To avoid problems of side effects after changing env, especially using multiple nodes, it is better to set a temporary context.
One safe way to alter the environment is:
withEnv(['MYTOOL_HOME=/usr/local/mytool']) {
sh '$MYTOOL_HOME/bin/start'
}
This approach does not poison the env after the command execution.
I'm using jenkins 1.651. We have a Job which contains a shell. The shell contains:
echo ${VAR}
We are using the EnvInject plugin to define the content of our environment variable:
VAR=10
But sometimes we want to use another value for our env var:
VAR=20
Our env var must ben 10 in 50% of the cases, and 20 in the other 50%.
Is there a way or plugin which can help us to define easily how we want to run our job? With VAR=10 or VAR=20?
We don't want to put VAR=10 in comment, every time we want to run VAR=20 and vice versa. So preferably a way which works withouth going inside our job configuration.
See Use Jenkins > Parameterized Build:
The parameter are available as environment parameters. So e.g. a shell ($FOO, %FOO%) or Ant ( ${env.FOO} ) can access these values.
or the more sophisticated Extensible Choice Parameter plugin and Active Choices Plugin.
Say I've got dev, qa, and stable server environments for some web app, with corresponding git branches. Each environment should be continuously integrated. Each of these environments has a separate username/password pair used to publish the app. I would like to make a Jenkins multiconfiguration (matrix) job to publish to all of these environments. The publishing almost certainly must be done with a shell script.
My failed attempt consisted of using the Jenkins Credentials and Credentials Binding plugins. Credentials Binding provides a way to inject credentials as environment variables using a parameter. However, setting this parameter dynamically (i.e., something like if ENV == dev: CREDS = CREDS_dev) doesn't appear to be possible. Build scripts happen afterwards, and even using the Environment Script plugin doesn't work.
Is there any way for this to happen?
Had similar situation and used groovy script with parameterized build (https://wiki.jenkins-ci.org/display/JENKINS/EnvInject+Plugin). In my case I had a choice parameter defined as "DEPLOY" and had different values, like "Test", "Release", then in the following groovy script (Evaluated Groovy script):
if ("Test".equals(DEPLOY)) {def map = [DEPLOY_URL: "http://someurl", DEPLOY_STORAGE: "testaccount"]; return map }
You should be able to specify your credentials in here or copy env variables. After that you can access these variables in windows batch command using:
echo %DEPLOY_URL%
echo %DEPLOY_STORAGE%
I also had another choice parameter defined "Deploy.Branch", with values of "dev" and "master". And used it as a parameter to Branches to Build, the value was set to (if you want to dynamically specify branch based on parameters):
*/${Deploy.Branch}
Hope this helps.
Here's what I ended up doing. It's kind of a workaround for what I would argue is a flawed design or missing use case in Jenkins.
Redid my creds so they have standard IDs (this is in the Advanced part and you can't set it after creation)
Matrix job runs a trivial script to figure out what env maps to what creds ID, then triggers...
The main job that does the deployment