nicolas
/
OpenShift-Demo-NodeJS
mirror of https://github.com/nmasse-itix/OpenShift-Demo-NodeJS.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge pull request #2 from nmasse-itix/npm2fa 

Update the demo to work with new the new 2FA of NPM registries
master
Nicolas Massé 8 years ago
committed by GitHub
parent
b321b9453c 5eaf1fbe6f
commit
5d91c7e0b6
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 45 additions and 62 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 41
      Jenkinsfile
  2. 43
      doc/CONFIGURE_JENKINS.md
  3. 7
      doc/INSTALL.md
  4. 16
      setup/all-in-one-template.yaml

41
Jenkinsfile
View File

@ -5,9 +5,8 @@
* - Credentials Binding (https://plugins.jenkins.io/credentials-binding)
*
* This pipeline accepts the following parameters :
* - NPM_CREDENTIALS_ID: The Jenkins Credentials ID that holds login and password to login on NPM Registry
* - NPM_EMAIL: The email address associated with the NPM Account pointed by NPM_CREDENTIALS_ID
* - NPM_REGISTRY: Private NPM registry to log in to (Default if not provided: https://registry.npmjs.org)
* - NPM_CREDENTIALS_ID: The Jenkins Credentials ID that holds the NPM token to login on NPM Registry
* - NPM_TAG: The tag to use to publish the package to the NPM registry (defaults to 'latest')
* - OPENSHIFT_IMAGE_STREAM: The ImageStream name to use to tag the built images
* - OPENSHIFT_BUILD_CONFIG: The BuildConfig name to use
* - OPENSHIFT_SERVICE: The Service object to update (either green or blue)
@ -33,32 +32,28 @@ node('nodejs') {
def newVersion = "$currentVersion-$BUILD_NUMBER"
def packageName = thisPackage.name
def packageSpec = "$packageName@$newVersion"
// You will need the "credential binding" plugin. See here how to install it :
// https://support.cloudbees.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: params.NPM_CREDENTIALS_ID,
usernameVariable: 'NPM_USER', passwordVariable: 'NPM_PASS']]) {
stage("Login to NPM") {
echo "Using NPM CredentialsID = '${params.NPM_CREDENTIALS_ID}'"
echo "About to login on NPM with ${env.NPM_USER}/${params.NPM_EMAIL}"
sh '''
set +x
npm install -g npm-cli-login publish
npm-cli-login
'''
}
}
def packageTag = (params.NPM_TAG != null && params.NPM_TAG != "") ? params.NPM_TAG : 'latest'
// Run the unit tests
stage('Unit Tests') {
sh "npm test"
}
// Package the app and publish it to NPM
stage('Package and Publish to NPM') {
echo "Will publish version $newVersion to NPM"
sh "npm version --no-git-tag-version $newVersion"
sh "publish"
// You will need the "credential binding" plugin. See here how to install it :
// https://support.cloudbees.com/hc/en-us/articles/203802500-Injecting-Secrets-into-Jenkins-Build-Jobs
withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: params.NPM_CREDENTIALS_ID,
usernameVariable: 'DUMMY', passwordVariable: 'NPM_TOKEN']]) {
// Package the app and publish it to NPM
stage('Package and Publish to NPM') {
echo "Using NPM CredentialsID = '${params.NPM_CREDENTIALS_ID}'"
// Store the NPM Token in the config file
sh "npm config set //registry.npmjs.org/:_authToken ${NPM_TOKEN}"
echo "Will publish version $newVersion to NPM (tagged as 'latest')"
sh "npm --no-git-tag-version version ${newVersion}"
sh "npm publish --tag ${packageTag}"
}
}
// Build the OpenShift Image in OpenShift using the artifacts from NPM

43
doc/CONFIGURE_JENKINS.md
View File

@ -1,12 +1,28 @@
# Configure Jenkins
## Login to NPM and generate a token
Log in the NPM registry with:
```
npm login
```
And create a new read/write token:
```
npm token create
```
Keep the generated token in a safe place !
See [the NPM documentation](https://docs.npmjs.com/getting-started/working_with_tokens) for more information.
## Create a credential named `npm-secret`
Login to Jenkins with your OpenShift credentials and create a Jenkins credential with the following parameters :
- Scope: global
- Kind: Username with password
- Username: \<your NPM username\>
- Password: \<your NPM password\>
- Username: `npm-secret` (or anything else, only the password is used)
- Password: \<the token generated previously\>
- ID: npm-secret
To create a Jenkins Credentials :
@ -37,29 +53,18 @@ Quick reminder to install a plugin :
__Note :__ to update a plugin, select the `Updates` tab instead of the `Available` tab.
## Create/Update the Jenkins Pipeline
## Create the Jenkins Pipeline (Manual Install ONLY)
Depending if you created a JenkinsPipeline BuildConfig, OpenShift may have created
a Jenkins pipeline for you. In such a case, the Jenkins Pipeline is named `<namespace>/<buildconfig-name>`.
So, if you installed the demo :
- manually, you need to create the pipeline from scratch
- automatically with the provided template, you need to update the pipeline to add the following parameters
__Note :__ As of today, OpenShift does not accept build environment variables with Jenkins pipelines.
So you have to update the Jenkins pipeline created by OpenShift to add those variable.
In the next version this may change as there is a pull request for this feature
(see [\#11293](https://github.com/openshift/origin/issues/11293)
and [\#12323](https://github.com/openshift/origin/pull/12323)).
a Jenkins pipeline for you. In such a case, the Jenkins Pipeline is named `<namespace>/<buildconfig-name>`
and you have nothing more to do.
So, create a Jenkins Pipeline that accepts the following parameters or update
the existing Jenkins Pipeline so that it accepts the following parameters :
Whereas if you installed the demo manually, you need to create the pipeline from scratch.
If this is the case, create a Jenkins Pipeline that accepts the following parameters :
| Parameter Name | Parameter Type | Default Value | Description |
| --- | --- | --- | --- |
| NPM_CREDENTIALS_ID | String | npm-secret | The Jenkins Credentials ID that holds login and password to login on NPM Registry |
| NPM_EMAIL | String | \<your NPM email\> | The email address associated with the NPM Account pointed by NPM_CREDENTIALS_ID |
| NPM_REGISTRY | String | https://registry.npmjs.org | Private NPM registry to log in to (Default if not provided: https://registry.npmjs.org) |
| NPM_CREDENTIALS_ID | String | npm-secret | The Jenkins Credentials ID that holds the token to login on NPM Registry |
| OPENSHIFT_IMAGE_STREAM | String | openshift-demo-nodejs | The ImageStream name to use to tag the built images |
| OPENSHIFT_BUILD_CONFIG | String | openshift-demo-nodejs | The BuildConfig name to use |
| OPENSHIFT_SERVICE | String | openshift-demo-nodejs | The Service object to update (either green or blue) |

7
doc/INSTALL.md
View File

@ -26,7 +26,7 @@ my other project : the [OpenShift-Hostpath-Provisioner](https://github.com/nmass
Create all other objects using the template :
```
oc process -f setup/all-in-one-template.yaml TEST_ROUTE_HOSTNAME=demo.test.app.openshift.test PROD_ROUTE_HOSTNAME=demo.prod.app.openshift.test NPM_EMAIL=your@npm.email > objects.json
oc process -f setup/all-in-one-template.yaml TEST_ROUTE_HOSTNAME=demo.test.app.openshift.test PROD_ROUTE_HOSTNAME=demo.prod.app.openshift.test > objects.json
oc create -f objects.json
```
@ -36,7 +36,6 @@ __Notes :__
- Replace the `demo.test.app.openshift.test` and `demo.prod.app.openshift.test`
by meaningful values for your environment. It will be your routes in
TEST and PROD environments.
- Replace `your@npm.email` by the email address associated with your NPM Account.
All parameters are documented here :
@ -44,9 +43,7 @@ All parameters are documented here :
| --- | --- | --- | --- |
| TEST_ROUTE_HOSTNAME | Yes | - | The route to create in the TEST environment and which we will use to run the integration tests |
| PROD_ROUTE_HOSTNAME | Yes | - | The route to create in the PROD environment |
| NPM_EMAIL | Yes | - | Email address of your NPM Account |
| NPM_CREDENTIALS_ID | No | npm-secret | The Jenkins Credentials ID that holds login and password to login on NPM Registry |
| NPM_REGISTRY | No | https://registry.npmjs.org | Private NPM registry to log in to |
| NPM_CREDENTIALS_ID | No | npm-secret | The Jenkins Credentials ID that holds the token to login on NPM Registry |
| GIT_REPO | No | https://github.com/nmasse-itix/OpenShift-Demo-NodeJS.git | The GIT repository to use. This will be useful if you clone this repo. |
| NODEJS_IMAGE_STREAM_TAG | No | nodejs:latest | Name of the ImageStreamTag to be used for the NodeJS image. Change this if you plan to use your own NodeJS S2I image. |
| NODEJS_IMAGE_STREAM_NAMESPACE | No | openshift | The OpenShift Namespace where the NodeJS ImageStream resides. |

16
setup/all-in-one-template.yaml
View File

@ -108,10 +108,6 @@ objects:
env:
- name: NPM_CREDENTIALS_ID
value: ${NPM_CREDENTIALS_ID}
- name: NPM_EMAIL
value: ${NPM_EMAIL}
- name: NPM_REGISTRY
value: ${NPM_REGISTRY}
- name: OPENSHIFT_IMAGE_STREAM
value: openshift-demo-nodejs
- name: OPENSHIFT_BUILD_CONFIG
@ -507,21 +503,11 @@ parameters:
name: NODEJS_IMAGE_STREAM_TAG
value: nodejs:latest
- description: The Jenkins Credentials ID that holds login and password to login on NPM Registry
- description: The Jenkins Credentials ID that holds the token to login on NPM Registry
displayName: Jenkins Credentials ID for NPM Registry
name: NPM_CREDENTIALS_ID
value: npm-secret
- description: The email address associated with the NPM Account pointed by NPM_CREDENTIALS_ID
displayName: Email address of your NPM Account
name: NPM_EMAIL
required: true
- description: Private NPM registry to log in to
displayName: NPM Registry URL
name: NPM_REGISTRY
value: https://registry.npmjs.org
- description: The route to create in the TEST environment and which we will use to run the integration tests
displayName: Application Hostname in the TEST environment
name: TEST_ROUTE_HOSTNAME

Write Preview
Loading…
Cancel
Save