6 changed files with 277 additions and 98 deletions
@ -1,96 +0,0 @@ |
|||
# Using this Ansible role from Jenkins |
|||
|
|||
To use this role from Jenkins, you will need to: |
|||
|
|||
- Create a custom Jenkins Slave image |
|||
- Register this image in the Jenkins configuration |
|||
- Install the Ansible Jenkins plugin |
|||
- Commit your inventory and playbooks in a GIT repository |
|||
- Create an Ansible Vault to store your 3scale Access Token and OIDC issuer endpoint |
|||
- Create a Jenkins pipeline |
|||
|
|||
## Create a custom Jenkins Slave image |
|||
|
|||
First, create a Dockerfile containing: |
|||
|
|||
```dockerfile |
|||
FROM openshift3/jenkins-slave-base-rhel7:v3.11 |
|||
|
|||
MAINTAINER Nicolas Masse <nmasse@redhat.com> |
|||
|
|||
# Labels consumed by Red Hat build service |
|||
LABEL name="openshift3/jenkins-agent-ansible-26-rhel7" \ |
|||
version="3.11" \ |
|||
architecture="x86_64" \ |
|||
io.k8s.display-name="Jenkins Agent Ansible" \ |
|||
io.k8s.description="The jenkins agent ansible image has the Ansible engine on top of the jenkins slave base image." \ |
|||
io.openshift.tags="openshift,jenkins,agent,ansible" |
|||
|
|||
USER root |
|||
RUN yum install -y --enablerepo=rhel-7-server-ansible-2.6-rpms ansible && \ |
|||
yum install -y --enablerepo=rhel-server-rhscl-7-rpms python27-python-pip && \ |
|||
scl enable python27 "pip install --install-option='--install-purelib=/usr/lib/python2.7/site-packages/' jinja2" && \ |
|||
yum clean all && \ |
|||
rm -rf /var/cache/yum && \ |
|||
chown -R 1001:0 $HOME && \ |
|||
chmod -R g+rw $HOME |
|||
|
|||
USER 1001 |
|||
``` |
|||
|
|||
Create an OpenShift project to hold the image and BuildConfig we will create: |
|||
|
|||
```sh |
|||
oc new-project jenkins-ansible |
|||
``` |
|||
|
|||
Then, import the Jenkins base image in the current project: |
|||
|
|||
```sh |
|||
oc import-image jenkins-slave-base-rhel7:v3.11 --from=registry.access.redhat.com/openshift3/jenkins-slave-base-rhel7:v3.11 --scheduled --confirm |
|||
``` |
|||
|
|||
Replace the `v3.11` tag with the OpenShift version you are currently running. |
|||
|
|||
Create a BuildConfig based on this ImageStream and the Dockerfile created before. |
|||
|
|||
```sh |
|||
oc new-build -D - --name=jenkins-agent-ansible-26-rhel7 --image-stream=jenkins-slave-base-rhel7:v3.11 --to=jenkins-agent-ansible-26-rhel7:latest < Dockerfile |
|||
``` |
|||
|
|||
Wait for the BuildConfig to complete and tag the new image in the `openshift` namespace: |
|||
|
|||
```sh |
|||
oc tag jenkins-agent-ansible-26-rhel7:latest openshift/jenkins-agent-ansible-26-rhel7:latest |
|||
``` |
|||
|
|||
## Register the image in the Jenkins configuration |
|||
|
|||
- Connect to your Jenkins instance |
|||
- Click **Manage Jenkins** > **Configure System** |
|||
- Scroll down to the **Cloud** section |
|||
- Scroll down and click **Add Pod Template** and select **Kubernetes Pod Template** |
|||
- Fill in the Kubernetes Pod Template with the following information: |
|||
- **Name**: `ansible` |
|||
- **Labels**: `ansible` |
|||
- **Timeout in seconds for Jenkins connection**: `100` |
|||
- Click **Add Container** and select **Container Template** |
|||
- Fill in the Container Template with the following information: |
|||
- **Name**: `jnlp` |
|||
- **Docker image**: `docker-registry.default.svc:5000/openshift/jenkins-agent-ansible-26-rhel7:latest` |
|||
- **Always pull image**: *checked* |
|||
- **Working directory**: `/tmp` |
|||
- **Command to run**: *empty* |
|||
- **Arguments to pass to the command**: `${computer.jnlpmac} ${computer.name}` |
|||
- **Allocate pseudo-TTY**: *unchecked* |
|||
- Scroll down and click **Save** |
|||
|
|||
## Install the Ansible Jenkins plugin |
|||
|
|||
- Connect to your Jenkins instance |
|||
- Click **Manage Jenkins** > **Manage Plugins** |
|||
- Go to the **Available** tab |
|||
- In the **Filter** text field, type `Ansible` |
|||
- In the list, find the **Ansible plugin** and check its box in the **Enabled** column |
|||
- Click **Install without restart** |
|||
|
|||
@ -0,0 +1,47 @@ |
|||
# Using this Ansible role from Jenkins |
|||
|
|||
To use this role from Jenkins, you will need to: |
|||
|
|||
- Create the Jenkins Slave image for Ansible |
|||
- Install the Ansible Jenkins plugin |
|||
- Create the pipeline that calls Ansible |
|||
|
|||
## Create the Jenkins Slave image for Ansible |
|||
|
|||
You can create the Jenkins Slave image for Ansible by executing the following command **in the same project as your Jenkins master**: |
|||
|
|||
```sh |
|||
oc create -f https://raw.githubusercontent.com/nmasse-itix/threescale-cicd/master/support/jenkins/jenkins-slave-template-centos.yaml |
|||
oc new-app --template=jenkins-slave-template |
|||
``` |
|||
|
|||
Alternatively, if you are a Red Hat customer, you can build your images based on RHEL with the following commands: |
|||
|
|||
```sh |
|||
oc create -f https://raw.githubusercontent.com/nmasse-itix/threescale-cicd/master/support/jenkins/jenkins-slave-template-rhel.yaml |
|||
oc new-app --template=jenkins-slave-template |
|||
``` |
|||
|
|||
Wait for the build to finish: |
|||
|
|||
```sh |
|||
oc logs -f bc/jenkins-ansible-slave |
|||
``` |
|||
|
|||
## Install the Ansible Jenkins plugin |
|||
|
|||
- Connect to your Jenkins instance |
|||
- Click **Manage Jenkins** > **Manage Plugins** |
|||
- Go to the **Available** tab |
|||
- In the **Filter** text field, type `Ansible` |
|||
- In the list, find the **Ansible plugin** and check its box in the **Enabled** column |
|||
- Click **Install without restart** |
|||
|
|||
## Create the pipeline that calls Ansible |
|||
|
|||
You can create the Jenkins pipeline that calls Ansible with the following command: |
|||
|
|||
```sh |
|||
oc create -f https://raw.githubusercontent.com/nmasse-itix/threescale-cicd/master/support/jenkins/deploy-3scale-api-pipeline.yaml |
|||
oc new-app --template=deploy-3scale-api |
|||
``` |
|||
@ -0,0 +1,44 @@ |
|||
apiVersion: v1 |
|||
kind: Template |
|||
labels: |
|||
template: deploy-3scale-api |
|||
metadata: |
|||
annotations: |
|||
description: |- |
|||
Deploy an API to 3scale |
|||
openshift.io/display-name: Jenkins Pipeline to deploy an API to 3scale |
|||
tags: jenkins |
|||
template.openshift.io/documentation-url: https://github.com/nmasse-itix/threescale-cicd |
|||
template.openshift.io/long-description: Jenkins Pipeline to deploy an API to 3scale |
|||
template.openshift.io/provider-display-name: Nicolas Massé |
|||
template.openshift.io/support-url: https://github.com/nmasse-itix/threescale-cicd/issues |
|||
name: deploy-3scale-api |
|||
parameters: |
|||
objects: |
|||
- kind: "BuildConfig" |
|||
apiVersion: "v1" |
|||
metadata: |
|||
name: "deploy-3scale-api" |
|||
spec: |
|||
source: |
|||
git: |
|||
uri: https://github.com/nmasse-itix/threescale-cicd.git |
|||
strategy: |
|||
type: "JenkinsPipeline" |
|||
jenkinsPipelineStrategy: |
|||
jenkinsfilePath: support/jenkins/Jenkinsfile |
|||
env: |
|||
- name: THREESCALE_CICD_ACCESS_TOKEN |
|||
value: |
|||
- name: THREESCALE_CICD_SSO_ISSUER_ENDPOINT |
|||
value: |
|||
- name: THREESCALE_PORTAL_HOSTNAME |
|||
value: |
|||
- name: GIT_REPOSITORY |
|||
value: |
|||
- name: GIT_BRANCH |
|||
value: |
|||
- name: OPENAPI_FILE |
|||
value: |
|||
- name: THREESCALE_CICD_PRIVATE_BASE_URL |
|||
value: |
|||
@ -0,0 +1,92 @@ |
|||
apiVersion: v1 |
|||
kind: Template |
|||
labels: |
|||
template: jenkins-ansible-slave |
|||
metadata: |
|||
annotations: |
|||
description: |- |
|||
A Jenkins slave that embeds Ansible 2.6 on CentOS |
|||
openshift.io/display-name: Jenkins Slave for Ansible |
|||
tags: jenkins |
|||
template.openshift.io/documentation-url: https://github.com/nmasse-itix/threescale-cicd |
|||
template.openshift.io/long-description: |
|||
template.openshift.io/provider-display-name: Nicolas Massé |
|||
template.openshift.io/support-url: https://github.com/nmasse-itix/threescale-cicd/issues |
|||
name: jenkins-ansible-slave |
|||
parameters: |
|||
- name: OPENSHIFT_VERSION |
|||
value: v3.11 |
|||
required: true |
|||
objects: |
|||
- apiVersion: v1 |
|||
kind: ImageStream |
|||
metadata: |
|||
annotations: |
|||
openshift.io/display-name: Jenkins Slave for Ansible |
|||
name: jenkins-ansible-slave |
|||
spec: |
|||
tags: |
|||
- name: latest |
|||
annotations: |
|||
role: jenkins-slave |
|||
|
|||
- apiVersion: v1 |
|||
kind: ImageStream |
|||
metadata: |
|||
name: jenkins-slave-base |
|||
spec: |
|||
tags: |
|||
- name: ${OPENSHIFT_VERSION} |
|||
referencePolicy: |
|||
type: Local |
|||
from: |
|||
kind: DockerImage |
|||
name: docker.io/openshift/jenkins-slave-base-centos7:${OPENSHIFT_VERSION} |
|||
importPolicy: |
|||
scheduled: true |
|||
|
|||
- apiVersion: v1 |
|||
kind: BuildConfig |
|||
metadata: |
|||
name: jenkins-ansible-slave |
|||
spec: |
|||
output: |
|||
to: |
|||
kind: ImageStreamTag |
|||
name: jenkins-ansible-slave:latest |
|||
runPolicy: Serial |
|||
source: |
|||
dockerfile: |- |
|||
FROM openshift/jenkins-slave-base-centos7:${OPENSHIFT_VERSION} |
|||
|
|||
MAINTAINER Nicolas Masse <nmasse@redhat.com> |
|||
|
|||
# Labels consumed by Red Hat build service |
|||
LABEL name="openshift3/jenkins-agent-ansible-26-centos7" \ |
|||
version="${OPENSHIFT_VERSION}" \ |
|||
architecture="x86_64" \ |
|||
io.k8s.display-name="Jenkins Agent Ansible" \ |
|||
io.k8s.description="The jenkins agent ansible image has the Ansible engine on top of the jenkins slave base image." \ |
|||
io.openshift.tags="openshift,jenkins,agent,ansible" |
|||
|
|||
USER root |
|||
RUN yum install -y ansible && \ |
|||
yum install -y python27-python-pip && \ |
|||
scl enable python27 "pip install --install-option='--install-purelib=/usr/lib/python2.7/site-packages/' jinja2" && \ |
|||
yum clean all && \ |
|||
rm -rf /var/cache/yum && \ |
|||
chown -R 1001:0 $HOME && \ |
|||
chmod -R g+rw $HOME |
|||
|
|||
USER 1001 |
|||
type: Dockerfile |
|||
strategy: |
|||
dockerStrategy: |
|||
from: |
|||
kind: ImageStreamTag |
|||
name: jenkins-slave-base:${OPENSHIFT_VERSION} |
|||
type: Docker |
|||
triggers: |
|||
- type: ConfigChange |
|||
- type: ImageChange |
|||
|
|||
@ -0,0 +1,92 @@ |
|||
apiVersion: v1 |
|||
kind: Template |
|||
labels: |
|||
template: jenkins-ansible-slave |
|||
metadata: |
|||
annotations: |
|||
description: |- |
|||
A Jenkins slave that embeds Ansible 2.6 on RHEL |
|||
openshift.io/display-name: Jenkins Slave for Ansible |
|||
tags: jenkins |
|||
template.openshift.io/documentation-url: https://github.com/nmasse-itix/threescale-cicd |
|||
template.openshift.io/long-description: |
|||
template.openshift.io/provider-display-name: Nicolas Massé |
|||
template.openshift.io/support-url: https://github.com/nmasse-itix/threescale-cicd/issues |
|||
name: jenkins-ansible-slave |
|||
parameters: |
|||
- name: OPENSHIFT_VERSION |
|||
value: v3.11 |
|||
required: true |
|||
objects: |
|||
- apiVersion: v1 |
|||
kind: ImageStream |
|||
metadata: |
|||
annotations: |
|||
openshift.io/display-name: Jenkins Slave for Ansible |
|||
name: jenkins-ansible-slave |
|||
spec: |
|||
tags: |
|||
- name: latest |
|||
annotations: |
|||
role: jenkins-slave |
|||
|
|||
- apiVersion: v1 |
|||
kind: ImageStream |
|||
metadata: |
|||
name: jenkins-slave-base |
|||
spec: |
|||
tags: |
|||
- name: ${OPENSHIFT_VERSION} |
|||
referencePolicy: |
|||
type: Local |
|||
from: |
|||
kind: DockerImage |
|||
name: registry.access.redhat.com/openshift3/jenkins-slave-base-rhel7:${OPENSHIFT_VERSION} |
|||
importPolicy: |
|||
scheduled: true |
|||
|
|||
- apiVersion: v1 |
|||
kind: BuildConfig |
|||
metadata: |
|||
name: jenkins-ansible-slave |
|||
spec: |
|||
output: |
|||
to: |
|||
kind: ImageStreamTag |
|||
name: jenkins-ansible-slave:latest |
|||
runPolicy: Serial |
|||
source: |
|||
dockerfile: |- |
|||
FROM openshift3/jenkins-slave-base-rhel7:${OPENSHIFT_VERSION} |
|||
|
|||
MAINTAINER Nicolas Masse <nmasse@redhat.com> |
|||
|
|||
# Labels consumed by Red Hat build service |
|||
LABEL name="openshift3/jenkins-agent-ansible-26-rhel7" \ |
|||
version="${OPENSHIFT_VERSION}" \ |
|||
architecture="x86_64" \ |
|||
io.k8s.display-name="Jenkins Agent Ansible" \ |
|||
io.k8s.description="The jenkins agent ansible image has the Ansible engine on top of the jenkins slave base image." \ |
|||
io.openshift.tags="openshift,jenkins,agent,ansible" |
|||
|
|||
USER root |
|||
RUN yum install -y --enablerepo=rhel-7-server-ansible-2.6-rpms ansible && \ |
|||
yum install -y --enablerepo=rhel-server-rhscl-7-rpms python27-python-pip && \ |
|||
scl enable python27 "pip install --install-option='--install-purelib=/usr/lib/python2.7/site-packages/' jinja2" && \ |
|||
yum clean all && \ |
|||
rm -rf /var/cache/yum && \ |
|||
chown -R 1001:0 $HOME && \ |
|||
chmod -R g+rw $HOME |
|||
|
|||
USER 1001 |
|||
type: Dockerfile |
|||
strategy: |
|||
dockerStrategy: |
|||
from: |
|||
kind: ImageStreamTag |
|||
name: jenkins-slave-base:${OPENSHIFT_VERSION} |
|||
type: Docker |
|||
triggers: |
|||
- type: ConfigChange |
|||
- type: ImageChange |
|||
|
|||
Loading…
Reference in new issue