accenture / adop-jenkins Goto Github PK

View Code? Open in Web Editor NEW

153.0 21.0 134.0 125 KB

License: Apache License 2.0

Shell 22.50% Groovy 71.33% Ruby 2.88% Dockerfile 3.29%

adop

adop-jenkins's Introduction

Supported tags and respective `Dockerfile` links

0.2.0, 0.2.0 (0.2.0/Dockerfile)

What is adop-jenkins?

adop-jenkins is a wrapper for the Jenkins image. It has primarily been built to perform extended configuration. Jenkins is an open source automation tool.

How to use this image

The easiest for to run adop-jenkins image is as follow:

docker run --name <your-container-name> -d -p 8080:8080 accenture/adop-jenkins:VERSION

after the above Jenkins will be available at: http://localhost:8080

Runtime configuration can be provided using environment variables:

JENKINS_OPTS, Jenkins startup options.
ADOP_LDAP_ENABLED, allow enable/disable LDAP authentication. Default to true (enabled).
ADOP_ACL_ENABLED, allow enable/disable Jenkins user access control lists.
ADOP_SONAR_ENABLED, allow enable/disable Jenkins-Sonar integrations. Default to true (enabled).
ADOP_ANT_ENABLED, allow enable/disable Jenkins-ANT integration. Default to true (enabled).
ADOP_MAVEN_ENABLED, allow enable/disable Jenkins-MAVEN integration. Default to true (enabled).
ADOP_NODEJS_ENABLED, allow enable/disable Jenkins-NODEJS integration. Default to true (enabled).
ADOP_GITLAB_ENABLED, allow enable/disable Jenkins-GITLAB integration. Default to true (enabled).

Additional environment variables that allow fine tune Jenkins runtime configuration are:

GITLAB_HOST_NAME, the Gitlab hostname. Default to gitlab
GITLAB_PORT, the port Gitlab APIs are exposed. Default to 80
GITLAB_JENKINS_USERNAME, the username Jenkins will use to connect to Gitlab. Default to Gitlab.
GITLAB_JENKINS_PASSWORD, the password Jenkins will use to connect to Gitlab. Default to gitlab.
INITIAL_ADMIN_USER, the username for the admin user.
INITIAL_ADMIN_PASSWORD, the password for the initial admin user.
LDAP_SERVER, the LDPA URI, i.e. ldap-host:389
LDAP_ROOTDN, the LDAP BASE_DN
LDAP_USER_SEARCH_BASE, base organization unit to use to search for users
LDAP_USER_SEARCH, LDAP object field to use for the search query
LDAP_GROUP_SEARCH_BASE, base organization unit to use to search for groups
LDAP_GROUP_SEARCH_FILTER, filter to use querying for groups
LDAP_GROUP_MEMBERSHIP_FILTER, filter to use when writing queries to verify if a user is member of a group
LDAP_MANAGER_DN, LDAP adim user
LDAP_MANAGER_PASSWORD, LDAP admin password
LDAP_INHIBIT_INFER_ROOTDN, flag indicating if ROOT_DN should be infered
LDAP_DISPLAY_NAME_ATTRIBUTE_NAME, LDAP object field used as a display name
LDAP_DISABLE_MAIL_ADDRESS_RESOLVER, flag indicating if the email address resolver should be disabled
LDAP_MAIL_ADDRESS_ATTRIBUTE_NAME, LDAP object field used as a email address
LDAP_GROUP_NAME_ADMIN, LDAP admin group. Default to administrators.
SONAR_SERVER_URL, the sonar server URL
SONAR_ACCOUNT_LOGIN, username to use when connecting to sonar
SONAR_ACCOUNT_PASSWORD, password to use when connecting to sonar
SONAR_DB_URL, sonar database JDBC connection string
SONAR_DB_LOGIN, username to use to connect to sonar DB
SONAR_DB_PASSWORD, password to use when connecting to sonar DB
SONAR_PLUGIN_VERSION, the sonar plugin version
SONAR_ADDITIONAL_PROPS, additional properties for sonar plugin. Refer to SonarQube documentation for more informattion
SONAR_RUNNER_VERSION, the sonar runner version
ANT_VERSION, ANT release version
MAVEN_VERSION, Maven release version
NODEJS_VERSION, nodejs release version
NODEJS_GLOBAL_PACKAGES, nodejs packages to be installed as global
NODEJS_PACKAGES_REFRESH_HOURS, nodejs package refresh time in hours.
GIT_GLOBAL_CONFIG_NAME, Git global config name
GIT_GLOBAL_CONFIG_EMAIL, Git global config email
AWS_DEFAULT_REGION, set the AWS default region for the CLI at a global level
DOCKER_TLS_VERIFY, Docker CLI variable to declare a TLS-enabled engine
DOCKER_HOST, Docker CLI variable to declare the endpoint to target
DOCKER_CERT_PATH, Docker CLI variable to declare the path to the certificate
DOCKER_NETWORK_NAME, the Docker custom network to launch containers on
GROOVY_VERSION, a comma delimited list of Groovy installation profiles to install (e.g. 2.4.8, 2.4.3).
LDAP_IS_MODIFIABLE, allows us to interact with LDAP configuration through jenkins, Allowed values true (default) and false. If set to true, LDAP can be modified and jenkins will be able to create necessary users/groups in LDAP. If set to false, LDAP can not be modified and jenkins need be configured to use existing users/groups in LDAP. This variable will be used when ADOP_LDAP_ENABLED is set to true.

Run adop-jenkins with OpenLDAP

The following assumes that MySQL and OpenLDAP are running.

The following command will run adop-jenkins and connect it to OpenLDAP

  docker run \
  --name adop-jenkins \
  -p 8080:8080 \
  -e LDAP_SERVER="ldap:389" \
  -e LDAP_ROOTDN="${LDAP_FULL_DOMAIN}" \
  -e LDAP_USER_SEARCH_BASE="ou=people" \
  -e LDAP_USER_SEARCH="uid={0}" \
  -e LDAP_GROUP_SEARCH_BASE="ou=groups" \
  -e LDAP_GROUP_SEARCH_FILTER="" \
  -e LDAP_GROUP_MEMBERSHIP_FILTER="" \
  -e LDAP_MANAGER_DN="cn=admin,${LDAP_FULL_DOMAIN}" \
  -e LDAP_MANAGER_PASSWORD=${LDAP_PWD} \
  -e LDAP_INHIBIT_INFER_ROOTDN="false" \
  -e LDAP_DISABLE_MAIL_ADDRESS_RESOLVER="false" \
  -e LDAP_DISPLAY_NAME_ATTRIBUTE_NAME="displayName" \
  -e LDAP_MAIL_ADDRESS_ATTRIBUTE_NAME="mail" \
  -d accenture/adop-jenkins:VERSION

License

Please view license information for the software contained on this image.

Supported Docker versions

This image is officially supported on Docker version 1.9.1. Support for older versions (down to 1.6) is provided on a best-effort basis.

User feedback

Documentation

Documentation for this image is available in the Jenkins documentation page.

Issues

If you have any problems with or questions about this image, please contact us through a GitHub issue.

Contribute

You are invited to contribute new features, fixes, or updates, large or small; we are always thrilled to receive pull requests, and do our best to process them as fast as we can.

Before you start to code, we recommend discussing your plans through a GitHub issue, especially for more ambitious contributions. This gives other contributors a chance to point you in the right direction, give you feedback on your design, and help you find out if someone else is working on the same thing.

adop-jenkins's People

Contributors

Stargazers

Watchers

Forkers

kramos deors panthdeepak abullido dsingh07 nickdgriffin rglenn-accenture gogodi91 nhantd carloniere sachinksingh28 weiyanxiang jmargut restalion thetechoddbug rushan37 jateodoro pdcbuckets mmcgarr terencejacksonfa dexterlv m4m51m jprezaj franciscoaditazz vcerny davallejop michihuh davidcampbell8 zarifsamar dejan2609 banaagjoy mclerix azsoftcl janhout teodorz pranjal7 paoloxide liatrio jnarciso23 sbstnbr dodwmd cindymkim bzon digitalonus lynzeelim11 troy123456 sylvacorinne jaloare pratishtha88 redstone78 gdastagir neethu0311 seanjoo haidong-yang paber1234 svscorp jootyuan killbulle marisbahtins sarahsharmainedallong svenc81 anton-kasperovich renuraj18 abhisheks-cuelogic scurloc2 deangodfree alexburrows12 imranansari eaarrll harisareddy michael-t-dukes sittingidle robsonsimonassi expire163 robertnorthard frankjian asivayoganathan emailmukeshn hiddletian jarviscoding kitter stewartm nkolasn landondao1 cheqrouni gkdba87 robbinscp lenming-yeung-domain joyitadas aliciasteen venkat-devops jforcada vijaybadam mark-cabardo nehassingh amchau amol007bond nayaksuraj mperales90 hbuttguavus

adop-jenkins's Issues

Jenkins startup failure

Hi,

I started adop-jenkins latest version using the command provided in documentation. But jenkins is never up, it has error while running "generate_gitlab_scm.sh" scripts. It says sonar is unavailable error. I just not sure why jenkins startup is looking for sonar error.

Jenkins command used to start:

docker container run
--name acn-jenkins
--detach
--rm
-p 8080:8080
accenture/adop-jenkins:latest

Groovy scripts should have order of execution by priority

We have such example in Linux for init-scripts

Like:
01-adop_general.groovy
02-adop_ant.groovy
...

Why do you start a thread and sleep in init scripts

I wonder why you add a thread start and sleep to all your init script?
Can you describe the purpose, please?

Thanks
Gordon

Add a pretty theme as default

just a case of adding the simple theme plugin; curling a theme into the $jenkins_home/userContent/. and setting the url string ni the jenkins system config to /userContent/<theme .css>

would also be nice for optional theme for visually impaired users

Remove Job_Runner from conditional build step

Currently the Load_Platform job calls another child job Job_Runner which in turn executes all the jobs responsible for setting up your platform.

For some reason, it is under a conditional build step, which means if Generate_Example_Workspace is not ticked, it won't execute. This needs to simply be moved into a regular build step.

A new docker tag of adop-jenkins that contains the latest and greatest updates

It would be nice if there will be a docker tag that contains the latest and greatest such as accenture/adop-jenkins:x.x.x-${jenkins_version} that will be maintained on a separate branch.

My current project will use blue ocean and it will require a massive upgrade to all plugins. Any thoughts? @anton-kasperovich @nickdgriffin @kramos

NodeJS not installing with 1.0 plugin

I was messing around with the latest from adop-docker-compose and noticed this error:

groovy.lang.MissingMethodException: No signature of method: static jenkins.plugins.nodejs.NodeJSPlugin.instance() is applicable for argument types: () values: []
Possible solutions: inspect(), isCase(java.lang.Object), save(), start(), start()
at groovy.lang.MetaClassImpl.invokeStaticMissingMethod(MetaClassImpl.java:1503)
at groovy.lang.MetaClassImpl.invokeStaticMethod(MetaClassImpl.java:1489)
at org.codehaus.groovy.runtime.callsite.StaticMetaClassSite.call(StaticMetaClassSite.java:53)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:117)
at adop_nodejs$_run_closure1.doCall(adop_nodejs.groovy:27)
at adop_nodejs$_run_closure1.doCall(adop_nodejs.groovy)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:93)
at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:294)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1024)
at groovy.lang.Closure.call(Closure.java:414)
at groovy.lang.Closure.call(Closure.java:408)
at groovy.lang.Closure.run(Closure.java:495)
at java.lang.Thread.run(Thread.java:745)

I also couldn't see the default NodeJS installation either. The above suggests the plugin has changed and the adop_nodejs.groovy script needs updating perhaps.

I will add that I was installing all sorts and updated everything so my NodeJS plugin has ended up at version 1.0 - so this might be something we need to care about in the future when we upgrade, rather than right now.

Running ADOP/C locally (docker machine), get an authentication error

NOTE: I have removed the username and password from the below command.

[aravindmurthy@MacBookPro:/Users/aravindmurthy/Downloads/DevOpsKT/adop-docker-compose]$ ./quickstart.sh -t local adop <username_removed> <password_removed>
 
      ###    ########   #######  ########  
     ## ##   ##     ## ##     ## ##     ## 
    ##   ##  ##     ## ##     ## ##     ## 
   ##     ## ##     ## ##     ## ########  
   ######### ##     ## ##     ## ##        
   ##     ## ##     ## ##     ## ##        
   ##     ## ########   #######  ##        

Running pre-create checks...
Creating machine...
(adop) Copying /Users/aravindmurthy/.docker/machine/cache/boot2docker.iso to /Users/aravindmurthy/.docker/machine/machines/adop/boot2docker.iso...
(adop) Creating VirtualBox VM...
(adop) Creating SSH key...
(adop) Starting the VM...
(adop) Check network to re-create if needed...
(adop) Waiting for an IP...
Waiting for machine to be running, this may take a few minutes...
Detecting operating system of created instance...
Waiting for SSH to be available...
Detecting the provisioner...
Provisioning with boot2docker...
Copying certs to the local machine directory...
Copying certs to the remote machine...
Setting Docker configuration on the remote daemon...
Checking connection to Docker...
Docker is up and running!
To see how to connect your Docker Client to the Docker Engine running on this virtual machine, run: docker-machine env adop
 
          ###    ########   #######  ########  
         ## ##   ##     ## ##     ## ##     ## 
        ##   ##  ##     ## ##     ## ##     ## 
       ##     ## ##     ## ##     ## ########  
       ######### ##     ## ##     ## ##        
       ##     ## ##     ## ##     ## ##        
       ##     ## ########   #######  ##        
    
* Initialising ADOP
Sourcing provider-specific environment files...
Your secrets file already exists, will not re-create...
Sourcing variables from platform.secrets.sh file...
The version of your secrets file is up to date, moving on...
* Setting up Docker Network
Created Docker network: local_network
* Pulling Docker Images
Sourcing provider-specific environment files...
Your secrets file already exists, will not re-create...
Sourcing variables from platform.secrets.sh file...
The version of your secrets file is up to date, moving on...
Pulling elasticsearch (elasticsearch:2.1.1)...
ERROR: Get https://registry-1.docker.io/v2/library/elasticsearch/manifests/2.1.1: unauthorized: incorrect username or password

New Feature: Have job to create more slave nodes and dispose them

It would be desirable to add to the platform a couple of jobs to automate the creation of more slave nodes, and dispose them once no longer needed.

Jenkins 2.73.3 LTS upgrade

This issue is created to raise awareness that I'm working on upgrade of Jenkins from 2.7.4 LTS to 2.73.3 LTS. I'll create separate "v2 branch" in the repository and create a PR to make progress more visible. There are quite many issues to work with i.e. almost all plugins should be updated and I expect some rework on init groovy scripts as well:

Link to SonarQube from Jenkins jobs uses the inner container name, not the public URL

When a Jenkins job has enabled the SonarQube analysis, the job page displays a direct link to the SonarQube project/artifact page. However currently in our Jenkins image, the link is using the inner container name: http://sonar:9000, instead of the public URL.
To solve this, the Jenkins global settings (under Configure System page in the UI) should be updated. See picture attached for reference of the setting that needs to be updated.

anonymous is missing the Overall/Read permission

After starting the image as per the instructions, I accessed the web interface and the following error appeared:

anonymous is missing the Overall/Read permission

I've tried disabling security in config.xml, but apparently that gets recreated with security enabled.

Add a groovy script that automatically configures SMTP

@nickdgriffin @anton-kasperovich, For your review.

My Pull Request here - #17

Load_Platform fail

Hello,

I used ./setup-local.sh in order to configure my ADOP stack.
The creation is OK, but when I start the Load_Platform job, I get this issue:

10:57:11 + echo 'Repository already exists, skipping: platform-management'
10:57:11 Repository already exists, skipping: platform-management
10:57:11 + git remote add adop ssh://jenkins@gerrit:29418/platform-management
10:57:11 + git fetch adop
10:57:12 + git push adop '+refs/remotes/origin/:refs/heads/'
10:57:12 fatal: internal server error
10:57:12 fatal: Could not read from remote repository.
10:57:12
10:57:12 Please make sure you have the correct access rights
10:57:12 and the repository exists.
10:57:12 Build step 'Execute shell' marked build as failure
10:57:12 [ssh-agent] Stopped.
10:57:12 Finished: FAILURE

I did a docker exec inside Jenkins container, I started manually a git clone, and it seems that there is a RSA key issue:

root@79bcc2fc0b82:/tmp# git clone ssh://jenkins@gerrit:29418/platform-management
Cloning into 'platform-management'...
Permission denied (publickey).
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

Do you know how to fix it?
Thanks in advance!

Groovy script runs but no changes are performed

Dears,
This groovy script runs successfully (LDAP) but no changes are done to Jenkins config.xml file thus no changes are applied (default is Jenkins database and whoever is logged can do anything).
Is there anything else that needs to happen after the groovy script runs? Is the passcode cleartext or hash?
I'd appreciate if you could clarify. I imagine the groovy script would cause changes to the config.xml file as it happens if I configure it via Web UI.
Thanks in advance!

Error executing plugins.sh in Windows

Running docker build in Windows I found an error when plugins.sh is executed:

the command returned a non-zero code 3

If I run the same command in OSX it ends without errors, it seems to be some kind of problem with plugins.txt file.