Git Product home page Git Product logo

environment-splunkit-sla-dev's Introduction

Jenkins X Boot Configuration

This repository contains the source code for Jenkins X Boot configuration so that you can setup, upgrade or configure your Jenkins X installation via GitOps.

How to install...

Creating a kubernetes cluster

  • either use Terraform to spin up a GKE cluster with a jx namespace and any necessary cloud resources (e.g. on GCP we need a Kaniko Service Account and Secret)
  • create an empty GKE cluster by hand e.g. via jx create cluster gke --skip-installation or using the GCP Console

Run the new Jenkins X Bootstrap Pipeline

Create a fork of this git repository on github. We suggest renaming it to match the pattern environment-<cluster name>-dev. To rename your repository go to the repository settings in github.

Clone your newly forked git repository:

git clone https://github.com/<org>/environment-<cluster name>-dev && cd environment-<cluster name>-dev

It's important that you cd into your newly checked out git repo, otherwise jx boot will use the upstream Jenkins X boot configuration.

Now, in the checkout, run:

jx boot

If you are not in a clone of a boot git repository then jx boot will clone this repository and cd into the clone.

The bootstrap process runs the Jenkins X Pipeline in interpret mode as there's nothing running in your Kubernetes cluster yet and so there's no server side tekton controller until after we bootstrap.

The bootstrap process will also ask you for various important parameters which are used to populate a bunch of Secrets stored in either Vault or the local file system (well away from your git clone).

The pipeline will then setup the ingress controller, then cert manager, then install the actual development environment.

Apart from the secrets populated to Vault / local file system everything else is stored inside this git repository as Apps and helm charts.

How it works

We have improved the support for value + secret composition via this issue.

Parameters file

We define a env/parameters.yaml file which defines all the parameters either checked in or loaded from Vault or a local file system secrets location.

Injecting secrets into the parameters

If you look at the current env/parameters.yaml file you will see some values inlined and others use URIs of the form local:my-cluster-folder/nameofSecret/key. This currently supports 2 schemes:

  • vault: to load from a path + key from Vault
  • local: to load from a key in a YAML file at ~/.jx/localSecrets/$path.yml

This means we can populate all the Parameters we need on startup then refer to them from values.yaml to populate the tree of values to then inject those into Vault.

Populating the parameters.yaml file

We can then use the new step to populate the parameters.yaml file via this command in the env folder:

jx step create values --name parameters

This uses the parameters.schema.json file which powers the UI.

So if you wanted to perform your own install from this git repo, just fork it, remove env/parameters.yaml and run the bootstrap command!

Improvements to values.yaml

Support a tree of values.yaml files

Rather than a huge huge deeply nested values.yaml file we can have a tree of files for each App only include the App specific configuration in each folder. e.g.

env/
  values.yaml   # top level configuration
  prow/
    values.yaml # prow specific config
  tekton/
    vales.yaml  # tekton specific config

values.yaml templates

When using jx step helm apply we now allow values.yaml files to use go/helm templates just like templates/foo.yaml files support inside helm charts so that we can generate value/secret strings which can use templating to compose things from smaller secret values. e.g. creating a maven settings.xml file or docker config.json which includes many user/passwords for different registries.

We can then check in the values.yaml file which does all of this composition and reference the actual secret values via URLs (or template functions) to access vault or local vault files

To do this we use expressions like: {{ .Parameter.pipelineUser.token }} somewhere in the values.yaml values file. So this is like injecting values into the helm templates; but it happens up front to help generate the values.yaml files.

environment-splunkit-sla-dev's People

Contributors

abayer avatar bwalding avatar cagiti avatar ccojocar avatar cpwc avatar daveconde avatar dgozalo avatar garethjevans avatar haysclark avatar jenkins-x-bot avatar jstrachan avatar macox avatar mkinsley avatar pmuir avatar rawlingsj avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.