Table of Contents
This git repository contains a library of reusable Jenkins Pipeline steps and functions that can be used in your Jenkinsfile
to help improve your Continuous Delivery pipeline.
The idea is to try promote sharing of scripts across projects where it makes sense.
This library is intended to be used with fabric8's Jenkins image that is deployed as part of the fabric8 platform.
To use the functions in this library just add the following to the top of your Jenkinsfile
:
@Library('github.com/fabric8io/fabric8-pipeline-library@master') _
That will use the master branch of this library. You can if you wish pick a specific tag or commit SHA of this repository too.
Feel free to reuse a version of this library as is. However if you want to make changes, please fork
this repository and change it in your own fork!
Then just refer to your fork in the @Library()
annotation as shown above.
If you do make local changes we'd love a Pull Request
back though! We love contributions and pull requests!
These flows make use of the Fabric8 DevOps Pipeline Steps and kubernetes-plugin which help when working with Fabric8 DevOps in particular for clean integration with the Hubot chat bot and human approval of staging, promotion and releasing.
example..
approve {
version = '0.0.1'
console = 'http://fabric8.kubernetes.fabric8.io'
environment = 'staging'
}
deployProject {
stagedProject = 'my-project'
resourceLocation = 'target/classes/kubernetes.json'
environment = 'staging'
}
in the case of an aborted approval
dropProject{
stagedProject = project
pullRequestId = '1234'
}
node {
def resources = getDeploymentResources {
port = 8080
label = 'node'
icon = 'https://cdn.rawgit.com/fabric8io/fabric8/dc05040/website/src/images/logos/nodejs.svg'
version = '0.0.1'
}
kubernetesApply(file: resources, environment: 'my-cool-app-staging', registry: 'myexternalregistry.io:5000')
}
WARNING this function is deprecated. Please change to use getDeploymentResources{}
node {
def rc = getKubernetesJson {
port = 8080
label = 'node'
icon = 'https://cdn.rawgit.com/fabric8io/fabric8/dc05040/website/src/images/logos/nodejs.svg'
version = '0.0.1'
}
kubernetesApply(file: rc, environment: 'my-cool-app-staging', registry: 'myexternalregistry.io:5000')
}
def newVersion = getNewVersion{}
creates a release branch
sets the maven pom versions using versions-maven-plugin
mavenCanaryRelease{
version = canaryVersion
}
runs mvn deploy docker:build
default goal
of "install"
can overridden
mavenCanaryRelease{
goal = "deploy" # executes `mvn deploy` instead of `mvn install`
}
profile
- "openshift"
can overridden mavenCanaryRelease{
profile = "osio" # executes `mvn install -P osio`
}
cmd
variable. mavenCanaryRelease{
cmd = "mvn clean -B -e -U deploy -Dmaven.test.skip=true -P profile"
}
NOTE: if cmd
is set, goal
, profile
, skipTests
will have no effect.
pom.xml
; true
by default. mavenCanaryRelease{
autoUpdateFabric8Plugin = false // disables patching pom.xml
}
mavenIntegrationTest {
environment = 'Testing'
failIfNoTests = 'false'
itestPattern = '*KT'
}
cmd
parameter to override the mvn
command to execute in integration test mavenIntegrationTest {
cmd = 'mvn -P openshift-it org.apache.maven.plugins:maven-failsafe-plugin:verify'
}
Note: All other flags are ignored if mavenIntegrationTest
has integrationTestCmd
parameter.
mergeAndWaitForPullRequest {
project = 'fabric8/fabric8'
pullRequestId = prId
}
stage 'Canary release'
echo 'NOTE: running pipelines for the first time will take longer as build and base docker images are pulled onto the node'
if (!fileExists ('Dockerfile')) {
writeFile file: 'Dockerfile', text: 'FROM django:onbuild'
}
def newVersion = performCanaryRelease {}
def apiUrl = new URL("https://api.github.com/repos/${config.name}/pulls/${id}")
JsonSlurper rs = restGetURL{
authString = githubToken
url = apiUrl
}
During a release involving multiple java projects we often need to update downstream maven poms with new versions of a dependency. In a release pipeline we want to automate this, set up a pull request and let CI run to make sure there's no conflicts.
If CI fails and updates are required as a result of the dependency upgrade then
Automating this has saved us a lot of time during the release pipeline
def properties = []
properties << ['<fabric8.version>','io/fabric8/kubernetes-api']
properties << ['<docker.maven.plugin.version>','io/fabric8/docker-maven-plugin']
updatePropertyVersion {
updates = properties
repository = source // if null defaults to http://central.maven.org/maven2/
project = 'fabric8io/ipaas-quickstarts'
}
When working with open source java projects we need to stage artifacts with OSS Sonatype in order to promote them into maven central. This can take 10-30 mins depending on the size of the artifacts being synced.
A useful thing is to be notified in chat when artifacts are available in maven central as blocking the pipeine until we're sure the promote has worked.
waitUntilArtifactSyncedWithCentral {
repo = 'http://central.maven.org/maven2/'
groupId = 'io.fabric8.archetypes'
artifactId = 'archetypes-catalog'
version = '0.0.1'
ext = 'jar'
}
During a CD pipeline we often need to wait for external events to complete before continuing. One of the most common events we have on the fabric8 project is waiting for CI jobs or manually review and approval of github pull requests. We don't want to fail a pipeline, rather just wait patiently for the pull requests to merge so we can continue.
If CI fails and updates are required as a result of the dependency upgrade then
waitUntilPullRequestMerged {
name = 'fabric8io/fabric8'
prId = '1234'
}
These functions are focused specifically on the fabric8 release itself however could be used as examples or extended in users own setup.
The core fabric8 release consists of multiple Java projects that generate Java artifacts, docker images and kubernetes resources. These projects are built and staged together, automatically deployed into a test environment and after approval promoted together ready for the community to use.
When a project is staged an array is returned and passed around functions further down the pipeline. The structure of this stagedProject array is in the form [config.project, releaseVersion, repoId]
def stagedProject = stageProject {
project = 'fabric8io/ipaas-quickstarts'
useGitTagForNextVersion = true
}
One other important note is on the fabric8 project we don't use the maven release plugin or update to next SNAPSHOT versions as it causes unwanted noise and commits to our many github repos. Instead we use a fixed development x.x-SNAPSHOT
version so we can easily work in development on multiple projects that have maven dependencies with each other.
Now that we don't store the next release version in the poms we need to figure it out during the release. Rather than store the version number in the repo which involves a commit and not too CD friendly (i.e. would trigger another release just for the version update) we use the git tag
. From this we can get the previous release version, increment it and push it back without triggering another release. This seems a bit strange but it has been holding up and has significantly reduced unwanted SCM commits related to maven releases.
String pullRequestId = promoteArtifacts {
projectStagingDetails = config.stagedProject
project = 'fabric8io/fabric8'
useGitTagForNextVersion = true
helmPush = false
}
releaseProject {
stagedProject = project
useGitTagForNextVersion = true
helmPush = false
groupId = 'io.fabric8.archetypes'
githubOrganisation = 'fabric8io'
artifactIdToWatchInCentral = 'archetypes-catalog'
artifactExtensionToWatchInCentral = 'jar'
}
stageExtraImages {
images = ['gogs','jenkins','taiga']
tag = releaseVersion
}
def stagedProject = stageProject {
project = 'fabric8io/ipaas-quickstarts'
useGitTagForNextVersion = true
}
tagImages {
images = ['gogs','jenkins','taiga']
tag = releaseVersion
}
gitTag {
releaseVersion = '0.0.1'
}
Deploys the staged fabric8 release to a remote OpenShift cluster
NOTE in order for images to be found by the remote OpenShift instance it must be able to pull images from the staging docker registry. Noting private networks and insecure-registry flags.
node {
deployRemoteOpenShift {
url = openshiftUrl
domain = 'staging'
stagingDockerRegistry = openshiftStagingDockerRegistryUrl
}
}
Deploys the staged fabric8 release to a remote Kubernetes cluster
NOTE in order for images to be found by the remote OpenShift instance it must be able to pull images from the staging docker registry. Noting private networks and insecure-registry flags.
node {
deployRemoteKubernetes {
url = kubernetesUrl
defaultNamespace = 'default'
stagingDockerRegistry = kubernetesStagingDockerRegistryUrl
}
}
Add an annotation to the matching openshift build
@Library('github.com/fabric8io/fabric8-pipeline-library@master')
def dummy
node {
def utils = new io.fabric8.Utils()
utils.addAnnotationToBuild('fabric8.io/foo', 'bar')
}
Most of the functions provided by this library are meant to run inside a Kubernetes or Openshift pod. Those pods are managed by the kubernetes plugin. This library abstracts the pipeline capabilities of kubernetes plugin so that it makes it easier to use. So for example when you need to use a pod with maven capabilities instead of defining something like:
podTemplate(label: 'maven-node', containers: [
containerTemplate(name: 'maven', image: 'maven:3.3.9-jdk-8-alpine', ttyEnabled: true, command: 'cat')
],
volumes: [secretVolume(secretName: 'shared-secrets', mountPath: '/etc/shared-secrets')]) {
node('maven-node') {
container(name: 'maven') {
...
}
}
}
You can just use the mavenTemplate provided by this library:
mavenTemplate(label: 'mylabel') {
node('mylabel') {
container(name: 'maven') {
...
}
}
}
or for ease of use you can directly reference the mavenNode:
mavenNode {
container(name: 'maven') {
...
}
}
A template defines how the jenkins slave pod will look like, but the pod is not created until a node is requested. When a node is requested the matching template will be selected and pod from the template will be created.
The library provides shortcut function both to nodes and templates. In most cases you will just need to use the node. The only exception is when you need to mix and match (see mixing and matching).
The provided node / template pairs are the following:
Provides maven capabilities by adding a container with the maven image. The container mounts the following volumes:
jenkins-maven-settings
Add your maven configuration here.jenkins-mvn-local-repo
The maven local repository to use.The maven node and template support limited customization through the following properties:
Example:
mavenNode(mavenImage: 'maven:3.3.9-jdk-7') {
container(name: 'maven') {
sh 'mvn clean install'
}
}
Provides docker capabilities by adding a container with the docker binary. The container mounts the following volumes:
/var/run/docker.sock
The docker socket.Host path mounts are not allowed everywhere, so use with caution. Also note that the mount will be mounted to all containers in the pod. This means that if we add a maven container to the pod, it will have docker capabilities.
The docker node and template support limited customization through the following properties:
Example:
mavenNode(dockerImage: 'docker:1.11.2') {
container(name: 'docker') {
sh 'docker build -t myorg/myimage .'
}
}
Provides access to the kubectl
and oc
binaries by adding a container to the pod that provides them.
The container is configured exactly as the docker container provided by the dockerTemplate.
Example:
clientsNode(clientsImage: 'fabric8/builder-clients:latest') {
container(name: 'clients') {
sh 'kubectl create -f ./target/classes/META-INF/kubernetes/kubernetes.yml'
}
}
Provides docker capabilities by enriching the jenkins slave pod with the proper environment variables and volumes.
jenkins-release-gpg
Add your maven configuration here.Also the following environment variables will be available to all containers:
These variables will obtain their values from jenkins container (they will be copied).
Example:
releaseTemplate {
mavenNode {
container(name: 'docker') {
sh 'docker build -t myorg/myimage .'
}
}
There are cases where we might need a more complex setup that may require more than a single template. (e.g. a maven container that can run docker builds).
For this case you can combine add the docker template and the maven template together:
dockerTemplate {
mavenTemplate(label: 'maven-and-docker') {
node('maven-and-docker') {
container(name: 'maven') {
sh 'mvn clean package fabric8:build fabric8:push'
}
}
}
}
The above is equivalent to:
dockerTemplate {
mavenNode(label: 'maven-and-docker') {
container(name: 'maven') {
sh 'mvn clean package fabric8:build fabric8:push'
}
}
}
In the example above we can add release capabilities too, by adding the releaseTemplate:
dockerTemplate {
releaseTemplate {
mavenNode(label: 'maven-and-docker') {
container(name: 'maven') {
sh """
mvn release:clean release:prepare
mvn clean release:perform
"""
}
}
}
}
If the existing selection of templates is limiting you can also create your own templates. Templates can be created either by using the Jenkins administration console or by using the groovy.
In the console choose Manage Jenkins
-> Configure System
and scroll down until you find the section Cloud
-> Kubernetes
.
There you can click to Add Pod Template
to create your own using the wizard.
Then you can just instantiate the template by creating a node that references the label to the template:
node('my-custom-template') {
}
Note: You can use this template to mix and match too. For example you can combine your custom template with an existing one:
mavenNode(inheritFrom: 'my-custom-template') {
}