All docs This doc
Skip to end of metadata
Go to start of metadata


The pipeline configurations can be changed by the modification of the configurations in the values.yaml file corresponding to the pipeline. The sample modifications for each product provide a good indication as to how these configurations could be modified upon deployment. Once a configuration change has been made, run the helm upgrade command to apply the changes.

$ helm upgrade <RELEASE_NAME> wso2/kubernetes-pipeline --version 1.0.0 -f values.yaml

<RELEASE_NAME> should be replaced with the release name provided when the pipeline is installed initially.

Configuration changes could occur which will affect the Jenkins deployment, some of which include:

  • Changes to the private Docker repository

  • Changes to the artifact source repository

  • Changes to the chart source repository

In these cases the Jenkins pod would be restarted for these configurations to be reflected.

Use the following Advance configurations to Customize and Secure the Pipeline tool.

Change domain name

To customize the domain name override the host values as shown in the example below.

jenkins:
   ingress:
     host: jenkins.example.com

spinnaker:
   ingress:
     host: spinnaker.example.com

   ingressGate:
     host: gate.spinnaker.example.com

kibana:
   ingress:
     hosts:
     - kibana.example.com

prometheus-operator:
   grafana:
     ingress:
       hosts:
       - grafana.example.com

example.com refers to the domain name

Using Ingress with Secure Sockets Layer(SSL) / Transport Layer Security (TLS)

The WSO2 Kubernetes Pipeline resource uses the NGINX Ingress Controller maintained by Kubernetes.Therefore, it is possible to use SSL/TLS security layers by adding a certificate to be used with the ingress controller.

This could be done using the following methods:

  • Default SSL certificate
  • Add individual certificates


Default SSL certificate

Refer to NGINX Ingress Controller user guide on how to configure a default SSL certificate.


Add individual certificates

To add individual certificates to each ingress endpoint follow the steps shown below

  1. Create Kubernetes secret objects for each endpoint containing the certificate and the private key.
    Refer NGINX Ingress Controller user guide.
  2. Add the following content to your values.yaml with the secret and hostname.


    jenkins:
      ingress:
        host: jenkins.example.com
        tls:
          - secretName: my-tls-cert
            hosts:
              - example.com
    
    spinnaker:
      ingress:
        host: spinnaker.example.com
        tls:
          - secretName: -tls
            hosts:
              - example.com
      ingressGate:
        host: gate.spinnaker.example.com
        tls:
         - secretName: -tls
           hosts:
             - example.com
    
    kibana:
      ingress:
        hosts:
          - kibana.example.com
        tls:
          - hosts:
              - example.com
            secretName: my-tls-cert
    
    prometheus-operator:
      grafana:
        ingress:
          hosts:
          - grafana.example.com
          tls:
            - hosts:
                - example.com
              secretName: my-tls-cert

    Replace example.com, my-tls-cert with your domain name and secret name respectively.

Access private GitHub repositories

The use of private repositories are recommended for WSO2 Kubernetes pipeline. While it is possible to use the basic credentials to authorize the pipeline to use these private repositories, we recommend the use of Github personal access tokens since it provides more control over the level of access.

  1. Create a personal access token as mentioned here.
  2. Add the username and personal access token to the values.yaml as shown below.

    github:
      username: <GITHUB_USERNAME>
      password: <PERSONAL_ACCESS_TOKEN>

Change credentials for Jenkins administrator

Jenkins starts as an administrative user by default. The password for this account could be changed by overriding the relevant values in the values.yaml

jenkins:
  username: <JENKINS_USERNAME>
  password: <JENKINS_PASSWORD>

In addition, we need to configure Spinnaker to authenticate with Jenkins since it would be used to run tests.

This is done by overriding the additional scripts section to change the default credentials indicated by `JENKINS_USERNAME` and `JENKINS_PASSWORD`.

spinnaker:
  halyard:
    additionalScripts:
      create: true
      data:
        enable_ci.sh: |-
          echo "Configuring jenkins master"
          USERNAME="<JENKINS_USERNAME>"
          PASSWORD="<JENKINS_PASSWORD>"
          $HAL_COMMAND config ci jenkins enable
          echo $PASSWORD | $HAL_COMMAND config ci jenkins master edit master --address http://jenkins-service.{{ .Release.Namespace }}.svc.cluster.local:8080 --username $USERNAME --password || echo $PASSWORD | $HAL_COMMAND config ci jenkins master add master --address http://jenkins-service.{{ .Release.Namespace }}.svc.cluster.local:8080 --username $USERNAME --password
          $HAL_COMMAND config features edit --pipeline-templates true



Before you begin

This document assumes that you have completed the Quick Start Guide.

Add a new environment to your pipeline. 

The following example shows how to add a sandbox environment to the existing pipeline. 

  1. Create a fork of the sample aws-cicd-deployment repository. 

  2. Create a clone of the forked artifact source repository. You can use the below command in command line.

    $ git clone https://github.com/wso2/aws-cicd-deployment-scripts.git

    Pipeline CloudFormation template repository will be cloned into your current working directory.

  3. Create a new file named cf-sandbox.yaml inside the wso2am/am folder.

  4. Copy the content in sample.yaml file in “sampleCFN” folder to cf-sandbox.yaml file.

  5. Commit and push the changes to master branch in your repository.

  6. SSH into Jenkins instance and edit the Jenkins environment file.

  7. Change the URL of env.GIT_REPO_CF to your repository URL.

  8. Create a fork of the sample aws-pipeline repository.

  9. Create a clone of the forked artifact source repository. You can use the below command in command-line tool.

    $ git clone https://github.com/wso2/aws-pipeline.git

    Pipeline artifact repository will be cloned into your current working directory.

  10. Add the below variable definitions to Jenkinsfile in “jenkinsfile/aws” folder.

    def SANDBOX = "Sandbox"
    
    def STACK_SANDBOX = "sandbox-stack"
  11. Add the below code snippet after the BUILD_IMAGE stage into the Jenkinsfile in “jenkinsfile/aws” folder.

    stage(“Deploy a Sandbox”) {
    log.info "Deploying to Sandbox"
       SANDBOX_CF = "${WORKSPACE}/${DEPLOYMENT_DIR}/${PRODUCT}/${env.DeploymentPattern}/cf-sandbox.yaml"
       env.TEST_ENDPOINT = deployAWS([wso2InstanceType: "${env.WSO2InstanceType}",
                  product          : "${PRODUCT}",
                  version          : "${VERSION}",
                  keyPairName     : "${env.KeyPairName}",
                  certName        : "${env.CertificateName}",
                  dbUsername       : "${env.DBUsername}",
                  dbPassword       : "${env.DBPassword}",
                  dbType           : "${env.DBType}",
                  amiID            : "${env.IMAGE_ID}",
                  credID           : "${AWS_CREDS}",
                  region           : "${env.REGION}",
                  stackName         : "${STACK_SANDBOX}",
                  cf               : "${SANDBOX_CF}",
                  testEndpoint     : "${TEST_ENDPOINT_KEY}",
                  awsCredsFile    : "${AWS_CREDS_LOC}",
                  environment     : "${SANDBOX}"])
    
    }
  12. Add below code snippet to run tests on sandbox environment.

    stage(Constants.Stages.RUNNING_TESTS) {
    log.info "Running Test on Sandbox Environment"
       def TEST_SCRIPT = "mvn  test -Dendpoint=${TEST_ENDPOINT} "
       dir("${ARTIFACTS_DIR}/tests/${PRODUCT}") {
           executeTests "${TEST_SCRIPT}" } }
  13. Commit and push the changes to master branch in your repository.

  14. Login to Jenkins Console.

  15. Click on wso2am-2.6.0 job.

  16. Click on Configure.

  17. Change the Repository URL to your aws-pipeline repository URL under Pipeline section.

  18. Click Apply and Save.

Remove an environment in your pipeline 

The following example shows how to remove the development environment from the existing pipeline. 

  1. Create a fork of the sample aws-pipeline repository. 

  2. Create a clone of the forked artifact source repository. You can use the below command in command line

    $ git clone   https://github.com/wso2/aws-pipeline.git 

    Pipeline artifact repository will be cloned into your current working directory.

  3. Remove the code snippet corresponding to the deployment and test run of development environment in Jenkinsfile in “jenkinsfile/aws” folder.

    stage(Constants.Stages.DEPLOY_DEV) {
        log.info "Deploying to Development"
        DEV_CF = "${WORKSPACE}/${DEPLOYMENT_DIR}/${PRODUCT}/${env.DeploymentPattern}/cf-dev.yaml"
        env.TEST_ENDPOINT = deployAWS([wso2InstanceType: "${env.WSO2InstanceType}",
        product         : "${PRODUCT}",
        version         : "${VERSION}",
        keyPairName     : "${env.KeyPairName}",
        certName        : "${env.CertificateName}",
        dbUsername      : "${env.DBUsername}",
        dbPassword      : "${env.DBPassword}",
        dbType          : "${env.DBType}",
        amiID           : "${env.IMAGE_ID}",
        credID          : "${AWS_CREDS}",
        region          : "${env.REGION}",
        stackName       : "${STACK_DEV}",
        cf              : "${DEV_CF}",
        testEndpoint    : "${TEST_ENDPOINT_KEY}",
        awsCredsFile    : "${AWS_CREDS_LOC}",
        environment     : "${DEV}"])
    }
    stage(Constants.Stages.RUNNING_TESTS) {
        log.info "Running Test"
        def TEST_SCRIPT = "mvn  test -Dendpoint=${TEST_ENDPOINT} -D{$REMOVE_LOGS}"
        dir("${ARTIFACTS_DIR}/tests/${PRODUCT}") {
           executeTests "${TEST_SCRIPT}"
        }
    }
  4. Commit and push the changes to master branch in your repository.

  5. Login to Jenkins Console.

  6. Click on wso2am-2.6.0 job.

  7. Click on Configure.

  8. Change the Repository URL to your aws-pipeline repository URL under Pipeline section.

Roll back pipeline

You can always roll back the environments to a previous revision using the roll back pipeline Job in Jenkins. 

  1. Login to Jenkins
  2. Click on wso2am-2.6.0-rollback Job.
  3. Click Build with parameters
  4. Select the desired revision to roll back
  5. Select the environment to roll back
  6. Click Build.

Pipeline will roll back the selected environment into the selected revision.

Modify Pipeline Parameters

In this instance, you are able to change pipeline credentials and other parameters. Steps to follow are listed below:

Update Credentials

These steps can be used to update Github Credentials and WSO2 credentials

  1. Login to Jenkins console.
  2. Go to Credentials
  3. Select the credential you need to update.
  4. Click Update on the left menu.
  5. Enter new credentials
  6. Click Save.

Update other parameters

  1. Log into AWS Console
  2. Go to AWS CloudFormation page
  3. Select Jenkins stack and click Update
  4. Choose Use current template and click Next
  5. Change the required parameter values
  6. Click Next 
  7. Click Update

AWS CloudFormation will update the Jenkins stack with new parameters.

Use Custom Domain Domain Names

Custom domain names can be configured for accessing domains. This can be one of your own existing domain or a newly created domain. 

To configure custom domain you need route the traffic from load balancer to your domain. To achieve this you need to configure Route53 on AWS. Refer documentation on  Associating Your Custom Domain Name with Your Load Balancer Name for this.

Use multiple artifact repositories to deliver artifacts

To deliver artifacts into environments from multiple artifact repositories, you need to create an artifact pipeline per repository. 

  1. Create a fork of the sample aws-pipeline repository. 
  2. Create a clone of the forked artifact source repository. You can use the below command from the command-line tool.


    $ git clone https://github.com/<your-github-name>/aws-pipeline.git
  3. Create a new file in the jenkinsfile/aws/artifactPipeline directory and add the below code.

    /*
    *  Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
    *
    *  WSO2 Inc. licenses this file to you under the Apache License,
    *  Version 2.0 (the "License"); you may not use this file except
    *  in compliance with the License.
    *  You may obtain a copy of the License at
    *
    *    http://www.apache.org/licenses/LICENSE-2.0
    *
    * Unless required by applicable law or agreed to in writing,
    * software distributed under the License is distributed on an
    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    * KIND, either express or implied.  See the License for the
    * specific language governing permissions and limitations
    * under the License.
    */
    
    @Library('wso2-jenkins-shared-lib')
    import org.wso2.util.Constants
    
    //Nodes
    def NODE_MASTER = "master"
    node(NODE_MASTER) {
    
        def ENVIRONMENT = "${params.BRANCH}"
        def BRANCH = "*/${params.BRANCH}"
        def PRODUCT = "${params.PRODUCT}"
        def GIT_REPO_ARTIFACTS = "${params.REPOSITORY}"
    
        //Constants
        def DEV_EFS_IDENTIFIER = "DEV_EFS_IP"
        def STAGING_EFS_IDENTIFIER = "STAGING_EFS_IP"
        def PROD_EFS_IDENTIFIER = "PROD_EFS_IP"
        def GITHUB_CREDS = "github_creds"
    
        //Directories
        def ARTIFACTS_SOURCE = "cicd-test-artifacts"
        def ARTIFACT_DEPLOYMENT_DIR = "carbonapps"
    
        //Mount Points
         def EFS_MOUNT = "/mnt/${ENVIRONMENT}-efs"
         def ARTIFACT_CONF = "${WORKSPACE}/${ARTIFACTS_SOURCE}/buildArtifact.sh"
    
        // Resource Locations
        def ARTIFACTS_DIR = "artifacts"
        def ARTIFACTS_DIR_LOC = "${WORKSPACE}/${ARTIFACTS_DIR}"
    
        //Config Files
        def ENV = '/home/jenkins/jenkins_env'
    
        try {
            stage(Constants.Stages.CLONE_ARTIFACT_SOURCE) {
                log.info "Cloning artifact Source"
                file = load ENV
                env.REGION = getAvailabilityZone()
                cloneRepoToDir ([repoUrl    :"${GIT_REPO_ARTIFACTS}",
                                 directory  :"${ARTIFACTS_SOURCE}",
                                 branch     :"${BRANCH}",
                                 credID     :"${GITHUB_CREDS}" ])
            }
    
            stage(Constants.Stages.BUILD_ARTIFACTS) {
                if (!fileExists("${ARTIFACTS_DIR}")) {
                       sh "mkdir $ARTIFACTS_DIR"
                }
                log.info "Build product artifacts"
                buildArtifacts([artifactConf       : "${ARTIFACT_CONF}",
                                artifactsLoc       : "${WORKSPACE}/${ARTIFACTS_SOURCE}",
                                image_resources    : "${ARTIFACTS_DIR_LOC}"])
            }
    
            stage(Constants.Stages.MOUNT_EFS) {
                if (ENVIRONMENT == "staging") {
                    EFS_IP = env.STAGING_EFS_IP
                } else if (ENVIRONMENT == "dev") {
                    EFS_IP = env.DEV_EFS_IP
                } else {
                    EFS_IP = env.PROD_EFS_IP
                }
                log.info "Mounting EFS"
                mountEFS([
                     mountPoint : "${EFS_MOUNT}",
                     efsIp      : "${EFS_IP}",
                     region     : "${env.REGION}"
                ])
            }
    
            stage(Constants.Stages.COPY_ARTIFACTS) {
                if (PRODUCT == "wso2am") {
                    ARTIFACT_DEPLOYMENT_DIR = "webapps"
                }
                log.info "Copying environment artifacts"
                 copyArtifacts ([image_resources:"${ARTIFACTS_DIR_LOC}",
                                 mountDir       :"${ARTIFACT_DEPLOYMENT_DIR}",
                                 mountPoint     :"${EFS_MOUNT}"])
            }
    
            stage(Constants.Stages.UNMOUNT_EFS) {
                unmountEFS([mountPoint : "${EFS_MOUNT}"])
            }
    
        } catch (exc) {
            log.err "Caught: ${exc}"
            String recipient = env.Email
            mail subject: "${env.JOB_NAME} (${env.BUILD_NUMBER}) build failed",
                    body: "${env.JOB_NAME} build ${env.BUILD_NUMBER} failed in Jenkins. Check console output at $BUILD_URL to view the results.",
                    to: recipient,
                    replyTo: recipient,
                    from: '[email protected]'
            throw exc
        }
    
    }
  4. Log into Jenkins.
  5. Click New Item.
  6. Enter a name for the job.
  7. Click Copy from and enter the relevant artifact pipeline name:
    1. wso2am-2.6.0-dev-artifacts : This pipeline delivers artifacts into the development environment.
    2. wso2am-2.6.0-staging-artifacts : This pipeline delivers artifacts into the staging environment.
    3. wso2am-2.6.0-prod-artifacts : This pipeline delivers artifacts into the production environment.
  8. Click OK.  Once the Job is created, the browser will be redirected to the Job configurations page. 
  9. Add a new parameter named REPOSITORY to the Job. Give the repository URL as the value.
  10. Click Apply and Save.
  11. Make a commit to the relevant branch in your artifact repository. 

The newly created Job will be triggered.

  • No labels