All docs
This doc
The pipeline configurations can be changed by the modification of the configurations in the values.yaml file corresponding to the pipeline. The sample modifications for each product provide a good indication as to how these configurations could be modified upon deployment. Once a configuration change has been made, run the helm upgrade command to apply the changes.
$ helm upgrade <RELEASE_NAME> wso2/kubernetes-pipeline --version 1.0.0 -f values.yaml
<RELEASE_NAME> should be replaced with the release name provided when the pipeline is installed initially.
Configuration changes could occur which will affect the Jenkins deployment, some of which include:
Changes to the private Docker repository
Changes to the artifact source repository
Changes to the chart source repository
In these cases the Jenkins pod would be restarted for these configurations to be reflected.
Use the following Advance configurations to Customize and Secure the Pipeline tool.
Change domain name
To customize the domain name override the host values as shown in the example below.
jenkins: ingress: host: jenkins.example.com spinnaker: ingress: host: spinnaker.example.com ingressGate: host: gate.spinnaker.example.com kibana: ingress: hosts: - kibana.example.com prometheus-operator: grafana: ingress: hosts: - grafana.example.com
example.com refers to the domain name
Using Ingress with Secure Sockets Layer(SSL) / Transport Layer Security (TLS)
The WSO2 Kubernetes Pipeline resource uses the NGINX Ingress Controller maintained by Kubernetes.Therefore, it is possible to use SSL/TLS security layers by adding a certificate to be used with the ingress controller.
This could be done using the following methods:
- Default SSL certificate
- Add individual certificates
Default SSL certificate
Refer to NGINX Ingress Controller user guide on how to configure a default SSL certificate.
Add individual certificates
To add individual certificates to each ingress endpoint follow the steps shown below
- Create Kubernetes secret objects for each endpoint containing the certificate and the private key.
Refer NGINX Ingress Controller user guide. Add the following content to your values.yaml with the secret and hostname.
jenkins: ingress: host: jenkins.example.com tls: - secretName: my-tls-cert hosts: - example.com spinnaker: ingress: host: spinnaker.example.com tls: - secretName: -tls hosts: - example.com ingressGate: host: gate.spinnaker.example.com tls: - secretName: -tls hosts: - example.com kibana: ingress: hosts: - kibana.example.com tls: - hosts: - example.com secretName: my-tls-cert prometheus-operator: grafana: ingress: hosts: - grafana.example.com tls: - hosts: - example.com secretName: my-tls-certReplace
example.com,my-tls-certwith your domain name and secret name respectively.
Access private GitHub repositories
The use of private repositories are recommended for WSO2 Kubernetes pipeline. While it is possible to use the basic credentials to authorize the pipeline to use these private repositories, we recommend the use of Github personal access tokens since it provides more control over the level of access.
- Create a personal access token as mentioned here.
Add the username and personal access token to the values.yaml as shown below.
github: username: <GITHUB_USERNAME> password: <PERSONAL_ACCESS_TOKEN>
Change credentials for Jenkins administrator
Jenkins starts as an administrative user by default. The password for this account could be changed by overriding the relevant values in the values.yaml
jenkins: username: <JENKINS_USERNAME> password: <JENKINS_PASSWORD>
In addition, we need to configure Spinnaker to authenticate with Jenkins since it would be used to run tests.
This is done by overriding the additional scripts section to change the default credentials indicated by `JENKINS_USERNAME` and `JENKINS_PASSWORD`.
spinnaker:
halyard:
additionalScripts:
create: true
data:
enable_ci.sh: |-
echo "Configuring jenkins master"
USERNAME="<JENKINS_USERNAME>"
PASSWORD="<JENKINS_PASSWORD>"
$HAL_COMMAND config ci jenkins enable
echo $PASSWORD | $HAL_COMMAND config ci jenkins master edit master --address http://jenkins-service.{{ .Release.Namespace }}.svc.cluster.local:8080 --username $USERNAME --password || echo $PASSWORD | $HAL_COMMAND config ci jenkins master add master --address http://jenkins-service.{{ .Release.Namespace }}.svc.cluster.local:8080 --username $USERNAME --password
$HAL_COMMAND config features edit --pipeline-templates true
Before you begin
This document assumes that you have completed the Quick Start Guide.
Add a new environment to your pipeline.
The following example shows how to add a sandbox environment to the existing pipeline.
Create a fork of the sample aws-cicd-deployment repository.
Create a clone of the forked artifact source repository. You can use the below command in command line.
$ git clone https://github.com/wso2/aws-cicd-deployment-scripts.git
Pipeline CloudFormation template repository will be cloned into your current working directory.
Create a new file named
cf-sandbox.yamlinside thewso2am/amfolder.Copy the content in sample.yaml file in “sampleCFN” folder to cf-sandbox.yaml file.
Commit and push the changes to master branch in your repository.
SSH into Jenkins instance and edit the Jenkins environment file.
Change the URL of env.GIT_REPO_CF to your repository URL.
Create a fork of the sample aws-pipeline repository.
Create a clone of the forked artifact source repository. You can use the below command in command-line tool.
$ git clone https://github.com/wso2/aws-pipeline.git
Pipeline artifact repository will be cloned into your current working directory.
Add the below variable definitions to Jenkinsfile in “jenkinsfile/aws” folder.
def SANDBOX = "Sandbox" def STACK_SANDBOX = "sandbox-stack"
Add the below code snippet after the BUILD_IMAGE stage into the Jenkinsfile in “jenkinsfile/aws” folder.
stage(“Deploy a Sandbox”) { log.info "Deploying to Sandbox" SANDBOX_CF = "${WORKSPACE}/${DEPLOYMENT_DIR}/${PRODUCT}/${env.DeploymentPattern}/cf-sandbox.yaml" env.TEST_ENDPOINT = deployAWS([wso2InstanceType: "${env.WSO2InstanceType}", product : "${PRODUCT}", version : "${VERSION}", keyPairName : "${env.KeyPairName}", certName : "${env.CertificateName}", dbUsername : "${env.DBUsername}", dbPassword : "${env.DBPassword}", dbType : "${env.DBType}", amiID : "${env.IMAGE_ID}", credID : "${AWS_CREDS}", region : "${env.REGION}", stackName : "${STACK_SANDBOX}", cf : "${SANDBOX_CF}", testEndpoint : "${TEST_ENDPOINT_KEY}", awsCredsFile : "${AWS_CREDS_LOC}", environment : "${SANDBOX}"]) }Add below code snippet to run tests on sandbox environment.
stage(Constants.Stages.RUNNING_TESTS) { log.info "Running Test on Sandbox Environment" def TEST_SCRIPT = "mvn test -Dendpoint=${TEST_ENDPOINT} " dir("${ARTIFACTS_DIR}/tests/${PRODUCT}") { executeTests "${TEST_SCRIPT}" } }Commit and push the changes to master branch in your repository.
Login to
JenkinsConsole.Click on
wso2am-2.6.0job.Click on
Configure.Change the Repository URL to your aws-pipeline repository URL under
Pipelinesection.Click Apply and Save.
Remove an environment in your pipeline
The following example shows how to remove the development environment from the existing pipeline.
Create a fork of the
sampleaws-pipelinerepository.Create a clone of the forked artifact source repository. You can use the below command in command line
$ git clone https://github.com/wso2/aws-pipeline.git
Pipeline artifact repository will be cloned into your current working directory.
Remove the code snippet corresponding to the deployment and test run of development environment in Jenkinsfile in
“jenkinsfile/aws”folder.stage(Constants.Stages.DEPLOY_DEV) { log.info "Deploying to Development" DEV_CF = "${WORKSPACE}/${DEPLOYMENT_DIR}/${PRODUCT}/${env.DeploymentPattern}/cf-dev.yaml" env.TEST_ENDPOINT = deployAWS([wso2InstanceType: "${env.WSO2InstanceType}", product : "${PRODUCT}", version : "${VERSION}", keyPairName : "${env.KeyPairName}", certName : "${env.CertificateName}", dbUsername : "${env.DBUsername}", dbPassword : "${env.DBPassword}", dbType : "${env.DBType}", amiID : "${env.IMAGE_ID}", credID : "${AWS_CREDS}", region : "${env.REGION}", stackName : "${STACK_DEV}", cf : "${DEV_CF}", testEndpoint : "${TEST_ENDPOINT_KEY}", awsCredsFile : "${AWS_CREDS_LOC}", environment : "${DEV}"]) } stage(Constants.Stages.RUNNING_TESTS) { log.info "Running Test" def TEST_SCRIPT = "mvn test -Dendpoint=${TEST_ENDPOINT} -D{$REMOVE_LOGS}" dir("${ARTIFACTS_DIR}/tests/${PRODUCT}") { executeTests "${TEST_SCRIPT}" } }Commit and push the changes to master branch in your repository.
Login to Jenkins Console.
Click on
wso2am-2.6.0job.Click on
Configure.Change the Repository URL to your aws-pipeline repository URL under Pipeline section.
Roll back pipeline
You can always roll back the environments to a previous revision using the roll back pipeline Job in Jenkins.
- Login to Jenkins
- Click on wso2am-2.6.0-rollback Job.
- Click Build with parameters
- Select the desired revision to roll back
- Select the environment to roll back
- Click Build.
Pipeline will roll back the selected environment into the selected revision.
Modify Pipeline Parameters
In this instance, you are able to change pipeline credentials and other parameters. Steps to follow are listed below:
Update Credentials
These steps can be used to update Github Credentials and WSO2 credentials
- Login to Jenkins console.
- Go to Credentials
- Select the credential you need to update.
- Click Update on the left menu.
- Enter new credentials
- Click Save.
Update other parameters
- Log into AWS Console
- Go to AWS CloudFormation page
- Select Jenkins stack and click Update
- Choose Use current template and click Next
- Change the required parameter values
- Click Next
- Click Update
AWS CloudFormation will update the Jenkins stack with new parameters.
Use Custom Domain Domain Names
Custom domain names can be configured for accessing domains. This can be one of your own existing domain or a newly created domain.
To configure custom domain you need route the traffic from load balancer to your domain. To achieve this you need to configure Route53 on AWS. Refer documentation on Associating Your Custom Domain Name with Your Load Balancer Name for this.
Use multiple artifact repositories to deliver artifacts
To deliver artifacts into environments from multiple artifact repositories, you need to create an artifact pipeline per repository.
- Create a fork of the
sampleaws-pipelinerepository. - Create a clone of the forked artifact source repository. You can use the below command from the command-line tool.
$ git clone https://github.com/<your-github-name>/aws-pipeline.git
Create a new file in the jenkinsfile/aws/artifactPipeline directory and add the below code.
/* * Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. * * WSO2 Inc. licenses this file to you under the Apache License, * Version 2.0 (the "License"); you may not use this file except * in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ @Library('wso2-jenkins-shared-lib') import org.wso2.util.Constants //Nodes def NODE_MASTER = "master" node(NODE_MASTER) { def ENVIRONMENT = "${params.BRANCH}" def BRANCH = "*/${params.BRANCH}" def PRODUCT = "${params.PRODUCT}" def GIT_REPO_ARTIFACTS = "${params.REPOSITORY}" //Constants def DEV_EFS_IDENTIFIER = "DEV_EFS_IP" def STAGING_EFS_IDENTIFIER = "STAGING_EFS_IP" def PROD_EFS_IDENTIFIER = "PROD_EFS_IP" def GITHUB_CREDS = "github_creds" //Directories def ARTIFACTS_SOURCE = "cicd-test-artifacts" def ARTIFACT_DEPLOYMENT_DIR = "carbonapps" //Mount Points def EFS_MOUNT = "/mnt/${ENVIRONMENT}-efs" def ARTIFACT_CONF = "${WORKSPACE}/${ARTIFACTS_SOURCE}/buildArtifact.sh" // Resource Locations def ARTIFACTS_DIR = "artifacts" def ARTIFACTS_DIR_LOC = "${WORKSPACE}/${ARTIFACTS_DIR}" //Config Files def ENV = '/home/jenkins/jenkins_env' try { stage(Constants.Stages.CLONE_ARTIFACT_SOURCE) { log.info "Cloning artifact Source" file = load ENV env.REGION = getAvailabilityZone() cloneRepoToDir ([repoUrl :"${GIT_REPO_ARTIFACTS}", directory :"${ARTIFACTS_SOURCE}", branch :"${BRANCH}", credID :"${GITHUB_CREDS}" ]) } stage(Constants.Stages.BUILD_ARTIFACTS) { if (!fileExists("${ARTIFACTS_DIR}")) { sh "mkdir $ARTIFACTS_DIR" } log.info "Build product artifacts" buildArtifacts([artifactConf : "${ARTIFACT_CONF}", artifactsLoc : "${WORKSPACE}/${ARTIFACTS_SOURCE}", image_resources : "${ARTIFACTS_DIR_LOC}"]) } stage(Constants.Stages.MOUNT_EFS) { if (ENVIRONMENT == "staging") { EFS_IP = env.STAGING_EFS_IP } else if (ENVIRONMENT == "dev") { EFS_IP = env.DEV_EFS_IP } else { EFS_IP = env.PROD_EFS_IP } log.info "Mounting EFS" mountEFS([ mountPoint : "${EFS_MOUNT}", efsIp : "${EFS_IP}", region : "${env.REGION}" ]) } stage(Constants.Stages.COPY_ARTIFACTS) { if (PRODUCT == "wso2am") { ARTIFACT_DEPLOYMENT_DIR = "webapps" } log.info "Copying environment artifacts" copyArtifacts ([image_resources:"${ARTIFACTS_DIR_LOC}", mountDir :"${ARTIFACT_DEPLOYMENT_DIR}", mountPoint :"${EFS_MOUNT}"]) } stage(Constants.Stages.UNMOUNT_EFS) { unmountEFS([mountPoint : "${EFS_MOUNT}"]) } } catch (exc) { log.err "Caught: ${exc}" String recipient = env.Email mail subject: "${env.JOB_NAME} (${env.BUILD_NUMBER}) build failed", body: "${env.JOB_NAME} build ${env.BUILD_NUMBER} failed in Jenkins. Check console output at $BUILD_URL to view the results.", to: recipient, replyTo: recipient, from: '[email protected]' throw exc } }- Log into Jenkins.
- Click New Item.
- Enter a name for the job.
- Click Copy from and enter the relevant artifact pipeline name:
- wso2am-2.6.0-dev-artifacts : This pipeline delivers artifacts into the development environment.
- wso2am-2.6.0-staging-artifacts : This pipeline delivers artifacts into the staging environment.
- wso2am-2.6.0-prod-artifacts : This pipeline delivers artifacts into the production environment.
- Click OK. Once the Job is created, the browser will be redirected to the Job configurations page.
- Add a new parameter named REPOSITORY to the Job. Give the repository URL as the value.
- Click Apply and Save.
- Make a commit to the relevant branch in your artifact repository.
The newly created Job will be triggered.
Overview
Content Tools
Activity