├── .gitattributes ├── .gitignore ├── Jenkinsfile ├── LICENSE ├── README.md ├── casc_configs ├── jenkins.yaml ├── jobs.groovy ├── jobs.yaml └── other.yaml ├── docker-compose.yml ├── master ├── Dockerfile └── plugins_extra.txt └── secrets ├── adminpw └── github /.gitattributes: -------------------------------------------------------------------------------- 1 | * text eol=lf 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | id_rsa 2 | id_rsa.pub 3 | -------------------------------------------------------------------------------- /Jenkinsfile: -------------------------------------------------------------------------------- 1 | pipeline { 2 | agent { 3 | label 'master-label' 4 | } 5 | 6 | stages { 7 | stage('Checkout') { 8 | steps { 9 | dir(env.CASC_REPO) { 10 | checkout scm 11 | } 12 | } 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2018 Praqma 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # praqma-jenkins-casc 2 | Repository for our JCasC demo setup. 3 | 4 | ## Requirements 5 | 6 | First off we require docker-compose. Tested with `docker-compose version 1.20.1`. 7 | 8 | The demo configuration we've prepared doesn't require you to use any secrets. Default user we create has secrets in configuration section in casc_configs/jenkins.yaml (lines 13-14) but since we do not expect you to do ANYTHING other than running docker-compose to get Jenkins up, the secret related sections in docker-compose.yml are commented and we'll use default hardcoded values for demo purpose. Same goes for `usernamePassword` credentials (lines 33-38) 9 | 10 | If you're familiar with docker secrets you can provide actual secrets - remember to update docker-compose.yml with the actual path to your secrets 11 | 12 | ## First boot 13 | 14 | This is very simple, using docker-compose execute the following command from the root of this repository: 15 | 16 | `docker-compose up --build` 17 | 18 | This will start up a Jenkins instance which will be accessible on the host through port 80, just open your browser and navigate to http://localhost 19 | 20 | What you might want to change though is the configuration file used by the Configuration as Code plugin. Currently `CASC_JENKINS_CONFIG` points to `casc_configs` folder with initial, basic configuration files. You're good to go with those but feel free to change the configuration and see how it works. 21 | 22 | Any time you change you're configuration files on host machine you need to reload it in Jenkins: 23 | 24 | Manage Jenkins -> Configuration as Code -> Reload existing configuration 25 | -------------------------------------------------------------------------------- /casc_configs/jenkins.yaml: -------------------------------------------------------------------------------- 1 | jenkins: 2 | systemMessage: "\n\nDemo setup for Jenkins Configuration as Code plugin......\n\n" 3 | 4 | numExecutors: 1 5 | mode: NORMAL 6 | scmCheckoutRetryCount: 3 7 | labelString: "master-label" 8 | 9 | securityRealm: 10 | local: 11 | allowsSignup: false 12 | users: 13 | - id: admin 14 | password: ${adminpw:-passw0rd} 15 | 16 | authorizationStrategy: 17 | globalMatrix: 18 | grantedPermissions: 19 | - "Overall/Read:anonymous" 20 | - "Job/Read:anonymous" 21 | - "View/Read:anonymous" 22 | - "Overall/Administer:anonymous" 23 | 24 | crumbIssuer: "standard" 25 | 26 | remotingSecurity: 27 | enabled: true 28 | 29 | credentials: 30 | system: 31 | domainCredentials: 32 | - credentials: 33 | - usernamePassword: 34 | scope: GLOBAL 35 | id: github-user 36 | username: ewelina 37 | password: ${github:-githubPassw0rd} 38 | description: github username/password 39 | 40 | tool: 41 | git: 42 | installations: 43 | - name: Default 44 | home: "git" 45 | 46 | 47 | -------------------------------------------------------------------------------- /casc_configs/jobs.groovy: -------------------------------------------------------------------------------- 1 | job('XYZ_release') 2 | job('Retention_qw') 3 | 4 | listView("Retention") { 5 | jobs { 6 | name('Retention_qw') 7 | } 8 | columns { 9 | status() 10 | weather() 11 | name() 12 | lastSuccess() 13 | lastFailure() 14 | lastDuration() 15 | } 16 | } -------------------------------------------------------------------------------- /casc_configs/jobs.yaml: -------------------------------------------------------------------------------- 1 | jobs: 2 | - url: https://raw.githubusercontent.com/Praqma/job-dsl-collection/master/configuration-as-code-dsl/pipeline.dsl #casc 3 | # - file: /var/jenkins_conf/jobs.groovy 4 | - script: > 5 | job('123456') 6 | -------------------------------------------------------------------------------- /casc_configs/other.yaml: -------------------------------------------------------------------------------- 1 | unclassified: 2 | location: 3 | url: http://localhost 4 | adminAddress: support@praqma.net 5 | 6 | globalLibraries: 7 | libraries: 8 | - name: "praqma-shared@master" 9 | implicit: true 10 | defaultVersion: "master" 11 | retriever: 12 | modernSCM: 13 | scm: 14 | git: 15 | remote: "https://github.com/Praqma/shared-pipeline.git" 16 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.3' 2 | 3 | services: 4 | jenkins: 5 | build: 6 | context: ./master 7 | ports: 8 | - 80:8080 9 | - 50000:50000 10 | volumes: 11 | - jenkins_home_summit:/var/jenkins_home 12 | - ./casc_configs:/var/jenkins_conf 13 | # secrets: 14 | # - github #Github username with password as an example. Purpose here is to have a user with write-access for special cases. Like the git-publisher. 15 | # - adminpw #Initial adminstrator user password. Added for debugging purposes. Should be removed prior to go-live. 16 | # - agent_private_key #ssh private key for connecting ssh slaves 17 | environment: 18 | - CASC_JENKINS_CONFIG=/var/jenkins_conf 19 | # secrets: #Be careful with newlines in your secrets, make sure to remove them before running docker-compose up. 20 | # github: 21 | # file: /var/praqma-jenkins-casc/secrets/github 22 | # adminpw: 23 | # file: /var/praqma-jenkins-casc/secrets/adminpw 24 | # agent_private_key: #This should point to the private key you want your jenkins master to use when connecting to slaves. So in AWS for example this would be your .pem file 25 | # file: ~/.ssh/id_rsa 26 | volumes: 27 | jenkins_home_summit: 28 | -------------------------------------------------------------------------------- /master/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM jenkins/jenkins:2.222.4 2 | 3 | LABEL maintainer="ewe@praqma.net" 4 | COPY plugins_extra.txt /usr/share/jenkins/ref/plugins_extra.txt 5 | 6 | ENV JENKINS_HOME /var/jenkins_home 7 | 8 | ARG JAVA_OPTS 9 | ENV JAVA_OPTS "-Djenkins.install.runSetupWizard=false ${JAVA_OPTS:-}" 10 | 11 | RUN xargs /usr/local/bin/install-plugins.sh < /usr/share/jenkins/ref/plugins_extra.txt 12 | -------------------------------------------------------------------------------- /master/plugins_extra.txt: -------------------------------------------------------------------------------- 1 | ace-editor:1.1 2 | analysis-core:1.96 3 | analysis-model-api:8.1.3 4 | antisamy-markup-formatter:2.0 5 | apache-httpcomponents-client-4-api:4.5.10-2.0 6 | bootstrap4-api:4.5.0-1 7 | bouncycastle-api:2.16.0 8 | branch-api:2.5.6 9 | cloudbees-folder:6.13 10 | command-launcher:1.0 11 | conditional-buildstep:1.3.6 12 | configuration-as-code:1.41 13 | copyartifact:1.44 14 | credentials:2.3.8 15 | credentials-binding:1.23 16 | data-tables-api:1.10.21-1 17 | display-url-api:2.3.2 18 | durable-task:1.34 19 | echarts-api:4.7.0-4 20 | email-ext:2.69 21 | envinject:2.3.0 22 | envinject-api:1.7 23 | font-awesome-api:5.13.0-1 24 | forensics-api:0.7.0 25 | git:4.2.2 26 | git-client:3.2.1 27 | git-server:1.9 28 | github:1.30.0 29 | github-api:1.112.0 30 | github-branch-source:2.8.0 31 | github-oauth:0.33 32 | handlebars:1.1.1 33 | htmlpublisher:1.23 34 | jackson2-api:2.11.0 35 | javadoc:1.5 36 | jdk-tool:1.0 37 | job-dsl:1.77 38 | jquery-detached:1.2.1 39 | jquery3-api:3.5.1-1 40 | jsch:0.1.55.2 41 | junit:1.29 42 | lockable-resources:2.8 43 | mailer:1.32 44 | matrix-auth:2.6.1 45 | matrix-project:1.14 46 | maven-plugin:3.6 47 | momentjs:1.1.1 48 | parameterized-trigger:2.36 49 | pipeline-build-step:2.12 50 | pipeline-graph-analysis:1.10 51 | pipeline-input-step:2.11 52 | pipeline-milestone-step:1.3.1 53 | pipeline-model-api:1.7.0 54 | pipeline-model-definition:1.7.0 55 | pipeline-model-extensions:1.7.0 56 | pipeline-rest-api:2.13 57 | pipeline-stage-step:2.3 58 | pipeline-stage-tags-metadata:1.7.0 59 | pipeline-stage-view:2.13 60 | plain-credentials:1.7 61 | plugin-util-api:1.2.2 62 | popper-api:1.16.0-6 63 | pretested-integration:3.1.1 64 | run-condition:1.3 65 | scm-api:2.6.3 66 | script-security:1.73 67 | slack:2.40 68 | snakeyaml-api:1.26.4 69 | ssh-credentials:1.18.1 70 | ssh-slaves:1.31.2 71 | structs:1.20 72 | text-finder:1.12 73 | timestamper:1.11.3 74 | token-macro:2.12 75 | trilead-api:1.0.8 76 | warnings:5.0.1 77 | warnings-ng:8.1.0 78 | workflow-aggregator:2.6 79 | workflow-api:2.40 80 | workflow-basic-steps:2.20 81 | workflow-cps:2.80 82 | workflow-cps-global-lib:2.16 83 | workflow-durable-task-step:2.35 84 | workflow-job:2.39 85 | workflow-multibranch:2.21 86 | workflow-scm-step:2.11 87 | workflow-step-api:2.22 88 | workflow-support:3.4 -------------------------------------------------------------------------------- /secrets/adminpw: -------------------------------------------------------------------------------- 1 | adminpw -------------------------------------------------------------------------------- /secrets/github: -------------------------------------------------------------------------------- 1 | 123456 --------------------------------------------------------------------------------