For other versions of OpenShift, follow the instructions in the corresponding branch e.g. ocp-3.6, ocp-3.5, etc
This repository includes the infrastructure and pipeline definition for continuous delivery using Jenkins, Nexus and SonarQube on OpenShift. On every pipeline execution, the code goes through the following steps:
- Code is cloned from Gogs, built, tested and analyzed for bugs and bad patterns
- The WAR artifact is pushed to Nexus Repository manager
- A Docker image (tasks:latest) is built based on the Tasks application WAR artifact deployed on JBoss EAP 6
- The Tasks Docker image is deployed in a fresh new container in DEV project
- If tests successful, the DEV image is tagged with the application version (tasks:7.x) in the STAGE project
- The staged image is deployed in a fresh new container in the STAGE project
The following diagram shows the steps included in the deployment pipeline:
The application used in this pipeline is a JAX-RS application which is available on GitHub and is imported into Gogs during the setup process: https://github.com/OpenShiftDemos/openshift-tasks
- 8+ GB memory available on OpenShift nodes
- JBoss EAP 7 imagestreams imported to OpenShift (see Troubleshooting section for details)
If you have access to RHPDS, provisioning of this demo is automated via the service catalog under OpenShift Demos → OpenShift CI/CD for Monolith. If you don't know what RHPDS is, read the instructions in the next section.
Follow these instructions in order to create a local OpenShift cluster. Otherwise using your current OpenShift cluster, create the following projects for CI/CD components, Dev and Stage environments:
oc new-project dev --display-name="Tasks - Dev"
oc new-project stage --display-name="Tasks - Stage"
oc new-project cicd --display-name="CI/CD"
oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n dev
oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n stage
oc new-app jenkins-persistent --param=MEMORY_LIMIT=1Gi -e INSTALL_PLUGINS=analysis-core:1.92,findbugs:4.71,pmd:3.49,checkstyle:3.49,dependency-check-jenkins-plugin:2.1.1,htmlpublisher:1.14,jacoco:2.2.1,analysis-collector:1.52 -n cicd
You can choose to use either SonarQube for static code and security analysis or instead use Maven plugins and generated reports within the Jenkins:
# Deploy Pipeline with SonarQube
oc new-app -n cicd -f cicd-template-with-sonar.yaml
# Deploy Pipeline without SonarQube
oc new-app -n cicd -f cicd-template.yaml
To use custom project names, change cicd, dev and stage in the above commands to
your own names and use the following to create the demo:
oc new-app -n mycicd -f cicd-template.yaml --param DEV_PROJECT=mydev --param STAGE_PROJECT=mystage
Instead of the above, you can also use the scripts/provision.sh script provided which does the exact steps as described above:
./provision.sh --help
./provision.sh deploy --with-sonar --ephemeral
./provision.sh delete
Note: you need ~8GB memory for running this demo.
-
A Jenkins pipeline is pre-configured which clones Tasks application source code from Gogs (running on OpenShift), builds, deploys and promotes the result through the deployment pipeline. In the CI/CD project, click on Builds and then Pipelines to see the list of defined pipelines.
Click on tasks-pipeline and Configuration and explore the pipeline definition.
You can also explore the pipeline job in Jenkins by clicking on the Jenkins route url, logging in with the OpenShift credentials and clicking on tasks-pipeline and Configure.
-
Run an instance of the pipeline by starting the tasks-pipeline in OpenShift or Jenkins.
-
During pipeline execution, verify a new Jenkins slave pod is created within CI/CD project to execute the pipeline.
-
Pipelines pauses at Deploy STAGE for approval in order to promote the build to the STAGE environment. Click on this step on the pipeline and then Promote.
-
After pipeline completion, demonstrate the following:
- Explore the snapshots repository in Nexus and verify openshift-tasks is pushed to the repository
- Explore SonarQube or pipeline in Jenkins and show the metrics, stats, code coverage, etc
- Explore Tasks - Dev project in OpenShift console and verify the application is deployed in the DEV environment
- Explore Tasks - Stage project in OpenShift console and verify the application is deployed in the STAGE environment
-
Clone and checkout the eap-7 branch of the openshift-tasks git repository and using an IDE (e.g. JBoss Developer Studio), remove the
@Ignoreannotation fromsrc/test/java/org/jboss/as/quickstarts/tasksrs/service/UserResourceTest.javatest methods to enable the unit tests. Commit and push to the git repo. -
Check out Jenkins, a pipeline instance is created and is being executed. The pipeline will fail during unit tests due to the enabled unit test.
-
Check out the failed unit and test
src/test/java/org/jboss/as/quickstarts/tasksrs/service/UserResourceTest.javaand run it in the IDE. -
Fix the test by modifying
src/main/java/org/jboss/as/quickstarts/tasksrs/service/UserResource.javaand uncommenting the sort function in getUsers method. -
Run the unit test in the IDE. The unit test runs green. Commit and push the fix to the git repository and verify a pipeline instance is created in Jenkins and executes successfully.
-
SonarQube sometimes fails to load quality profiles requires for static analysis.
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.1:sonar (default-cli) on project jboss-tasks-rs: No quality profiles have been found, you probably don't have anyScale down the SonarQube pod and its PostgreSQL database to 0 and then scale them up to 1 again (first PostgreSQL, then SonarQube) to re-initialize SonarQube.
-
Downloading the images might take a while depending on the network. Remove the install-gogs pod and re-create the app to retry Gogs initialization.
$ oc delete pod install-gogs $ oc delete pods -l app=gogs $ oc process -f cicd-template.yaml | oc create -f - pod "install-gogs" created Error from server: routes "jenkins" already exists Error from server: deploymentconfigs "jenkins" already exists Error from server: serviceaccounts "jenkins" already exists Error from server: rolebinding "jenkins_edit" already exists ... -
If the cicd-pipeline Jenkins job has disappeared, scale Jenkins pod to 0 and up to 1 again to force a job sync with OpenShift pipelines.
-
If pipeline execution fails with
error: no match for "jboss-eap70-openshift", import the jboss imagestreams in OpenShift.oc login -u system:admin oc create -f https://raw.githubusercontent.com/jboss-openshift/application-templates/master/jboss-image-streams.json -n openshift