Shared Jenkins Pipeline for easy CI/CD.
To use this pipeline, each project needs two files:
a Jenkinsfile with the following content:
@Library("kubernetic-ci") _
kubernetic{}and a kubernetic.yaml file with the following structure:
images:
- name: project-a/demo
path: Dockerfile
context: .
tags:
- ${GIT_BRANCH}
- ${GIT_COMMIT_SHORT}
- ${GIT_BRANCH}-${BUILD_NUMBER}
charts:
- charts/demo
releases:
- name: demo
namespace: demo
path: charts/demosThe pipeline is configurable by two files:
- Project config: The
kubernetic.yamlinside the repository. - Global config: The
properties.yamlunder the/pipeline/properties.yamlpath.
The format of the Global configuration is the following:
registry:
url: https://eu.gcr.io/my-sample-project-191923
credentialsId: gcr:my-sample-project-191923
chartRepo: chartmuseum
repos:
- name: stable
url: https://kubernetes-charts.storage.googleapis.com/
- name: chartmuseum
url: https://chartmuseum.example.com/
username: myuser
password: ****In the Projects config the following sections are available:
The order of the sections in the configuration file is not taken into account.
Each section executes the entries in order of appearance in the configuration file.
In a single repository multiple images can be configured to be compiled:
images:
- name: project-a/demo
path: Dockerfile
context: .
tags:
- ${GIT_BRANCH}
- ${GIT_COMMIT_SHORT}
- ${GIT_BRANCH}-${BUILD_NUMBER}For each Image entry the following is executed:
docker login ${global.registry.url}
docker build -t ${global.registry.url}/${image.name} -f ${image.path} ${image.context}Then for each tag the built image is tagged and pushed to the remote registry.
docker tag ${global.registry.url}/${image.name} ${global.registry.url}/${image.name}:${tag}
docker push ${global.registry.url}/${image.name}:${tag}In a single repository multiple charts can be configured to be build:
charts:
- charts/demoAn initial setup of the Helm client is performed:
helm init -c
# for each global.repos[]
helm repo add ${repo.name} --username ${repo.username} --password ${repo.password} ${repo.url}Then for each Chart entry the following is executed:
helm dep build ${chart.name}
helm package ${chart.name}
helm lint ${chart.name}
helm push ${file} ${chartRepo}In a single repository multiple releases can be configured to be upgraded:
releases:
- name: demo
namespace: demo
path: charts/demosFor each Release entry the following is executed:
helm dep build ${release.path}
helm upgrade -i ${release.name} ${release.path} --namespace ${release.namespace}In the Global config the following sections are available:
Registry is used to authenticate to a remote private registry in order to be able to pull & push images.
registry:
url: https://eu.gcr.io/my-sample-project-191923
credentialsId: gcr:my-sample-project-191923Docker build step plugin is used to interact with Docker and registry authentication:
docker.withRegistry(registry.url, registry.credentialsId) {...}ChartRepo is the name of the chart repository that is used to push charts:
chartRepo: chartmuseumWhen pushing Charts to a chart repository (e.g. chartmuseum) the helm push plugin is used:
helm push ${file} ${chartRepo}Repos is used to manage the Helm repositories used to download & upload charts.
repos:
- name: stable
url: https://kubernetes-charts.storage.googleapis.com/
- name: chartmuseum
url: https://chartmuseum.example.com/
username: myuser
password: ****For each Repo the following is executed to add the repository:
helm repo add ${repo.name} --username ${repo.username} --password ${repo.password} ${repo.url}