Add Task to Trigger Jenkins Pipeline using Tekton

The following task can be used to trigger an existing Jenkins pipeline from Tekton using the CURL request by providing the required parameters. Signed-off-by: vinamra28 <[email protected]>
tektoncd · Jul 14, 2020 · 23210d0 · 23210d0
1 parent f3ebc33
commit 23210d0
Show file tree

Hide file tree

Showing 4 changed files with 217 additions and 0 deletions.
diff --git a/task/trigger-jenkins-job/0.1/README.md b/task/trigger-jenkins-job/0.1/README.md
@@ -0,0 +1,103 @@
+# Trigger Jenkins Job
+
+The following task can be used to trigger a Jenkins pipeline using CURL request from a Tekton Task.
+
+More details on Remote Access API can be found [here](https://www.jenkins.io/doc/book/using/remote-access-api/)
+
+## Install the Task
+
+```bash
+kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/trigger-jenkins-job/trigger-jenkins-job.yaml
+```
+
+## Parameters
+
+- **JENKINS_HOST_URL**: The URL on which Jenkins is running (**Required**)
+- **JOB_NAME**: The Job name which needs to be triggered (**Required**)
+- **JENKINS_SECRETS**: The name of the secret containing the username and API token for authenticating the Jenkins (_Default_: jenkins-credentials) (**Required**)
+- **JOB_PARAMS**: Extra parameters which needs to be appended in the `CURL` request. (_Default_: ""). `JOB_PARAMS` is of type `array` so multiple arguments can be appended. `JOB_PARAMS` can be provided as follows:-
+
+  ```yaml
+  params:
+    - name: JOB_PARAMS
+      value: |
+        - file0=@PATH_TO_FILE
+        - name=FILE_LOCATION_AS_SET_IN_JENKINS
+          file=file0
+  ```
+
+## Workspaces
+
+- **source**: In case any file needs to be provided to the Jenkins Job. (_Default_: `emptyDir: {}`)
+
+## Secrets
+
+Secrets containing `username`,`API token` and `crumb` that are used in the task for making the CURL request.
+
+Crumb can be obtained using following command :-
+
+```bash
+$ wget -q --auth-no-challenge --user username --password password --output-document - 'http://${Jenkins_URL}/crumbIssuer/api/xml?xpath=concat(//crumbRequestField,":",//crumb)'
+```
+
+This will give you something like `Jenkins-Crumb:44e7033af70da95a47403c3bed5c10f8`. Without crumb information, running curl command will result in example errors such as `HTTP/1.1 403 Forbidden` or `Error 403 No valid crumb was included in the request`.
+
+```yaml
+apiVersion: v1
+kind: Secret
+metadata:
+  name: jenkins-credentials
+type: Opaque
+stringData:
+  username: username
+  apitoken: api-token
+  crumb: crumb
+```
+
+## Usage
+
+1. Without `JOB_PARAMS` parameters
+
+   ```yaml
+   apiVersion: tekton.dev/v1beta1
+   kind: TaskRun
+   metadata:
+     name: trigger-jenkins-job-run
+   spec:
+     taskRef:
+       name: trigger-jenkins-job
+     params:
+       - name: JENKINS_HOST_URL
+         value: "http://localhost:8080"
+       - name: JOB_NAME
+         value: tekton
+     workspaces:
+       - name: source
+         emptyDir: {}
+   ```
+
+1. With `JOB_PARAMS` parameters
+
+   ```yaml
+   apiVersion: tekton.dev/v1beta1
+   kind: TaskRun
+   metadata:
+     name: trigger-jenkins-job-run
+   spec:
+     taskRef:
+       name: trigger-jenkins-job
+     params:
+       - name: JENKINS_HOST_URL
+         value: "http://localhost:8080"
+       - name: JOB_NAME
+         value: tekton
+       - name: JOB_PARAMS
+         value:
+           - name=id
+             value=123
+           - name=verbosity
+             value=high
+     workspaces:
+       - name: source
+         emptyDir: {}
+   ```
diff --git a/task/trigger-jenkins-job/0.1/examples/run.yaml b/task/trigger-jenkins-job/0.1/examples/run.yaml
@@ -0,0 +1,17 @@
+apiVersion: tekton.dev/v1beta1
+kind: TaskRun
+metadata:
+  name: trigger-jenkins-job-run
+spec:
+  taskRef:
+    name: trigger-jenkins-job
+  params:
+    - name: JENKINS_HOST_URL
+      value: http://localhost:8080
+    - name: JOB_NAME
+      value: tekton
+    - name: JENKINS_SECRETS
+      value: jenkins-credentials
+  workspaces:
+    - name: source
+      emptyDir: {}
diff --git a/task/trigger-jenkins-job/0.1/examples/secrets.yaml b/task/trigger-jenkins-job/0.1/examples/secrets.yaml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: jenkins-credentials
+type: Opaque
+stringData:
+  username: username
+  apitoken: api-token
+  crumb: crumb
diff --git a/task/trigger-jenkins-job/0.1/trigger-jenkins-job.yaml b/task/trigger-jenkins-job/0.1/trigger-jenkins-job.yaml
@@ -0,0 +1,88 @@
+apiVersion: tekton.dev/v1beta1
+kind: Task
+metadata:
+  name: trigger-jenkins-job
+spec:
+  workspaces:
+    - name: source
+  params:
+    - name: JENKINS_HOST_URL
+      type: string
+      description: Server URL on which Jenkins is running
+    - name: JOB_NAME
+      type: string
+      description: Jenkins Job which needs to be triggered
+    - name: JENKINS_SECRETS
+      type: string
+      description: Jenkins secret containing credentials
+      default: jenkins-credentials
+    - name: JOB_PARAMS
+      type: array
+      description: Extra arguments to append as a part of CURL request
+      default: [""]
+  steps:
+    - name: trigger-pipeline
+      image: registry.access.redhat.com/ubi8/ubi:latest
+      workingDir: $(workspaces.source.path)
+      args:
+        - $(params.JOB_PARAMS)
+      script: |
+        #!/usr/libexec/platform-python
+
+        import json
+        import os
+        import sys
+        import urllib
+        import subprocess
+
+        args = sys.argv[1:]
+
+        # initializing json array
+        jsonArray = []
+        finalArgs = ""
+        noParams = 0
+
+        # iterating over the params provided by user
+        for params in args:
+
+          if params == "":
+            noParams=1
+            break
+          if '@' in params:
+            finalArgs += " --form "+params
+          else :
+            split_params = params.split(" ")
+            # initializing json object
+            obj = {}
+            for attr in split_params:
+              keyValue = attr.split("=")
+              obj[keyValue[0]] = keyValue[1]
+            jsonArray.append(obj)
+        finalJson = {}
+        finalJson["parameter"] = jsonArray
+        if len(finalArgs) == 0 and noParams==0:
+          finalArgs += " --data-urlencode json='"+str(finalJson)+"'"
+        elif noParams ==0 :
+          finalArgs += " --form json='"+str(finalJson)+"'"
+
+        crumb = "-H \"Jenkins-Crumb:"+os.getenv('JENKINS_CRUMB')+"\""
+
+        url = "curl -X POST "+crumb+" $(params.JENKINS_HOST_URL)"+"/job/"+"$(params.JOB_NAME)"+"/build --user "+os.getenv('USERNAME')+":"+os.getenv('API_TOKEN')+finalArgs
+        print(url)
+        subprocess.call(url.split(" "))
+      env:
+        - name: USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: $(params.JENKINS_SECRETS)
+              key: username
+        - name: API_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: $(params.JENKINS_SECRETS)
+              key: apitoken
+        - name: JENKINS_CRUMB
+          valueFrom:
+            secretKeyRef:
+              name: $(params.JENKINS_SECRETS)
+              key: crumb