The CI/CD Manager manages the source repository (Gitea) and configures the Pipeline (Jenkins) for build and deployment.

Adding a Docker Secret to the Namespace

A Secret is used to store sensitive information such as passwords, OAuth tokens, and SSH keys. Storing this information in a Secret is safer and more flexible than embedding it directly in a Pod definition or Docker image. 

Follow the steps below to add a Docker Secret using the Harbor account created earlier.

1. Click theSecret tab.
2. Click the Add Secert  (Secret 추가) button at the top right of the Secret list.
3. When the Add Secret popup appears, enter the appropriate information for the type and click the Register button

• 
  
  • Secret Name : my-docker-secret
  • Secret Type : Docker Registry
  • docker-server(required) : Image Registry (Harbor) address. 
  • docker-username(required ) : Image Registry login user ID.
  • docker-password(required ) : Image Registry login password. 
  • docker-email :Docker login user email. 

Creating a Source Repository and Setting Permissions

Creating an Account

User accounts are not automatically linked to the accounts registered in ZCP. When accessing Gitea for the first time, the new registration screen will appear. Enter the required information to register a new account.

(Do not change the username and email under the Sign Up section. Only enter the password to create the account. )

After that, when accessing the source repository through the ZCP Console, you will be logged in automatically.

Creating a Repository

A repository is a Git remote repository. 

On the Gitea home screen, click the “+” button in the upper right corner, then select "New Repository".

Enter the repository name and description, then click the "Create Repository" button.

 

This is the screen showing the created repository.

Pushing Source Code

Push the source code to the created repository.

The sample source code used in this document can be found at Hello ZCP  Hello ZCP (https://github.com/cnpst/hellozcp)

# 샘플 소스 코드 가져오기
> git clone https://github.com/cnpst/hellozcp.git
Cloning into 'hellozcp'...
remote: Enumerating objects: 25, done.
remote: Counting objects: 100% (25/25), done.
remote: Compressing objects: 100% (18/18), done.
remote: Total 25 (delta 0), reused 25 (delta 0), pack-reused 0
Unpacking objects: 100% (25/25), done.

# 오리지널 저장소 연결 끊기
> cd hellozcp
> git remote remove origin

# ZCP git 저장소 연결 추가
> git remote add origin https://git.cloudzcp.io/earth1223/new-repository.git

# 소스 코드 Push
> git push -u origin master
Enumerating objects: 25, done.
Counting objects: 100% (25/25), done.
Delta compression using up to 8 threads
Compressing objects: 100% (18/18), done.
Writing objects: 100% (25/25), 46.95 KiB | 9.39 MiB/s, done.
Total 25 (delta 0), reused 0 (delta 0)
To https://git.cloudzcp.io/earth1223/new-repository.git
 * [new branch]      master -> master
Branch 'master' set up to track remote branch 'master' from 'origin'.

This is the screen showing a successful source code push to the repository.

Configuring the Build and Deployment Pipeline

In the ZCP Console, click on the Build and Deployment menu under DevOps.

Select the Folder that matches your Namespace.

Creating Credentials

For Jenkins to checkout source code from Gitea and push to the Docker registry, authentication credentials are required for each system.

Enter your Folder. Click the Credentials menu on the left.

Under Credentials, select the Folder and click Global credentials.

Select the Add Credentials menu on the left, then enter the Gitea ID and Password created earlier to generate the Credential information. The Credential ID should be created following the rules below.

This is the screen showing both Gitea and Harbor credentials successfully created.

Creating a Jenkinsfile 

A Jenkinsfile is a script that defines a series of actions (workflow) for building and deploying in a Jenkins pipeline. For more details, refer to the Offical Jenkins documentation

Create a file named Jenkinsfile in the root directory of the source code and paste the following content.

@Library('retort-lib') _
def label = "jenkins-${UUID.randomUUID().toString()}"

def ZCP_USERID='zcpsample'
def DOCKER_IMAGE='zcpsample/sam-springboot'
def K8S_NAMESPACE='default'

timestamps {
    podTemplate(label:label,
        serviceAccount: "zcp-system-sa-${ZCP_USERID}",
        containers: [
            containerTemplate(name: 'maven', image: 'maven:3.5.2-jdk-8-alpine', ttyEnabled: true, command: 'cat'),
            containerTemplate(name: 'docker', image: 'docker:17-dind', ttyEnabled: true, command: 'dockerd-entrypoint.sh', privileged: true),
            containerTemplate(name: 'kubectl', image: 'lachlanevenson/k8s-kubectl', ttyEnabled: true, command: 'cat')
        ],
        volumes: [
            persistentVolumeClaim(mountPath: '/root/.m2', claimName: 'zcp-jenkins-mvn-repo')
        ]) {
    
        node(label) {
            stage('SOURCE CHECKOUT') {
                def repo = checkout scm
            }
    
            stage('BUILD') {
                container('maven') {
                    mavenBuild goal: 'clean package', systemProperties:['maven.repo.local':"/root/.m2/${JOB_NAME}"]
                }
            }
    
            stage('BUILD DOCKER IMAGE') {
                container('docker') {
                    dockerCmd.build tag: "${HARBOR_REGISTRY}/${DOCKER_IMAGE}:${BUILD_NUMBER}"
                    dockerCmd.push registry: HARBOR_REGISTRY, imageName: DOCKER_IMAGE, imageVersion: BUILD_NUMBER, credentialsId: "HARBOR_CREDENTIALS"
                }
            }
    
            stage('DEPLOY') {
                container('kubectl') {
                    kubeCmd.apply file: 'k8s/service.yaml', namespace: K8S_NAMESPACE
                    yaml.update file: 'k8s/deploy.yaml', update: ['.spec.template.spec.containers[0].image': "${HARBOR_REGISTRY}/${DOCKER_IMAGE}:${BUILD_NUMBER}"]
    
                    kubeCmd.apply file: 'k8s/deploy.yaml', wait: 300, recoverOnFail: false, namespace: K8S_NAMESPACE
                }
            }
        }
    }
}

Modify lines 4, 5, and 6 in the Jenkinsfile according to your settings and save the file.

4 : Your account used to log in to the ZCP Console.

5 : The Docker Image name, formatted as {ProjectName}/{ApplicationName}. The Project Name should match the Private Project created in Harbor.

6 : The Namespace created in the ZCP Console.

Jenkinsfile Pushing

Push the modified Jenkinsfile to the Git repository.

# Jenkinsfile을 Index에 추가
> git add Jenkinsfile

# Commit
> git commit -m "Add Jenkinsfile"
[master 4271304] Add Jenkinsfile
 1 file changed, 48 insertions(+)
 create mode 100644 Jenkinsfile

# Push
> git push -u zcp-origin master
Username for 'https://git.cloudzcp.io': earth1223
Password for 'https://earth1223@git.cloudzcp.io':
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Delta compression using up to 8 threads
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 1.07 KiB | 1.07 MiB/s, done.
Total 3 (delta 1), reused 0 (delta 0)
To https://git.cloudzcp.io/earth1223/new-repository.git
   ca88947..4271304  master -> master
Branch 'master' set up to track remote branch 'master' from 'zcp-origin'.

The Jenkinsfile has been added to the repository.

Creating a Jenkins Pipeline

Click New Item on the left or Create a new job in the center.

Enter a Pipeline name, select Pipeline, and click the OK button.

When the configuration screen of the created Pipeline appears, navigate to the Pipeline tab.

Select Pipeline script from SCM in the Definition dropdown.

Set SCM to Git.

Configure the location of the Jenkinsfile.

Enter the Repository URL in the Git Clone URL field. You can copy the Clone URL from the Git repository screen. It is acceptable to include .git at the end of the repository URL.

Select the Git Credentials that were created earlier in the Credentials field.

Choose gogs in the Repository browser field.

Enter the repository URL from the Git repository screen, removing .git from the end before inputting it.

After entering all values, click the Save button.

Running the Build & Deployment Pipeline

Once the Pipeline settings are saved, you will be redirected to the Pipeline Status screen.

Running the Pipeline

To run the Pipeline, click the Build Now button on the left.

Once the build starts, you can check the running builds in the Build History section at the bottom.

Viewing Build Logs

Click the icon to the left of the build number to view the logs of the running build.

Select the Folder that matches your Namespace.