The build and deployment service is provided based on the open-source CI (Continuous Integration) tool Jenkins .
※ CI (Continuous Integration): Executes a process that applies Quality Control (a process that reviews all quality factors related to entity production).
It frequently applies small unit tasks, replacing the traditional method of applying Quality Control at the very end, focusing on improving software quality and reducing the time required for software deployment.
To use the service, click DevOps > Build and Deployment from the side menu in ZCP Console.
The Jenkins account is integrated with ZCP Console users, and permissions are granted for a Folder with the same name as the authorized Namespace.
The key features are as follows:
Source code checkout (Subversion, Git, Perforce, Mercurial, CVS, etc.)
- Build and test (Ant, Maven, MSBuild, shell script, etc.)
- Result logging (binary, test results, code coverage, static analysis)
- Notification features (Email, IM, RSS, IDEs)
Jenkins has various features.
- Supports various OS
- Easy and fast installation (deploy as a WAR file in a WAS, run as a daemon using Java command)
- Supports distributed environments (prevents Jenkins Master overload by installing Jenkins Agent)
- Expandable with various plugins
- Automated scheduled builds
- Automated deployment of built artifacts
Managing Credentials in Jenkins Folder
To perform builds and deployments in Jenkins, two basic Credential details are required: Git Repository access credentials for source checkout and Registry access credentials for pushing Docker images.
Jenkins provides the Credentials feature for easy reuse and management of accounts.
Creating Credentials
Click Credentials from the left menu in the Folder.
Click the global link in the Folder Scope (default).
Click the Add Credentials menu on the left.
Select Username with password, enter Username, Password, and ID, then click the OK button.
At this time, the ID should use the reserved words for ZCP’s Pipeline.
- Git Credential ID: GIT_CREDENTIALS
- Docker Credential ID: HARBOR_CREDENTIALS
Adding a Description makes it easier to distinguish credentials in the list.
Here is an example of creating two credentials.
Credentials created under a Folder can only be used within Pipelines inside that Folder.
Managing Pipelines
Jenkins Pipeline defines the workflow for building and deploying applications.
The basic workflow follows this order: Source Code Checkout - Application Build - Docker Build & Push - Kubernetes Deployment.
In ZCP, Pipelines are defined using Groovy inside a file called Jenkinsfile, which is included in the source code for version control.
Creating a Pipeline
Click New Item from the left menu in the Folder.
- Enter Job name (Application name) in Item name.
- Select Pipeline.
- Click the OK button.
Set up the Pipeline Tab as follows.
- Select Definition as Pipeline script from SCM.
- Select SCM type as GIT.
- Enter the GIT Clone URL in Repository URL under Repositories.
- Select the Git Credentials created earlier in Credentials.
- Enter the Git branch of the source code to be deployed in Branches to build.
- Select gogs in Repository browser. If using a Git service other than the one provided by ZCP, select the appropriate Git service.
- Enter Jenkinsfile in Script Path.
- Click the OK button.
Copy the following Pipeline code and save it as Jenkinsfile in the root of the application source.
The provided sample Pipeline is an example for building/deploying a Maven project.
To ensure the Pipeline executes correctly, prepare the following files in advance.
Build and Deployment Related Files
- Dockerfile: Used for Docker build. Since it varies by application type, refer to this page. Save the created Dockerfile as Dockerfile in the application root.
- deploy.yaml: Used to deploy the application on Kubernetes. Refer to this page. Create a folder named k8s under the application root and store deploy.yaml inside it.
- service.yaml: Used to expose the deployed deploy on Kubernetes externally. Refer to this page . Save the created service.yaml file inside the k8s folder under the application root.
@Library('retort-lib') _ def label = "jenkins-${UUID.randomUUID().toString()}" def ZCP_USERID='zcpsample' def DOCKER_IMAGE='zcpsample/sam-springboot' def K8S_NAMESPACE='default' timestamps { podTemplate(label:label, serviceAccount: "zcp-system-sa-${ZCP_USERID}", containers: [ containerTemplate(name: 'maven', image: 'maven:3.5.2-jdk-8-alpine', ttyEnabled: true, command: 'cat'), containerTemplate(name: 'docker', image: 'docker:17-dind', ttyEnabled: true, command: 'dockerd-entrypoint.sh', privileged: true), containerTemplate(name: 'kubectl', image: 'lachlanevenson/k8s-kubectl:v1.13.6', ttyEnabled: true, command: 'cat') ], volumes: [ persistentVolumeClaim(mountPath: '/root/.m2', claimName: 'zcp-jenkins-mvn-repo') ]) { node(label) { stage('SOURCE CHECKOUT') { def repo = checkout scm } stage('BUILD') { container('maven') { mavenBuild goal: 'clean package', systemProperties:['maven.repo.local':"/root/.m2/${JOB_NAME}"] } } stage('BUILD DOCKER IMAGE') { container('docker') { dockerCmd.build tag: "${HARBOR_REGISTRY}/${DOCKER_IMAGE}:${BUILD_NUMBER}" dockerCmd.push registry: HARBOR_REGISTRY, imageName: DOCKER_IMAGE, imageVersion: BUILD_NUMBER, credentialsId: "HARBOR_CREDENTIALS" } } stage('DEPLOY') { container('kubectl') { kubeCmd.apply file: 'k8s/service.yaml', namespace: K8S_NAMESPACE yaml.update file: 'k8s/deploy.yaml', update: ['.spec.template.spec.containers[0].image': "${HARBOR_REGISTRY}/${DOCKER_IMAGE}:${BUILD_NUMBER}"] kubeCmd.apply file: 'k8s/deploy.yaml', wait: 300, recoverOnFail: false, namespace: K8S_NAMESPACE } } } } }
Modify and save the following contents in the created Jenkinsfile.
Sections to Modify
- Line 4 ZCP_USERID: Enter the ZCP Console ID of the deployment manager.
- Line 5 DOCKER_IMAGE: Enter the name of the Docker Image to be created.
The Docker Registry used for pushing the Docker Image in the Pipeline is set to HARBOR, provided by the ZCP Add-on service by default. This address is available as the key HARBOR_REGISTRY and is stored in the Global Properties of Jenkins, which can only be modified by the Cluster-admin.
Pipeline Execution
On the created Pipeline screen, click Build Now in the left menu.
Pipeline execution is only available to users with admin or cicd-manager permissions in the Namespace.
You can check the execution status on the current screen.
In the left Build History, click Console Output of the currently running build to view the execution logs of the Pipeline.
Online consultation
Contact us