Adding a pipeline for our spring boot demo app

basic-spring-boot/Jenkinsfile

@@ -0,0 +1,123 @@
+#!/usr/bin/groovy
+
+////
+// This pipeline requires the following plugins:
+// Kubernetes Plugin 0.10
+////
+
+String ocpApiServer = env.OCP_API_SERVER ? "${env.OCP_API_SERVER}" : "https://openshift.default.svc.cluster.local"
+
+node('master') {
+
+  env.NAMESPACE = readFile('/var/run/secrets/kubernetes.io/serviceaccount/namespace').trim()
+  env.TOKEN = readFile('/var/run/secrets/kubernetes.io/serviceaccount/token').trim()
+  env.OC_CMD = "oc --token=${env.TOKEN} --server=${ocpApiServer} --certificate-authority=/run/secrets/kubernetes.io/serviceaccount/ca.crt --namespace=${env.NAMESPACE}"
+
+  env.APP_NAME = "${env.JOB_NAME}".replaceAll(/-?pipeline-?/, '').replaceAll(/-?${env.NAMESPACE}-?/, '')
+  def projectBase = "${env.NAMESPACE}".replaceAll(/-dev/, '')
+  env.STAGE1 = "${projectBase}-dev"
+  env.STAGE2 = "${projectBase}-stage"
+  env.STAGE3 = "${projectBase}-prod"
+
+}
+
+node('maven') {
+  def mvnHome = "/usr/share/maven/"
+  def mvnCmd = "${mvnHome}bin/mvn"
+  String pomFileLocation = env.BUILD_CONTEXT_DIR ? "${env.BUILD_CONTEXT_DIR}/pom.xml" : "pom.xml"
+
+  stage('SCM Checkout') {
+    checkout scm
+  }
+
+  stage('Build') {
+
+    sh "${mvnCmd} clean install -DskipTests=true -f ${pomFileLocation}"
+
+  }
+
+  stage('Build Image') {
+
+    sh """
+       rm -rf oc-build && mkdir -p oc-build/deployments
+
+       for t in \$(echo "jar;war;ear" | tr ";" "\\n"); do
+         cp -rfv ./target/*.\$t oc-build/deployments/ 2> /dev/null || echo "No \$t files"
+       done
+
+       for i in oc-build/deployments/*.war; do
+          mv -v oc-build/deployments/\$(basename \$i) oc-build/deployments/ROOT.war
+          break
+       done
+
+       ${env.OC_CMD} start-build ${env.APP_NAME} --from-dir=oc-build --wait=true --follow=true || exit 1
+    """
+  }
+
+  stage("Verify Deployment to ${env.STAGE1}") {
+
+    openshiftVerifyDeployment(deploymentConfig: "${env.APP_NAME}", namespace: "${STAGE1}", verifyReplicaCount: true)
+
+    input "Promote Application to Stage?"
+  }
+
+  stage("Promote To ${env.STAGE2}") {
+    sh """
+    ${env.OC_CMD} tag ${env.STAGE1}/${env.APP_NAME}:latest ${env.STAGE2}/${env.APP_NAME}:latest
+    """
+  }
+
+  stage("Verify Deployment to ${env.STAGE2}") {
+
+    openshiftVerifyDeployment(deploymentConfig: "${env.APP_NAME}", namespace: "${STAGE2}", verifyReplicaCount: true)
+
+    input "Promote Application to Prod?"
+  }
+
+  stage("Promote To ${env.STAGE3}") {
+    sh """
+    ${env.OC_CMD} tag ${env.STAGE2}/${env.APP_NAME}:latest ${env.STAGE3}/${env.APP_NAME}:latest
+    """
+  }
+
+  stage("Verify Deployment to ${env.STAGE3}") {
+
+    openshiftVerifyDeployment(deploymentConfig: "${env.APP_NAME}", namespace: "${STAGE3}", verifyReplicaCount: true)
+
+  }
+}
+
+/*
+podTemplate(label: 'promotion-slave', cloud: 'openshift', containers: [
+  containerTemplate(name: 'jenkins-slave-image-mgmt', image: "${env.SKOPEO_SLAVE_IMAGE}", ttyEnabled: true, command: 'cat'),
+  containerTemplate(name: 'jnlp', image: 'jenkinsci/jnlp-slave:2.62-alpine', args: '${computer.jnlpmac} ${computer.name}')
+]) {
+
+  node('promotion-slave') {
+
+    stage("Promote To ${env.STAGE3}") {
+
+      container('jenkins-slave-image-mgmt') {
+        sh """
+
+        set +x
+        imageRegistry=\$(${env.OC_CMD} get is ${env.APP_NAME} --template='{{ .status.dockerImageRepository }}' -n ${env.STAGE2} | cut -d/ -f1)
+
+        strippedNamespace=\$(echo ${env.NAMESPACE} | cut -d/ -f1)
+
+        echo "Promoting \${imageRegistry}/${env.STAGE2}/${env.APP_NAME} -> \${imageRegistry}/${env.STAGE3}/${env.APP_NAME}"
+        skopeo --tls-verify=false copy --remove-signatures --src-creds openshift:${env.TOKEN} --dest-creds openshift:${env.TOKEN} docker://\${imageRegistry}/${env.STAGE2}/${env.APP_NAME} docker://\${imageRegistry}/${env.STAGE3}/${env.APP_NAME}
+        """
+      }
+    }
+
+    stage("Verify Deployment to ${env.STAGE3}") {
+
+      openshiftVerifyDeployment(deploymentConfig: "${env.APP_NAME}", namespace: "${STAGE3}", verifyReplicaCount: true)
+
+    }
+
+  }
+}
+*/
+println "Application ${env.APP_NAME} is now in Production!"

basic-spring-boot/README.md

@@ -0,0 +1,152 @@
+# A Sample OpenShift Pipeline for a Spring Boot Application
+
+This example demonstrates how to implement a full end-to-end Jenkins Pipeline for a Java application in OpenShift Container Platform. This sample demonstrates the following capabilities:
+
+* Deploying an integrated Jenkins server inside of OpenShift
+* Running both custom and oob Jenkins slaves as pods in OpenShift
+* "One Click" instantiation of a Jenkins Pipeline using OpenShift's Jenkins Pipeline Strategy feature
+* Promotion of an application's container image within an OpenShift Cluster (using `oc tag`)
+* Promotion of an application's container image to a separate OpenShift Cluster (using `skopeo`) - Coming Soon!
+
+## Quickstart
+
+Run the following commands to instantiate this example.
+
+```
+cd ./basic-spring-boot
+oc create -f projects/projects.yml
+oc process openshift//jenkins-ephemeral | oc apply -f- -n basic-spring-boot-dev
+oc process -f deploy/template.yml --param-file=deploy/dev/params | oc apply -f-
+oc process -f deploy/template.yml --param-file=deploy/stage/params | oc apply -f-
+oc process -f deploy/template.yml --param-file=deploy/prod/params | oc apply -f-
+oc process -f build/template.yml --param-file build/dev/params | oc apply -f-
+```
+
+## Architecture
+
+### OpenShift Templates
+
+The components of this pipeline are divided into two templates.
+
+The first template, `build/template.yml` is what we are calling the "Build" template. It contains:
+
+* A `jenkinsPipelineStrategy` BuildConfig
+* An `s2i` BuildConfig
+* An ImageStream for the s2i build config to push to
+
+The build template contains a default source code repo for a java application compatible with this pipelines architecture (https://github.com/redhat-cop/spring-rest).
+
+The second template, `deploy/template.yml` is the "Deploy" template. It contains:
+
+* A tomcat8 DeploymentConfig
+* A Service definition
+* A Route
+
+The idea behind the split between the templates is that I can deploy the build template only once (to my dev project) and that the pipeline will promote my image through all of the various stages of my application's lifecycle. The deployment template gets deployed once to each of the stages of the application lifecycle (once per OpenShift project).
+
+### Pipeline Script
+
+This project includes a sample `Jenkinsfile` pipeline script that could be included with a Java project in order to implement a basic CI/CD pipeline for that project, under the following assumptions:
+
+* The project is built with Maven
+* The `Jenkinsfile` script is placed in the same directory as the `pom.xml` file in the git source.
+* The OpenShift projects that represent the Application's lifecycle stages are of the naming format: `<app-name>-dev`, `<app-name>-stage`, `<app-name>-prod`.
+
+For convenience, this pipeline script is already included in the following git repository, based on our [Spring Boot Demo App](https://github.com/redhat-cop/spring-rest) app.
+
+https://github.com/redhat-cop/spring-rest
+
+## Bill of Materials
+
+* One or Two OpenShift Container Platform Clusters
+  * OpenShift 3.5+ is required.
+* Access to GitHub
+
+## Implementation Instructions
+
+### 1. Create Lifecycle Stages
+
+For the purposes of this demo, we are going to create three stages for our application to be promoted through.
+
+- `basic-spring-boot-dev`
+- `basic-spring-boot-stage`
+- `basic-spring-boot-prod`
+
+In the spirit of _Infrastructure as Code_ we have a YAML file that defines the `ProjectRequests` for us. This is as an alternative to running `oc new-project`, but will yeild the same result.
+
+```
+$ oc create -f projects/projects.yml
+projectrequest "basic-spring-boot-dev" created
+projectrequest "basic-spring-boot-stage" created
+projectrequest "basic-spring-boot-prod" created
+```
+
+### 2. Stand up Jenkins master in dev
+
+For this step, the OpenShift default template set provides exactly what we need to get jenkins up and running.
+
+```
+$ oc process openshift//jenkins-ephemeral | oc apply -f- -n basic-spring-boot-dev
+route "jenkins" created
+deploymentconfig "jenkins" created
+serviceaccount "jenkins" created
+rolebinding "jenkins_edit" created
+service "jenkins-jnlp" created
+service "jenkins" created
+```
+
+### 4. Instantiate Pipeline
+
+A _deploy template_ is provided at `deploy/template.yml` that defines all of the resources required to run our Tomcat application. It includes:
+
+* A `Service`
+* A `Route`
+* An `ImageStream`
+* A `DeploymentConfig`
+* A `RoleBinding` to allow Jenkins to deploy in each namespace.
+
+This template should be instantiated once in each of the namespaces that our app will be deployed to. For this purpose, we have created a param file to be fed to `oc process` to customize the template for each environment.
+
+Deploy the deployment template to all three projects.
+```
+$ oc process -f deploy/template.yml --param-file=deploy/dev/params | oc apply -f-
+service "spring-rest" created
+route "spring-rest" created
+imagestream "spring-rest" created
+deploymentconfig "spring-rest" created
+rolebinding "jenkins_edit" configured
+$ oc process -f deploy/template.yml --param-file=deploy/stage/params | oc apply -f-
+service "spring-rest" created
+route "spring-rest" created
+imagestream "spring-rest" created
+deploymentconfig "spring-rest" created
+rolebinding "jenkins_edit" created
+$ oc process -f deploy/template.yml --param-file=deploy/prod/params | oc apply -f-
+service "spring-rest" created
+route "spring-rest" created
+imagestream "spring-rest" created
+deploymentconfig "spring-rest" created
+rolebinding "jenkins_edit" created
+```
+
+A _build template_ is provided at `build/template.yml` that defines all the resources required to build our java app. It includes:
+
+* A `BuildConfig` that defines a `JenkinsPipelineStrategy` build, which will be used to define out pipeline.
+* A `BuildConfig` that defines a `Source` build with `Binary` input. This will build our image.
+
+Deploy the pipeline template in dev only.
+```
+$ oc process -f build/template.yml --param-file build/dev/params | oc apply -f-
+buildconfig "spring-rest-pipeline" created
+buildconfig "spring-rest" created
+```
+
+At this point you should be able to go to the Web Console and follow the pipeline by clicking in your `basic-spring-boot-dev` project, and going to *Builds* -> *Pipelines*. At several points you will be prompted for input on the pipeline. You can interact with it by clicking on the _input required_ link, which takes you to Jenkins, where you can click the *Proceed* button. By the time you get through the end of the pipeline you should be able to visit the Route for your app deployed to the `myapp-prod` project to confirm that your image has been promoted through all stages.
+
+## Cleanup
+
+Cleaning up this example is as simple as deleting the projects we created at the beginning.
+
+```
+oc delete project basic-spring-boot-dev basic-spring-boot-prod basic-spring-boot-stage
+```

basic-spring-boot/build/dev/params

@@ -0,0 +1,5 @@
+APPLICATION_NAME=spring-rest
+NAMESPACE=basic-spring-boot-dev
+IMAGE_STREAM_TAG_NAME=redhat-openjdk18-openshift:1.1
+SOURCE_REPOSITORY_URL=https://github.com/etsauer/spring-rest.git
+PIPELINE_SCRIPT=Jenkinsfile

basic-spring-boot/build/template.yml

@@ -0,0 +1,102 @@
+apiVersion: v1
+kind: Template
+labels:
+  template: generic-java-jenkins-pipeline
+metadata:
+  annotations:
+    description: Application template for JWS applications built using a Jenkins Pipeline
+    iconClass: icon-tomcat
+    tags: tomcat,tomcat8,java,jboss,xpaas,jenkins-ci
+    version: 1.2.0
+  name: generic-java-jenkins-pipeline
+objects:
+- kind: "BuildConfig"
+  apiVersion: "v1"
+  metadata:
+    labels:
+      application: ${APPLICATION_NAME}
+    name: "${APPLICATION_NAME}-pipeline"
+    namespace: "${NAMESPACE}"
+  spec:
+    source:
+      type: Git
+      git:
+        uri: ${SOURCE_REPOSITORY_URL}
+        ref: ${SOURCE_REPOSITORY_REF}
+      contextDir: ${CONTEXT_DIR}
+    triggers:
+    - type: "GitHub"
+      github:
+        secret: ${GITHUB_WEBHOOK_SECRET}
+    - type: "ConfigChange"
+    strategy:
+      type: "JenkinsPipeline"
+      jenkinsPipelineStrategy:
+        jenkinsfilePath: ${PIPELINE_SCRIPT}
+      env:
+        - name: "BUILD_CONTEXT_DIR"
+          value: "demo"
+- apiVersion: v1
+  kind: BuildConfig
+  metadata:
+    labels:
+      application: ${APPLICATION_NAME}
+    name: ${APPLICATION_NAME}
+    namespace: "${NAMESPACE}"
+  spec:
+    output:
+      to:
+        kind: ImageStreamTag
+        name: ${APPLICATION_NAME}:latest
+    source:
+      binary: {}
+      type: Binary
+    strategy:
+      sourceStrategy:
+        from:
+          kind: ImageStreamTag
+          name: ${IMAGE_STREAM_TAG_NAME}
+          namespace: ${IMAGE_STREAM_NAMESPACE}
+      type: Source
+parameters:
+- description: The name for the application.
+  name: APPLICATION_NAME
+  required: true
+  value: basic-tomcat
+- description: The namespace to deploy into
+  name: NAMESPACE
+  required: true
+- description: Git source URI for application
+  name: SOURCE_REPOSITORY_URL
+  required: true
+  value: https://github.com/etsauer/ticket-monster.git
+- description: Git branch/tag reference
+  name: SOURCE_REPOSITORY_REF
+  value: "master"
+- description: Path within Git project to build; empty for root project directory.
+  name: CONTEXT_DIR
+  value:
+- description: Path within Git project pointing to the pipeline run script
+  name: PIPELINE_SCRIPT
+  value: pipeline.groovy
+- description: GitHub trigger secret
+  from: '[a-zA-Z0-9]{8}'
+  generate: expression
+  name: GITHUB_WEBHOOK_SECRET
+  required: true
+- description: Generic build trigger secret
+  from: '[a-zA-Z0-9]{8}'
+  generate: expression
+  name: GENERIC_WEBHOOK_SECRET
+  required: true
+- description: Namespace in which the ImageStreams for Red Hat Middleware images are
+    installed. These ImageStreams are normally installed in the openshift namespace.
+    You should only need to modify this if you've installed the ImageStreams in a
+    different namespace/project.
+  name: IMAGE_STREAM_NAMESPACE
+  required: true
+  value: openshift
+- description: Image stream tag for the image you'd like to use to build the application
+  name: IMAGE_STREAM_TAG_NAME
+  required: true
+  value: jboss-webserver30-tomcat8-openshift:1.2

basic-spring-boot/deploy/dev/params

@@ -0,0 +1,4 @@
+APPLICATION_NAME=spring-rest
+NAMESPACE=basic-spring-boot-dev
+SA_NAMESPACE=basic-spring-boot-dev
+READINESS_RESPONSE=This is my webservice!

basic-spring-boot/deploy/prod/params

@@ -0,0 +1,4 @@
+APPLICATION_NAME=spring-rest
+NAMESPACE=basic-spring-boot-prod
+SA_NAMESPACE=basic-spring-boot-dev
+READINESS_RESPONSE=This is my webservice!