OpenShift CI/CD Operations: Difference between revisions
Jump to navigation
Jump to search
Line 28: | Line 28: | ||
oc new-project stage --display-name="Tasks - Stage" | oc new-project stage --display-name="Tasks - Stage" | ||
==Grant Jenkins | ==Grant Jenkins Needed Privileges for the Projects that Require CI/CD Services== | ||
The Jenkins component needs to access the OpenShift API for various operations: access container images, etc. so it needs to be granted sufficient privileges to invoke the OpenShift API for the projects requiring CI/CD pipeline services - in our case "dev" and "stage": | The Jenkins component needs to access the OpenShift API for various operations: access container images, etc. so it needs to be granted sufficient privileges to invoke the OpenShift API for the projects requiring CI/CD pipeline services - in our case "dev" and "stage": |
Revision as of 16:49, 1 November 2017
Internal
Overview
Set Up a Jenkins CI/CD Pipeline
Create Required Image Streams
Create Required Projects
Create the following projects:
1. A project for the CI/CD components, named "cicd":
oc new-project cicd --display-name="CI/CD pipeline with Jenkins"
2. A project to host development-stage containers and processes, named "dev":
oc new-project dev --display-name="Tasks - Dev"
3. A project to host publicly-accessible application produced by the CI/CD pipeline, named "stage":
oc new-project stage --display-name="Tasks - Stage"
Grant Jenkins Needed Privileges for the Projects that Require CI/CD Services
The Jenkins component needs to access the OpenShift API for various operations: access container images, etc. so it needs to be granted sufficient privileges to invoke the OpenShift API for the projects requiring CI/CD pipeline services - in our case "dev" and "stage":
oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n dev oc policy add-role-to-user edit system:serviceaccount:cicd:jenkins -n stage
For more details, see: oc policy.
Organizatorium
The Jenkins container must be able to access the OpenShift API:
oc policy add-role-to-user edit system:service account:cicd:default -n cicd oc policy add-role-to-user edit system:service account:cicd:default -n cicd-dev oc policy add-role-to-user edit system:service account:cicd:default -n cicd-stage
oc project cicd
Instantiate components. Use templates. 'cicd-github-template.yaml'.
oc process -f https://raw.githubusercontent.com/OpenShiftDemos/openshift-cd-demo/master/cicd-github-template.yaml | oc create -f -
Inspect Nexus
Inspect Jenkins