OpenShift Build and Deploy a JEE Application with S2I: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 83: Line 83:
If the source repository is protected, we need to place credentials into the builder configuration, and the builder service account environment:
If the source repository is protected, we need to place credentials into the builder configuration, and the builder service account environment:


  oc secrets new=basicauth <''secret-name''> --username=... --password=...
  oc secrets new-basicauth gogs-basicauth --username=gogs --password=...
  oc secrets link builder <''secret-name''>
  oc secrets link builder <''secret-name''>
  oc set build-secret --source bc/<''build-config-name''> <''secret-name''>
  oc set build-secret --source bc/<''build-config-name''> <''secret-name''>

Revision as of 08:40, 25 November 2017

Internal

Overview

Process

"Join" Projects

If the source repository pod runs in a collocated OpenShift project, and we want to use the internal DNS name, we need to join the projects. 

oadm pod-network join-projects --to=cicd lab

Create the Application

oc new-app <openshift-project-template-name> \
 --param APPLICATION_NAME=<application-name> \
 --param SOURCE_REPOSITORY_URL=<git-url> \ 
 --param SOURCE_REPOSITORY_REF=master \
 --param CONTEXT_DIR=/

oc new-app eap64-basic-s2i \
 --param APPLICATION_NAME=tasks \
 --param SOURCE_REPOSITORY_URL=http://gogs.cicd.svc.cluster.local:3000/gogs/openshift-tasks-private \ 
 --param SOURCE_REPOSITORY_REF=master \
 --param CONTEXT_DIR=/

This command uses openshift project's "eap64-basic-s2i" template and creates:

  • a build configuration
  • an image stream
  • a deployment configuration
  • a route
  • a service
--> Deploying template "openshift/eap64-basic-s2i" to project lab

     Red Hat JBoss EAP 6.4 (no https)
     ---------
     Application template for EAP 6 applications built using S2I.

     A new EAP 6 based application has been created in your project.

     * With parameters:
        * Application Name=tasks
        * Custom http Route Hostname=
        * Git Repository URL=https://gogs.cicd.svc.cluster.local:3000/gogs/openshift-tasks-private
        * Git Reference=master
        * Context Directory=/
        * Queues=
        * Topics=
        * HornetQ Password=VvEf5H0S # generated
        * Github Webhook Secret=8Xk5LAnr # generated
        * Generic Webhook Secret=mn5K7NNA # generated
        * ImageStream Namespace=openshift
        * JGroups Cluster Password=r1Elwibf # generated
        * Deploy Exploded Archives=false
        * Maven mirror URL=
        * ARTIFACT_DIR=

--> Creating resources ...
    service "tasks" created
    route "tasks" created
    imagestream "tasks" created
    buildconfig "tasks" created
    deploymentconfig "tasks" created
--> Success
    Build scheduled, use 'oc logs -f bc/tasks' to track its progress.
    Run 'oc status' to view your app.

Because the Git repository is private and protected by username/password, the initial build attempt will fail: 

oc logs -f build/tasks-1
...
error: build error: failed to fetch requested repository "http://gogs.cicd.svc.cluster.local:3000/gogs/openshift-tasks-private" with provided credentials

Add Source Repository Secrets

If the source repository is protected, we need to place credentials into the builder configuration, and the builder service account environment: 

oc secrets new-basicauth gogs-basicauth --username=gogs --password=...
oc secrets link builder <secret-name>
oc set build-secret --source bc/<build-config-name> <secret-name>
Retrieved from "https://kb.novaordis.com/index.php?title=OpenShift_Build_and_Deploy_a_JEE_Application_with_S2I&oldid=32451"