CI CD - zacisco/notes GitHub Wiki

Jenkins

Docker

FROM jenkins/jenkins:lts-jdk17

USER root

RUN apt-get update && \
    apt-get install -y \
    apt-transport-https \
    software-properties-common

# Docker
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
    add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable" && \
    apt-get update && apt-get install -y docker-ce && \
    usermod -aG docker,staff jenkins

# Set SUID to run docker as root
RUN chmod g+s /usr/bin/docker

USER jenkins

docker run -d -p 9999:8080 -p 50001:50000 --name jenkins -v /custom/jenkins_data/:/var/jenkins_home/ -v /var/run/docker.sock:/var/run/docker.sock jenkins

Settings

CI/CD

  1. Manage Jenkins
    1. Manage Users > Create builder user
    2. Manage Credentials > System > Global credentials (unrestricted) > Add User with password creds
  2. Project Configure
    1. Source Code Management
    2. Select Git, enter project URL, select user creds and enter branch

GitLab

Settings

CI/CD

With Jenkins

  1. Create build user
  2. Add this user to projects and get >= read rights
  3. Go to target project > Integrations
  4. Select Jenkins
  5. Fill needed fields and test connection

Some useful info

Integrations VS WebHooks

  • Integrations is preffered - it's ready WebHooks out from box
  • WebHooks - custom requests to user's services

Let's Encrypt

Certbot

# Obtain and install a certificate:
certbot

# Obtain a certificate but don't install it:
certbot certonly

# You may specify multiple domains with -d and obtain and
# install different certificates by running Certbot multiple times:
certbot certonly -d example.com -d www.example.com
certbot certonly -d app.example.com -d api.example.com

# Obtain a certificate with standalone webserver but don't install it:
certbot certonly --standalone -d _domain_

# Update certificate with standalone webserver:
certbot renew

Troubleshooting

GitLab Integrations

With Jenkins

Validation failed Error

The reason is that the Jenkins URL points to the same IP address which GitLab is using.

Such webhooks are forbidden by default and can be enabled in the GitLab settings Admin → Settings → Network → Outbound Requests → Allow requests to the local network from hooks and services.

.? PROFIT