oci-liquibase-jenkins

Demonstration of using Liquibase (via SQLcl) and Jenkins for CI/CD using Oracle Cloud Infrastructure (OCI) Resources.

Prerequisites

As this is a demonstration of Jenkins/GitHub integration for CI/CD, you must use your own GitHub account to run it. Please fork or copy the repository into your own GitHub account before continuing.

Assumptions

An existing OCI tenancy
An existing GitHub Account
You have forked this repository into your own GitHub account

Architecture Deployment

By default, Always Free resources will be used. If you do not have any Always Free resources available and are using paid tenancy, this demonstration can still be run by changing the Terraform variable to is_paid=true (as documented in the infra/README.md).

There are two main ways to deploy this Architecture:

OCI Cloud Shell
Terraform Client (Advanced)

View the infra/README.md for more information.

Jenkins/GitHub Integration

Once the infrastructure is deployed, Jenkins and GitHub will need to be configured to interact. This is done using the Github Branch Source Plugin

Create the GitHub App

In your Github Account, navigate to Settings -> Developer settings -> GitHub Apps
Select "New GitHub App" (Confirm Password, if prompted)
Register new GitHub App, Unless other specified below, leave the defaults
- GitHub App name: Jenkins - < Github Account Name >
- Homepage URL: Link to your GitHub Page; example: https://github.com/gotsysdba
- Webhook URL: Link to your Jenkins Server; example: https://jenkins.example.com/github-webhook/. The trailing slash is important
- Repository permissions:
  - Commit statuses - Read and Write
  - Contents: Read-only
  - Pull requests: Read-only
- Subscribe to events: Select All
- Where can this GitHub App be installed? Only on this account
Click "Create GitHub App"
Record the App ID to be used later
Scroll down to "Private keys" and Generate a private key (will be prompted to save; save it to a safe location)
Scroll back up the page and click "Install App"
- Click "Install" next to your GitHub account name
- Only select repositories; choose <your GitHub Repository Name>/oci-liquibase-jenkins
- Install

Convert the Private Key

In order for Jenkins to use the private key, saved above, convert it: openssl pkcs8 -topk8 -inform PEM -outform PEM -in <key-in-your-downloads-folder.pem> -out converted-github-app.pem -nocrypt

If openssl is not installed on your local machine, you can use OCI Cloud Shell to convert.

Open Cloud Shell from the OCI Console
Either drag and drop the file from your local machine into the Cloud Shell window, or use the "Upload" button from the Cloud Shell hamburger menu.
Run the above openssl command in the Cloud Shell

Add Jenkins Credential

Login to your Jenkins Controller as admin and the password specified during the infrastructure deployment
- The URL will have been output at the end of the infrastructure deployment
Navigate to: Manage Jenkins > Manage Credentials
Under "Stores scoped to Jenkins", click "Jenkins"
Click "Global credentials (unrestricted)"
Click "Add Credentials" in the Left Hand Navigation bar
- Kind: GitHub App
- ID: GitHubAppDemo
- App ID: < App ID > (Recorded above)
- Key: < Contents of converted-github-app.pem created above >
Click "Test Connection" which should be successful.
Click "OK"

Add Database Credential

From the Jenkins Dashboard:

Navigate to: Manage Jenkins > Manage Credentials
Under "Stores scoped to Jenkins", click "Jenkins"
Click "Global credentials (unrestricted)"
Click "Add Credentials" in the Left Hand Navigation bar
- Kind: Username with password
- Username: ADMIN
- Password: <Password for ADB Admin Account>
- ID: JENKINSDB_ADMIN
Click "OK"

Add an Multibranch Pipeline