In this repo, you will deploy the Ploigos Software Factory on Azure Red Hat OpenShift (ARO) and trigger a Ploigos software pipeline using GitHub Actions.
- Azure Red Hat OpenShift 4 cluster
- Admin access to OpenShift
- OpenShift CLI
Login to the cluster using oc login
and admin credentials.
- Fork this repo.
- Follow these instructions to deploy the platform for the Ploigos Software Factory. Stop after Step #11. You will deploy your own custom pipeline instance.
- Modify the
config/pipeline.yaml
resource. Replace thesourceUrl
with your repo fork. - Deploy the pipeline.
oc project devsecops # modify this if you installed Ploigos in a different project
oc create -f config/pipeline.yaml
- The repo has a GitHub action that will mirror your fork repo to the Gitea instance. You can view the example here. You need to add the Gitea admin's username and password as a secret to your repo.
In GitHub, navigate to your forked repo. Go to 'Settings' -> 'Secrets'. Create two repository secrets GIT_USERNAME
and GIT_PASSWORD
. Execute these commands to get the username and password of your Gitea instance and enter these values.
echo $(oc get secret gitea-admin-credentials -o jsonpath="{.data.username}") | base64 --decode && echo
echo $(oc get secret gitea-admin-credentials -o jsonpath="{.data.password}") | base64 --decode && echo
- In your fork repo, you need to modify the
.github/workflows/mirroring.yaml
resource.
Get the URL of your Gitea repo
echo $(oc get route gitea --template='http://{{.spec.host}}/platform/reference-quarkus-mvn_jenkins_workflow-standard.git')
Open .github/workflows/mirroring.yaml
with your favorite editor and replace the REMOTE
with your Gitea instance.
- Commit this change to your repo
git clone <your-fork>
cd <your-fork>
git commit -am "Updated Gitea endpoint"
git push
- In GitHub, navigate to your fork. Go to 'Actions'. You should see the action:
- Navigate to your running build job in Jenkins. Login in
oc
admin credentials. Wait ~10 minutes until the job is complete.
echo $(oc get route jenkins --template='http://{{.spec.host}}/job/platform/job/reference-quarkus-mvn_jenkins_workflow-standard/')
It should look like this:
- The Jenkins job built your application. Navigate to the application in your browser.
echo $(oc get route fruit -n platform-ref-quarkus-mvn-jenkins-std-fruit-main-prod --template='http://{{.spec.host}}/fruits.html')
You should see:
- If you push a commit to the main branch but don't see the Jenkins build trigger, make sure the webhook is configured in Gitea.
Navigate to the Gitea repo in your browser
echo $(oc get route gitea --template='http://{{.spec.host}}'/platform/reference-quarkus-mvn_jenkins_workflow-standard-github)
Login with admin credentials
echo $(oc get secret gitea-admin-credentials -o jsonpath="{.data.username}") | base64 --decode && echo
echo $(oc get secret gitea-admin-credentials -o jsonpath="{.data.password}") | base64 --decode && echo
Navigate to 'Settings' -> 'Webhooks' and you should see:
If you don't see this webhook, navigate to Jenkins in your browser. Login with oc
admin credentials.
echo $(oc get route jenkins --template='http://{{.spec.host}}')
In Jenkins, navigate to 'Manage Jenkins' -> 'Configure System' -> 'Gitea Servers'. You should see a checkbox for 'Manage hooks'. Select the checkbox if it's not checked and make sure to hit Save
.
Now navigate to the 'Platform Gitea Org'
echo $(oc get route jenkins --template='http://{{.spec.host}}/job/platform')
On the left, hit 'Scan Gitea Organization Now'. This will configure a webhook in Gitea for you.
- If your build fails and you see this error in the logs:
STDERR:
error authenticating creds for "quay-ploigos.apps.ftehp08f.eastus.aroapp.io": Requesting bear token: invalid status code from registry 500 (Internal Server Error)
level=error msg="exit status 125"
This is a known error and will require you to re-run the build.