Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pipeline-build-template.yaml #19

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Update pipeline-build-template.yaml #19

wants to merge 4 commits into from

Conversation

emuthiah
Copy link
Contributor

  • Updated git secret and webhooks
  • Updated sonarqube settings and added example command

emuthiah added 2 commits April 22, 2020 15:26
@emuthiah
Update pipeline-build-template.yaml
1249cd0 
* Updated git secret and webhooks
* Updated sonarqube settings and added example command
@emuthiah
Update pipeline-build-template.yaml
7c23813 
* corrected example sonar-scanner command
ChrisHoban
ChrisHoban reviewed Apr 24, 2020
View reviewed changes
Copy link
Owner

@ChrisHoban ChrisHoban left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we should switch to only supporting Jenkins Credentials for Git Checkout, we should be storing these credentials in OpenShift as that is what will be backed by Vault

@emuthiah
Update pipeline-build-template.yaml
5bdeca0 
* Added openshift secret to store git private ssh key
@ChrisHoban
Copy link
Owner

Something to note, I have minorly overhauled the file you are working with last week :)

92871a7

@emuthiah
Copy link
Contributor Author

Looks like we both have been working on it simultaneously :-)
Totally agree with you, the secrets should be in openshift. I've updated the template to store the credentials in openshift.
To sync openshift secrets with jenkins credentials: https://github.com/openshift/jenkins-client-plugin/blob/master/README.md#setting-up-credentials

@emuthiah
Copy link
Contributor Author

The secret is just a place holder with the value 'set.ssh-private-key'

@ChrisHoban
Copy link
Owner

Ahh, gotcha. I guess last question. I am kind of operating as the "Product Owner" to this, and am totally open to improvements and feature additions etc, but I am a bit lost on this one. What is the ultimate goal you are working towards? Is it in the Features/Requests? Could it be added? I guess there are 2 things I am reviewing on these. 1. Are the changes done well or is there some feedback to square them up and 2. Is whats being changed/enhanced aligned with the product vision in some way. I guess I want to know what your goals are regarding the second point, and trying to make sure this is a "For everyone" kind of enhancement/change and not aimed at something you are working on in one project? :)

@emuthiah
update pipeline-build-template.yaml
93da739 
* bug fix: corrected the git credentialsid:
  https://github.com/openshift/jenkins-client-plugin/blob/master/README.md#setting-up-credentials
  This token will be accessible with the credential ID of "${OPENSHIFT_NAMESPACE}-my-prilvileged-token-id"
@emuthiah
Copy link
Contributor Author

For sure! Sorry I did not give details for the PR. There are two changes:

  1. Git
    This applies to everyone, It is a fix/enhancement of the template. When we use private git repos, we have to supply git credentials to Jenkins git plugin, AFAIK this can only be done using Jenksins credentialsId (by adding the ssh key to jenkins credential store and using the jenksins credentialsId with the git plugin). Previously, GIT_CREDENTIALS_ID was set using gitSecret (random gen.).
  2. Sonarqube
    This also applies to everyone. I've commented the example command so it is not executed if not needed. To run sonar-scanner we only need the project key and token, sonarJenkinsCredentialId is not needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChrisHoban ChrisHoban ChrisHoban left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@emuthiah @ChrisHoban