The image part with relationship ID rId2 was not found in the file. Introduction & Demo CICD on Red Hat OpenShift Ahmed Soliman Senior Enterprise Architect in EMEA 1

What we’ll discuss today Agenda 2 CI/CD Concepts CI/CD Architecture with OpenShift CI/CD Components ( Nexus, SonarQube, Jenkins) Deploy Jenkins on OpenShift Customize Jenkins Building a Jenkins Pipeline Demo Overview Going through the Demo Resources

CI/CD Concepts 3

4 CI/CD Concepts

5 CI/CD Concepts CI/CD is a method to frequently deliver apps to customers by introducing automation into the stages of app development. The main concepts attributed to CI/CD are continuous integration, continuous delivery, and continuous deployment. CI/CD is a solution to the problems integrating new code can cause for development and operations teams

6 CI/CD Concepts Continuous Integration Continuous Delivery Continuous Integration (CI) is an automation process targeting developers to improve the quality of their code and the reliability of their applications. Each Git is verified by an automated build, allowing teams to detect problems early. The goal of Continuous Delivery (CD), is to have code in a state that is always ready for deployment to a production environment. Continuous Release The goal of Continuous Release (CR), also called "Continuous Deployment" (not to be confused with Continuous Delivery), is to push all of your changes to your end users as quickly and efficiently as possible.

CI/CD Architecture with OpenShift 7

8 CI/CD Architecture with OpenShift OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GO LIVE? PROMOTE TO TEST PROMOTE TO UAT PROMOTE TO PROD RELEASE MANAGER NON-PROD PROD DEV TEST UAT ☒ ☑ DEVELOPER

9 CI/CD Architecture with OpenShift - 2 clusters OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GIT SERVER ARTIFACT REPOSITORY OPENSHIFT CI/CD PIPELINE (JENKINS) IMAGE BUILD & DEPLOY OPENSHIFT IMAGE REGISTRY OPENSHIFT CLUSTER GO LIVE? PROMOTE TO TEST PROMOTE TO UAT PROMOTE TO PROD RELEASE MANAGER CLUSTER NON-PROD Cluster PROD DEV TEST UAT ☒ ☑ DEVELOPER EXTERNAL REGISTRY SKOPEO COPY

CI/CD Components 10

11 CI/CD Components - Store and distribute Maven/Java, npm, NuGet, Helm, Docker, P2, OBR, APT, GO, R, Conan components and more. - Manage components from dev through delivery: binaries, containers, assemblies, and finished goods. - Set up one instance in OpenShift Container Platform cluster to cache build artifacts close to builds - Can act as a container registry

12 CI/CD Components – Nexus Repository Manager Exposed as a service from within the OpenShift Container

13 CI/CD Components - Open source code static analysis tool - Analyze source code for common programming mistakes - Plug-ins for common programming languages - Can be called via Maven or Jenkins plug-in

14 CI/CD Components - SonarQube Expose the service and use the default route to access SonarQube

15 CI/CD Components Skopeo is a command line utility that performs operations on OCI or Docker images ▸ Skopeo performs the following operations: ･ Copy one image from one registry to another ･ Inspect a remote image ･ Delete an image from an image repository ▸ Supported image and repository types: ･ Containers-storage ･ Dir ･ Docker ･ Docker-archive ･ Oci

16 CI/CD Components - Skopeo vs. Docker Docker - Does not require a damon to be running - Can perform operations on images without pulling the image Skopeo - Docker daemon needs to be started and run with privileges. - It is heavy on resource consumption - Soft skills development $ skopeo copy docker://source.registry/myimage:latest \ docker://destination.registry/myimage:v1.O $ docker pull source.registry/myimage:latest $ docker tag source.registry/myimage:latest destination.registry/myimage:v1.O $ docker push destination.registry/myimage:v1.O

Jenkins on OpenShift 17

18 Jenkins on OpenShift

19 Jenkins plugin OpenShift Jenkins Client Plugin OpenShift Jenkins Sync Plugin This plug-in is installed and enabled by default when using the inbuilt OpenShift Container Platform Jenkins image. The plug-in enables OpenShift Container Platform specific functions to use within the Jenkinsfile for your pipeline. The OpenShift Jenkins Sync Plugin acts as a bridge between the OpenShift cluster and the Jenkins instance, and keeps build configuration and build objects in sync with Jenkins jobs and builds. OpenShift Login Plugin The OpenShift Login Plugin integrates the authentication and authorization of your Jenkins instance with your OpenShift cluster, providing a single sign-on functionality. Red Hat OpenShift Container Platform includes Jenkins 2 Image based on Red Hat Enterprise Linux and Preconfigured with supported plug-in versions

20 Jenkins Templates Red Hat OpenShift Container Platform includes 2 templates to deploy Jenkins on OpenShift.

21 Deploy Jenkins on OpenShift Login to Jenkins with your OpenShift Credentials using the OpenShift Login Plugin

22 Deploy Jenkins on OpenShift (manually) $ oc policy add-role-to-user \ > edit system:serviceaccount:jenkins-project:jenkins \ > -n project-dev The service account associated with the Jenkins deployment must have the edit role for each project where Jenkins performs some operation. $ oc policy add-role-to-user \ > edit system:serviceaccount:jenkins-project:jenkins \ > -n project-stage

Building a Jenkins Pipeline 23

24 Building a Jenkins Pipeline - Groovy is the original pipeline language - Declarative pipeline becoming more popular - Can embed Groovy script steps where necessary - OpenShift actions have to be embedded as script - Agents specify builder: any, maven, nodejs, or custom - Pipelines are divided into stages - Stages have graphical representation in Jenkins OpenShift UI

25 Build Strategies - Pipeline Review your build stages and access Jenkins directly through the web Console Pipeline Manual input

Let’s Demo CICD on OpenShift 26

Components of the Demo 27 Source: https://github.com/siamaksade/openshift-cd-demo/tree/ocp-4.4 ▸ Code is cloned from Gogs (self-hosted Git - minimal footprint) ▸ WARs are in Nexus (repository for artifacts like jars and wars) ▸ SonarQube for Code Quality ▸ Jenkins for CICD Pipeline management ▸ Deployed on WildFly (lightweight JBoss) ▸ quay.io image registry for containers

28 Demo Setup Demo Setup

Resources 29

30 ▸ Quay – to register and work with quay containers, https://quay.io/ ▸ Red Hat Developer Books – all for free. https://developers.redhat.com/ebooks Resources

31 ▸ Red Hat OpenShift Interactive Learning Portal. https://learn.openshift.com/ ▸ Red Hat OpenShift Public Cloud. https://manage.openshift.com/ Resources

Open Practice Library Applied Practices on Red Hat Technology https://openpracticelibrary.com/ ▸ Technical ･ Containers ･ Configuration-as-Code ･ Pipelines-as-Code ･ Continuous Integration ･ Continuos Deployment ･ Continuous Delivery ･ Automated Delivery ･ Test Driven Development ･ Build Monitoring ･ Prototyping ▸ Non-Technical ･ Design Thinking ･ Pairing & Mobbing ･ Burndown / Burnup Charts ･ Impact Mapping ･ Event Storming ･ Value Stream Mapping ･ Metric Based Process Mapping ･ User Story Mapping ･ Empathy Mapping & UI Workshops ▸ Likely Background of Attendees ･ Product Owners, Product Managers, IT Managers, Business Analysts ･ Developers, DevOps Engineers, Architects, UX Designers

33 Devopsdays.org

Demo Guide – STAGE Env 34

Demo Further – Change & Deploy Code to CICD 35 ▸ Clone and checkout the eap-7 branch of the OpenShift-tasks git repository and using an IDE (e.g. JBoss Developer Studio), remove the @Ignore annotation from src/test/java/org/jboss/as/quickstarts/tasksrs/service/UserResourceTest.java test methods to enable the unit tests. Commit and push to the git repo. ▸ Check out Jenkins, a pipeline instance is created and is being executed. The pipeline will fail during unit tests due to the enabled unit test. ▸ Check out the failed unit and test src/test/java/org/jboss/as/quickstarts/tasksrs/service/UserResourceTest.java and run it in the IDE. ▸ Fix the test by modifying src/main/java/org/jboss/as/quickstarts/tasksrs/service/UserResource.java and uncommenting the sort function in getUsers method. ▸ Run the unit test in the IDE. The unit test runs green. ▸ Commit and push the fix to the git repository and verify a pipeline instance is created in Jenkins and executes successfully.

Any Questions?

linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat 37 Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you