This is a cut down version of the free OSS developer platform fabric8. This focuses on the Continuous Integration and Delivery features of from fabric8 using Jenkins Pipelines on Kubernetes or OpenShift.
- Jenkins and Blue Ocean
- Artifact repository (currently defaults to Nexus)
- Keycloak (Optional but needed for Single Sign On deployment)
fabric8 uses a CLI that makes installing fabric8 locally or on remote Kubernetes based clusters very easy.
gofabric8 also has lots of handy commands that makes it easier to work with fabric8 and OpenShift / Kubernetes
Download the latest gofabric8 release from GitHub or run this script:
curl -sS https://get.fabric8.io/download.txt | bash
add the binary to your $PATH so you can execute it
echo 'export PATH=$PATH:~/.fabric8/bin' >> ~/.bashrc
source ~/.bashrc
or for oh-my-zsh
echo 'export PATH=$PATH:~/.fabric8/bin' >> ~/.zshrc
source ~/.zshrc
If you want to get going quickly with auth disabled in Jenkins then this command will download minikube, install drivers and deploy fabric8 jenkins:
gofabric8 start --namespace fabric8 --package=jenkins
If you're already connected to a Kubernetes or OpenShift cluster then run:
gofabric8 deploy --namespace fabric8 --package=jenkins
If you want Single Sign On (provided by Keycloak) then we currently support GitHub oauth (more to follow) out of the box. This first requires a manual setup of an OAuth application to be setup on your github account
First of all we need to get a redirect URL to use. You can get a suggested redirect URL by running:
echo "http://keycloak-fabric8.$(gofabric8 ip).nip.io/auth/realms/fabric8/broker/openshift-v3/endpoint)"
Note, replace nip.io with your own domain if use one during gofabirc8 deploy in the next step.
Now please follow the steps below using your redirect URL and https://fabric8.io as the sample 'homepage URL' when asked in GitHub:
Once you have created the OAuth application for fabric8 in your GitHub settings and found your client ID and secret then set the env vars below replacing the values:
export GITHUB_OAUTH_CLIENT_ID=123
export GITHUB_OAUTH_CLIENT_SECRET=123abc
Now deploy:
gofabric8 deploy --namespace fabric8 --package=jenkins-sso
We tried Nexus 3 but there was significant increase in build times so right now we deem it not usable.
To try it we have an app you can install:
kubectl apply -f http://central.maven.org/maven2/io/fabric8/apps/nexus3-app/1.0.0/nexus3-app-1.0.0-kubernetes.yml
You will need to modify the settings.xml in the maven settings secret as the mirror repository URL is different for Nexus3
As far as we can tell Nexus 2 doesn't support OAUTH
We use the default:
admin/admin123
If you change this be sure to also update the settings.xml in the maven settings secret so the pipelines can continue to deploy artifacts there
Yes, the pipelines use a kubernetes service to deploy artifacts. So if you have your own internal or external repository then you can modify the artifact-repository service that runs in the same namespace as Jenkins. For external repos looks at using ExternalName, see this link for more details.
Make sure to update the server section of the settings.xml in the maven settings secret, to include any new credentials.
We create and mount dummy secrets into build pods already. So you can base64 you tokens and update the secrets that we've already created for you. You can also easily extend this and use your own pipeline library to mount different secrets. For a list of current secrets we automatically mount, run kubectl get secrets after deploying fabric8 jenkins.