Fork the CIOps repo (link)
Clone the CIOps repo which you forked in your local machine
Go to the CIOps repo and checkout DIGITUPYOG-Bootcamp branch
Change the docker Hub details at the following places:
1. Change the value of DOCKER_NAMESPACE in vars/jobBuilder.groovy (link)
2. Replace the {{DOCKER_ACCOUNT}} in vars/buildPipeline.groovy. Replace at all the places. (link1, link2, link3)Push the changes to the master branch of your forked CIOps repository
Fork the UPYOG-DevOps repo (link) and clone the repo in your local machine
Checkout UPYOG-Bootcamp-jenkins branch.
Go to UPYOG-DevOps/infra-as-code/terraform/egov-cicd/remote-state
Change the bucket name and aws_dynamo_table name. (Replace the try-cicd-workshop-yourname which is a placeholder value)
Set the AWS credentials and cross-check using aws configure list
Run terraform:
Code Block terraform init terraform plan terraform apply
...
16. Note down the volumeId on the terminal
17. Go to the UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/config-as-code/environments folder and update the following values in ci.yaml and ci-secret.yaml:
ci.yaml
1. Add domain
2. Add volumeId
3. Change teams in ouath
4. Change repos in jobBuilder
5. Put emailId in cert-manager
ci-secret.yaml
1. Add clientId and clientSecret
2. Add gitReadSshPrivateKey
3. Add gitReadAccessToken
4. Add dockerConfigJson
5. Add docker userName and Password
Add Kubernetes config (Make sure you add namespace in context in kube config)
18. Now go to Github and generate clientId, client secret and git read access token as per this steps -
a. GitHub OAuth App Creation to get clientId and client secret key
1. Follow the GitHub OAuth app
2. Homepage URL:- mention your domain name eg. https://<your_domain_name>
3. Authorization callback URL:- https://<your_domain_name>/
...
securityRealm/
...
finishLogin
b. To create gitReadAccess token follow the below documentation
Creating a personal access token - GitHub Enterprise Server 3.4 Docs
1819. Create a key pair and add the public key to github account -
a. Using online website (not recommended in prod setup. To be only used for demo setups): https://8gwifi.org/sshfunctions.jsp
b. Using openssl :
Code Block |
---|
openssl genpkey -algorithm RSA -out private_key.pem |
...
openssl rsa -pubout -in private_key.pem -out public_key.pem |
...
19. Go to the UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/config-as-code/environments folder and update the following values in ci.yaml and ci-secret.yaml:
ci-secret.yaml
...
Add clientId and clientSecret
...
Add gitReadSshPrivateKey
...
Add gitReadAccessToken
...
...
Add docker userName and Password
...
Add Kubernetes config (Make sure you add namespace in context in kube config)
ci.yaml
Add domain
Add volumeId
Change teams in ouath
Change repos in jobBuilder
Put emailId in cert-manager
20. Now go to UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/config-as-code/helm/charts/backbone-services/jenkins and edit values.yaml
...
26. Go to UPYOG-DevOps/tree/UPYOG-Bootcamp-jenkins/deploy-as-code/deployer and run the following command:
Code Block |
---|
go run main.go deploy -c -e ci 'jenkins,kaniko-cache-warmer,ingress-nginx,cert-manager' |
27. Get the load balancer IP using:
Code Block |
---|
kubectl get svc nginx-ingress-controller -n jenkins -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' |
28. Register the load balancer IP against the domain in your DNS provider.