Deploy Jenkins Instance #26
Conversation
This is built off of the hard work from @abhinavGupta16, @gaiksaya, and @peterzhuamazon which until now was happening behind the scenes. This change configures and deploys Jenkins running on an EC2 instance with recommended security practices and isolation features. For more details consult the readme Signed-off-by: Peter Nied <petern@amazon.com>
|
Unit test are working in the github action |
Updated documentation to for deployment and troubleshooting Signed-off-by: Peter Nied <petern@amazon.com>
abhinavGupta16
dismissed
their stale review
If the commit messages include confidential information such as links to internal systems, account numbers etc, then we'd have to erase the history.
lib/ci-stack.ts
Outdated
| import { JenkinsMainNode } from './compute/jenkins-main-node'; | ||
| import { JenkinsMonitoring } from './monitoring/ci-alarms'; | ||
| import { JenkinsExternalLoadBalancer } from './network/ci-external-load-balancer'; | ||
| import { JenkinsSecurityGroups } from './security/ci-security-groups'; | ||
|
|
||
| export class CIStack extends Stack { | ||
| // eslint-disable-next-line no-useless-constructor |
There was a problem hiding this comment.
This constructor is no longer useless. We can get rid of this
| // Security Groups | ||
| const useSslParameter = new CfnParameter(this, 'useSsl', { | ||
| description: 'If the jenkins instance should be access via SSL', | ||
| allowedValues: ['true', 'false'], |
There was a problem hiding this comment.
Can we use y or n instead? It would be lesser syllables to type.
There was a problem hiding this comment.
It looks like npm run cdk deploy CI-Dev -- --parameters useSsl=false in practice which I think is more readable than using y/n
There was a problem hiding this comment.
Would it not ask as a y/n question when deploying, something like -
Are you sure you want to delete: JenkinsStack (y/n)? y?
There was a problem hiding this comment.
Nope we can skip that saying --require-approval-never
When deploying using CIs we do not want to have interactive terminals
There was a problem hiding this comment.
This is a little bit of a quagmire at this point, I have limited options as we are using the CDK to do the deployment
npm run cdk deploy CI-Dev -- --parameters useSsl=false
-- Only part I have control over ^^^^^^^^^^^^
As far as adding flags to avoid interactive dialogs during deployment, we will do that, but the guide and primary use case is for developers to get started, I would much rather they see the CDK diff when they make changes.
I know this is an unfulfilling response, if there is an issue we would like to address feel free to ask or open one, but I think that is out of scope for this PR
| init: CloudFormationInit.fromElements(...JenkinsMainNode.configElements( | ||
| stack.stackName, | ||
| stack.region, | ||
| props, |
There was a problem hiding this comment.
This is great 👍 ! I didn't know we could simply pass in props and it would resolve in as HttpConfigProps
There was a problem hiding this comment.
This is one of those subtle language features of typescript, super useful to make cleaner declarations
Signed-off-by: Peter Nied <petern@amazon.com>
Description
This is built off of the hard work from @abhinavGupta16, @gaiksaya,
and @peterzhuamazon which until now was happening behind the scenes.
This change configures and deploys Jenkins running on an EC2 instance
with recommended security practices and isolation features. For more
details consult the readme
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.