-
Notifications
You must be signed in to change notification settings - Fork 25
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deploy Jenkins Instance #26
Conversation
This is built off of the hard work from @abhinavGupta16, @gaiksaya, and @peterzhuamazon which until now was happening behind the scenes. This change configures and deploys Jenkins running on an EC2 instance with recommended security practices and isolation features. For more details consult the readme Signed-off-by: Peter Nied <petern@amazon.com>
Unit test are working in the github action
|
Updated documentation to for deployment and troubleshooting Signed-off-by: Peter Nied <petern@amazon.com>
If the commit messages include confidential information such as links to internal systems, account numbers etc, then we'd have to erase the history.
lib/ci-stack.ts
Outdated
import { JenkinsMainNode } from './compute/jenkins-main-node'; | ||
import { JenkinsMonitoring } from './monitoring/ci-alarms'; | ||
import { JenkinsExternalLoadBalancer } from './network/ci-external-load-balancer'; | ||
import { JenkinsSecurityGroups } from './security/ci-security-groups'; | ||
|
||
export class CIStack extends Stack { | ||
// eslint-disable-next-line no-useless-constructor |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This constructor is no longer useless. We can get rid of this
// Security Groups | ||
const useSslParameter = new CfnParameter(this, 'useSsl', { | ||
description: 'If the jenkins instance should be access via SSL', | ||
allowedValues: ['true', 'false'], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we use y
or n
instead? It would be lesser syllables to type.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like npm run cdk deploy CI-Dev -- --parameters useSsl=false
in practice which I think is more readable than using y/n
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would it not ask as a y/n question when deploying, something like -
Are you sure you want to delete: JenkinsStack (y/n)? y
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nope we can skip that saying --require-approval-never
When deploying using CIs we do not want to have interactive terminals
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
--approve
:)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a little bit of a quagmire at this point, I have limited options as we are using the CDK to do the deployment
npm run cdk deploy CI-Dev -- --parameters useSsl=false
-- Only part I have control over ^^^^^^^^^^^^
As far as adding flags to avoid interactive dialogs during deployment, we will do that, but the guide and primary use case is for developers to get started, I would much rather they see the CDK diff when they make changes.
I know this is an unfulfilling response, if there is an issue we would like to address feel free to ask or open one, but I think that is out of scope for this PR
init: CloudFormationInit.fromElements(...JenkinsMainNode.configElements( | ||
stack.stackName, | ||
stack.region, | ||
props, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great 👍 ! I didn't know we could simply pass in props and it would resolve in as HttpConfigProps
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is one of those subtle language features of typescript, super useful to make cleaner declarations
Signed-off-by: Peter Nied <petern@amazon.com>
Description
This is built off of the hard work from @abhinavGupta16, @gaiksaya,
and @peterzhuamazon which until now was happening behind the scenes.
This change configures and deploys Jenkins running on an EC2 instance
with recommended security practices and isolation features. For more
details consult the readme
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.