Erwin Müller

Jenk­ins on Ku­ber­netes — Part 2

Part 2 — Con­fig File Management

This is part 2 of a con­tin­ued se­ries on how to con­fig­ure Jenk­ins on a Ku­ber­netes clus­ter. The goal of the se­ries is to have a ful­ly func­tion­ing con­tin­ues in­te­gra­tion and de­liv­ery Jenk­ins up and run­ning. Part 1 de­scribed how to in­stall Jenk­ins and the nec­es­sary plu­g­ins and how to con­fig­ure them for Ku­ber­netes. This part will de­scribe the nec­es­sary con­fig­u­ra­tion files that are go­ing to be used in the pipeline.

Con­fig File Management

Jenkins, Config File Management

We need two files for a Maven re­lease. The gpg-key that will be used to sign the de­ploy­ment ar­ti­facts and the settings.xml for serv­er Ids, de­ploy­ment URLs and Jenk­ins user names and passwords.


Jenkins, gpg-key
  • ID: gpg-key
  • Name: gpg-key
  • Con­tent: — – BEGIN PGP PRIVATE KEY BLOCK — – …

The pri­vate key will be used to sign de­ploy­ment ar­ti­facts via maven. We are go­ing to use the maven-gpg-plu­g­in plu­g­in. The key­name must be set to the name of the gpg-key. The Jenk­ins Dock­er im­age that we are us­ing will start a gpg dae­mon and is go­ing to use the pro­vid­ed gpg-key and the pro­vid­ed gpg pri­vate passphrase to sign ar­ti­facts automatically.

[xml title=“pom.xml” firstline=“1”]
<keyname>ANRI Software</keyname>


Jenkins, maven-settings-global
  • ID: maven-set­tings-glob­al
  • Name: settings.xml
  • Com­ment: glob­al settings
  • [x] Re­place All
  • Con­tent: <set­tings xmlns=“” …

Ex­am­ple settings.xml

We are not go­ing to use Serv­er Cre­den­tials. If we use Serv­er Cre­den­tials then all servers that are man­u­al­ly added in the <servers> block are go­ing to be re­placed by those Cre­den­tials, but we need at least one spe­cial serv­er con­fig­u­ra­tion: the site-ssh. There we must con­fig­ure the SSH ports to ac­cess the Dock­er Con­tain­er where we are go­ing to send our gen­er­at­ed site pages. via scp.

There are ad­di­tion­al con­fig­u­ra­tions that will work on­ly with our Jenk­ins Dock­er im­age. We are go­ing to use scp to copy HTML pages to a Dock­er Ng­inx Im­age. The Dock­er Ng­inx Im­age is go­ing to be de­ployed as a con­tain­er on our Ku­ber­netes cloud and will pro­vide the gen­er­at­ed mvn site:site HTML pages. I was think­ing in us­ing Web­DAV to trans­fer files to the Ng­inx web serv­er, but for that I had to im­ple­ment an au­then­ti­ca­tion and user man­age­ment. SSH al­ready pro­vides au­then­ti­ca­tion and I can safe­ly use the Jenk­ins SSH key to trans­fer the HTML pages.

[xml title=“settings.xml” firstline=“38”] <serv­er> <id>site-ssh</id> <username>rsync</username> <privateKey>/home/devent/Private/andrea-master‑</privateKey> <con­fig­u­ra­tion> <sshExecutable>ssh</sshExecutable> <scpExecutable>scp</scpExecutable> <sshArgs>-p 30101</sshArgs> <scpArgs>-P 30101</scpArgs> </configuration> </server> … <pro­file> <id>site-ssh</id> <ac­ti­va­tion> <activeByDefault>true</activeByDefault> </activation> <prop­er­ties> <site.ssh.url>scpexe://${project.groupId}/${project.artifactId}/${project.version}</site.ssh.url> </properties> </profile> [/xml]

We are al­so adding Sonar­Qube host URL and lo­gin to­ken. That will be used by the maven sonar:sonar goal. This con­fig­u­ra­tion is tak­en from the of­fi­cial doc­u­men­ta­tion: An­a­lyz­ing with Sonar­Qube Scan­ner for Maven

[xml title=“settings.xml” firstline=“9”]


Leave a Reply

Your email address will not be published.