We have an issue with CasC plugin we found, see Mads' comment here: #7 (comment)

As soon as we can configure our Maven installation configuration from jenkins.yml we should make that job work.

We want to add some intial projects to jcasc. We discussed it and we decided that we want to have a couple of examples on how to do this.

Then entry point will be the jenkins.yaml file where we define the initial seeds jobs in the jobs root element:

jenkins:
 [...]
jobs: 
 [...]

This can be seen as a subtask of #3

This is about figuring out the second demo job we want to use, we'll use jcasc itself as an example, to which you can already copy paste the yaml from the plugin source, so the task of this is to find a good second example project that demonstrates typical use.

Should use a specific version of jenkins4casc and docker version 3.3 so we can use docker secrets.

It should reference docker secrets we create manually on the EC2 instance docker host.

It should reference a jenkins.yml in this repository, using an environment variable and point to the raw content of the jenkins.yml

With 0.6-alpha warnings and global libraries belong to a new root element. We need to fix that.

I comes today from the compose file https://github.com/Praqma/praqma-jenkins-casc/blob/master/docker-compose.yml but Configuration as Code plugin promised this feature and should be able to install plugins, thus our plugin installation should come from jenkins.yml file.

Then we can delete the build part of the compose file, and don't need any Dockerfile in here as well.

Maybe update the pipeline in demo 1 project repository so it polls for changes.

Running with the jenkins4casc:0.7-alpha image and most recent jenkins.yaml fails to start Jenkins with the following error during plugin installation:
jenkins_1 | java.io.IOException: Failed to dynamically deploy this plugin jenkins_1 | at hudson.model.UpdateCenter$InstallationJob._run(UpdateCenter.java:1893) jenkins_1 | at hudson.model.UpdateCenter$DownloadJob.run(UpdateCenter.java:1651) jenkins_1 | at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) jenkins_1 | at java.util.concurrent.FutureTask.run(FutureTask.java:266) jenkins_1 | at hudson.remoting.AtmostOneThreadExecutor$Worker.run(AtmostOneThreadExecutor.java:112) jenkins_1 | at java.lang.Thread.run(Thread.java:748) jenkins_1 | Caused by: java.util.zip.ZipException: error in opening zip file

Jenkins fail to start right after cloning and display the following error when going to localhost

	at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.lambda$lookupDescriptor$11(HeteroDescribableConfigurator.java:212)
	at io.vavr.control.Option.orElse(Option.java:302)
	at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.lookupDescriptor(HeteroDescribableConfigurator.java:211)
	at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.lambda$configure$3(HeteroDescribableConfigurator.java:84)
	at io.vavr.Tuple2.apply(Tuple2.java:239)
	at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.configure(HeteroDescribableConfigurator.java:83)
	at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.check(HeteroDescribableConfigurator.java:92)
	at io.jenkins.plugins.casc.impl.configurators.HeteroDescribableConfigurator.check(HeteroDescribableConfigurator.java:55)
	at io.jenkins.plugins.casc.BaseConfigurator.configure(BaseConfigurator.java:353)
	at io.jenkins.plugins.casc.BaseConfigurator.check(BaseConfigurator.java:288)
	at io.jenkins.plugins.casc.ConfigurationAsCode.lambda$checkWith$6(ConfigurationAsCode.java:702)
	at io.jenkins.plugins.casc.ConfigurationAsCode.invokeWith(ConfigurationAsCode.java:664)
	at io.jenkins.plugins.casc.ConfigurationAsCode.checkWith(ConfigurationAsCode.java:702)
	at io.jenkins.plugins.casc.ConfigurationAsCode.configureWith(ConfigurationAsCode.java:686)
	at io.jenkins.plugins.casc.ConfigurationAsCode.configureWith(ConfigurationAsCode.java:585)
	at io.jenkins.plugins.casc.ConfigurationAsCode.configure(ConfigurationAsCode.java:280)
	at io.jenkins.plugins.casc.ConfigurationAsCode.init(ConfigurationAsCode.java:272)
Caused: java.lang.reflect.InvocationTargetException
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:104)
Caused: java.lang.Error
	at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:110)
	at hudson.init.TaskMethodFinder$TaskImpl.run(TaskMethodFinder.java:175)
	at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296)
	at jenkins.model.Jenkins$5.runTask(Jenkins.java:1131)
	at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214)
	at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117)
	at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:59)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
Caused: org.jvnet.hudson.reactor.ReactorException
	at org.jvnet.hudson.reactor.Reactor.execute(Reactor.java:282)
	at jenkins.InitReactorRunner.run(InitReactorRunner.java:50)
	at jenkins.model.Jenkins.executeReactor(Jenkins.java:1164)
	at jenkins.model.Jenkins.<init>(Jenkins.java:964)
	at hudson.model.Hudson.<init>(Hudson.java:85)
	at hudson.model.Hudson.<init>(Hudson.java:81)
	at hudson.WebAppMain$3.run(WebAppMain.java:262)
Caused: hudson.util.HudsonFailedToLoad
	at hudson.WebAppMain$3.run(WebAppMain.java:279)

I am doing the docker-compose up --build command with everything set up as in the master branch, I haven't updated any file.

Any help will be appreciated.

Our should show a build slave, this is just a plain ubuntu linux on AWS as EC2 instance connected through ssh.

So we need our AWS stuff to also create a build slave, and our docker secrets to contain the credentials to connect to it.

Our demo for configuration as code spawns several repositorys (jenkins4casc, some demo projects and this one) and we need to communicate our overall uses, as well as explain how the hole setup is working together.

This is a demonstration of how we would run jcasc in Praqma.

It should probably be documented as github pages.

I tried this demo today, and Jenkins failed with this error:
To reproduce, on a linux machine, clone this repo, and run docker-compose up --build

jenkins_1 | io.jenkins.plugins.casc.ConfiguratorException: Invalid configuration elements for type class jenkins.model.GlobalConfigurationCategory$Security : remotingCLI. jenkins_1 | Available attributes : apiToken, crumb, downloadSettings, envInject, globalJobDslSecurityConfiguration, masterKillSwitchConfiguration, queueItemAuthenticator, sSHD, scriptApproval, updateSiteWarningsConfiguration jenkins_1 | at io.jenkins.plugins.casc.BaseConfigurator.handleUnknown(BaseConfigurator.java:377) jenkins_1 | at io.jenkins.plugins.casc.BaseConfigurator.configure(BaseConfigurator.java:366) jenkins_1 | at io.jenkins.plugins.casc.BaseConfigurator.check(BaseConfigurator.java:287) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.lambda$checkWith$7(ConfigurationAsCode.java:716) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.invokeWith(ConfigurationAsCode.java:666) jenkins_1 | Caused: io.jenkins.plugins.casc.ConfiguratorException: security: error configuring 'security' with class io.jenkins.plugins.casc.impl.configurators.GlobalConfigurationCategoryConfigurator configurator jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.invokeWith(ConfigurationAsCode.java:672) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.checkWith(ConfigurationAsCode.java:716) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.configureWith(ConfigurationAsCode.java:701) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.configureWith(ConfigurationAsCode.java:592) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.configure(ConfigurationAsCode.java:281) jenkins_1 | at io.jenkins.plugins.casc.ConfigurationAsCode.init(ConfigurationAsCode.java:273) jenkins_1 | Caused: java.lang.reflect.InvocationTargetException jenkins_1 | at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) jenkins_1 | at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) jenkins_1 | at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) jenkins_1 | at java.lang.reflect.Method.invoke(Method.java:498) jenkins_1 | at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:104) jenkins_1 | Caused: java.lang.Error jenkins_1 | at hudson.init.TaskMethodFinder.invoke(TaskMethodFinder.java:110) jenkins_1 | at hudson.init.TaskMethodFinder$TaskImpl.run(TaskMethodFinder.java:175) jenkins_1 | at org.jvnet.hudson.reactor.Reactor.runTask(Reactor.java:296) jenkins_1 | at jenkins.model.Jenkins$5.runTask(Jenkins.java:1118) jenkins_1 | at org.jvnet.hudson.reactor.Reactor$2.run(Reactor.java:214) jenkins_1 | at org.jvnet.hudson.reactor.Reactor$Node.run(Reactor.java:117) jenkins_1 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) jenkins_1 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) jenkins_1 | at java.lang.Thread.run(Thread.java:748)

Hello! Thanks for praqma-jenkins-casc!
I try run
docker-compose uo --build
and get error

#0 4.697 Downloading plugin: workflow-job from https://updates.jenkins.io/download/plugins/workflow-job/2.39/workflow-job.hpi
#0 4.699 Downloading plugin: trilead-api from https://updates.jenkins.io/download/plugins/trilead-api/1.0.8/trilead-api.hpi
#0 4.704 Downloading plugin: warnings-ng from https://updates.jenkins.io/download/plugins/warnings-ng/8.1.0/warnings-ng.hpi
#0 4.743 Downloading plugin: workflow-durable-task-step from https://updates.jenkins.io/download/plugins/workflow-durable-task-step/2.35/workflow-durable-task-step.hpi
#0 4.768 Downloading plugin: workflow-step-api from https://updates.jenkins.io/download/plugins/workflow-step-api/2.22/workflow-step-api.hpi
#0 4.780 Downloading plugin: workflow-scm-step from https://updates.jenkins.io/download/plugins/workflow-scm-step/2.11/workflow-scm-step.hpi
#0 5.544 curlcurl: (60) SSL certificate problem: certificate has expired
#0 5.547 More details here: https://curl.haxx.se/docs/sslcerts.html
#0 5.547 
#0 5.547 curl performs SSL certificate verification by default, using a "bundle"
#0 5.547  of Certificate Authority (CA) public keys (CA certs). If the default
#0 5.547  bundle file isn't adequate, you can specify an alternate file
#0 5.547  using the --cacert option.
#0 5.547 If this HTTPS server uses a certificate signed by a CA represented in
#0 5.547  the bundle, the certificate verification probably failed due to a
#0 5.547  problem with the certificate (it might be expired, or the name might
#0 5.547  not match the domain name in the URL).
#0 5.548 If you'd like to turn off curl's verification of the certificate, use
#0 5.548  the -k (or --insecure) option.
#0 5.549 : (60) SSL certificate problem: ce07:03:07 Failure (60) Retrying in 1 seconds...
#0 5.557 rtificate has expired
#0 5.559 More details here: https://curl.haxx.se/docs/sslcerts.html

The images below is a draft for our casc.praqma.cloud that will soon demonstrate how we would run Jenkins Configuration as Code in Praqma.

For now it is only about creating a publicly available demo instance for inspection and scrutiny of other, but after that we will migrate our existing jenkins.praqma.cloud to a test and prod instance using casc.

The overall goal is to make an opinionated demo of casc in a way we would run it in Praqma on our production server. Because it is a demo, we do also handle provision and deployment

There might be some future improvements

• We can later split it up further in smaller components if we like.
• We can drive provision and deployment using circleci or similar

The white whiteboard drawings shows

..basically our components we need.

jenkins4casc.git

A very simple Jenkins docker image, almost identical to the official one but with the Configuration as Code plugin installed and ready to use.
This is supposed to be our recommended way to spin-up Jenkins and consist basically of two things: 1. the docker image, 2. the configuration file we point to.

praqma-jenkins-casc.git

This is our instance that goes live on https:\casc.praqma.cloud at some point and it just used the above jenkins4casc docker image and point to our configuration.
Further it contain some AWS stuff, so we have a place to deploy our docker image, but that could also be somewhere else.

demo1.git and demo2.git

These are supposed to be two "real" development project, it could be any of our project on our github that have builds and ci defined.

_But to avoid problems with multiple jobs running on the same repo (we also have them on our Praqma production Jenkins) we can't use real project, and will create two demo projects.

After switching to the new credentials model in 0.6-alpha credentials are no longer imported into the Jenkins UI. Using the example jenkins.yaml with the following credentials model:
credentials: system: domainCredentials: - usernamePassword: scope: SYSTEM id: github-user username: ReleasePraqma # The key 'github' resolved from a docker secret defined in docker-compose.yml password: ${github} - basicSSHUserPrivateKey: scope: SYSTEM id: agent-private-key username: agentuser passphrase: description: "ssh private key used to connect ssh slaves" privateKeySource: directEntry: # The key 'agent_private_key' resolved from a docker secret defined in docker-compose.yml privateKey: ${agent_private_key}
produces the result in the attached file credentials-0.7-alpha.png.
Using jenkins4casc:0.6-alpha-latest and the following credentials:
credentials: system: ? # "global" : - usernamePassword: scope: SYSTEM id: github-user username: ReleasePraqma # The key 'github' resolved from a docker secret defined in docker-compose.yml password: ${github} - basicSSHUserPrivateKey: scope: SYSTEM id: agent-private-key username: agentuser passphrase: description: "ssh private key used to connect ssh slaves" privateKeySource: directEntry: # The key 'agent_private_key' resolved from a docker secret defined in docker-compose.yml privateKey: ${agent_private_key}
produces the result in attached file credentials-0.5-alpha.png

We can use the scripts we copied in #2 to create this.

Generally we want to re-use as much as possible for this, as a reference take a look at the file here: https://github.com/Praqma/praqma-jenkins/blob/master/awsSetupForJenkins.sh