Adding gitlab plugin configuration

Updated Jenkins key exchange algorithms Replacing Gerrit with Gitlab Update adop_gitlab.groovy Update generate_gitlab_auth_token.sh added http properties file generation for GitLab co-authored-by: NkolasN <nicolas.nikiforou@accenture.com> co-authored-by: Jonathan Jarvis <jonathan.e.jarvis@accenture.com> co-authored-by: lyka.i.bernardo <lyka.i.bernardo@accenture.com>
Accenture · Nov 15, 2018 · 582daa2 · 582daa2
1 parent 8643442
commit 582daa2
Show file tree

Hide file tree

Showing 13 changed files with 328 additions and 250 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -2,10 +2,9 @@ FROM jenkins/jenkins:2.107.3
 
 MAINTAINER Nick Griffin, <nicholas.griffin>
 
-ENV GERRIT_HOST_NAME gerrit
-ENV GERRIT_PORT 8080
-ENV GERRIT_SSH_PORT 29418
-ENV GERRIT_PROFILE="ADOP Gerrit" GERRIT_JENKINS_USERNAME="" GERRIT_JENKINS_PASSWORD=""
+ENV GITLAB_HOST_NAME gitlab
+ENV GITLAB_PORT 80
+ENV GITLAB_SSH_PORT 22
 
 # Copy in configuration files
 COPY resources/plugins.txt /usr/share/jenkins/ref/
@@ -24,13 +23,13 @@ RUN chmod +x -R /usr/share/jenkins/ref/adop_scripts/ && \
 # USER jenkins
 
 # Environment variables
-ENV ADOP_LDAP_ENABLED=true LDAP_IS_MODIFIABLE=true ADOP_ACL_ENABLED=true ADOP_SONAR_ENABLED=true ADOP_ANT_ENABLED=true ADOP_MAVEN_ENABLED=true ADOP_NODEJS_ENABLED=true ADOP_GERRIT_ENABLED=true
+ENV ADOP_LDAP_ENABLED=true LDAP_IS_MODIFIABLE=true ADOP_ACL_ENABLED=true ADOP_SONAR_ENABLED=true ADOP_ANT_ENABLED=true ADOP_MAVEN_ENABLED=true ADOP_NODEJS_ENABLED=true ADOP_GITLAB_ENABLED=true
 ENV LDAP_GROUP_NAME_ADMIN=""
 ENV JENKINS_OPTS="--prefix=/jenkins -Djenkins.install.runSetupWizard=false"
 ENV PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH="/var/jenkins_home/userContent/datastore/pluggable/scm"
 ENV PLUGGABLE_SCM_PROVIDER_PATH="/var/jenkins_home/userContent/job_dsl_additional_classpath/"
 
 RUN xargs /usr/local/bin/install-plugins.sh < /usr/share/jenkins/ref/plugins.txt
-RUN echo "KexAlgorithms diffie-hellman-group1-sha1" >> /etc/ssh/ssh_config
+RUN echo "KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-group1-sha1" >> /etc/ssh/ssh_config
 
 ENTRYPOINT ["/entrypoint.sh"]
diff --git a/README.md b/README.md
@@ -24,15 +24,14 @@ Runtime configuration can be provided using environment variables:
 * ADOP_ANT_ENABLED, allow enable/disable Jenkins-ANT integration. Default to true (enabled).
 * ADOP_MAVEN_ENABLED, allow enable/disable Jenkins-MAVEN integration. Default to true (enabled).
 * ADOP_NODEJS_ENABLED, allow enable/disable Jenkins-NODEJS integration. Default to true (enabled).
-* ADOP_GERRIT_ENABLED, allow enable/disable Jenkins-GERRIT integration. Default to true (enabled).
+* ADOP_GITLAB_ENABLED, allow enable/disable Jenkins-GITLAB integration. Default to true (enabled).
 
 Additional environment variables that allow fine tune Jenkins runtime configuration are:
 
-* GERRIT_HOST_NAME, the Gerrit hostname. Default to Gerrit
-* GERRIT_PORT, the port Gerrit APIs are exposed. Default to 8080
-* GERRIT_JENKINS_USERNAME, the username Jenkins will use to connect to Gerrit. Default to Gerrit.
-* GERRIT_JENKINS_PASSWORD, the password Jenkins will use to connect to Gerrit. Default to gerrit.
-* GERRIT_FRONT_END_URL, the URL for Gerrit frontend.
+* GITLAB_HOST_NAME, the Gitlab hostname. Default to gitlab
+* GITLAB_PORT, the port Gitlab APIs are exposed. Default to 80
+* GITLAB_JENKINS_USERNAME, the username Jenkins will use to connect to Gitlab. Default to Gitlab. 
+* GITLAB_JENKINS_PASSWORD, the password Jenkins will use to connect to Gitlab. Default to gitlab.
 * INITIAL_ADMIN_USER, the username for the admin user.
 * INITIAL_ADMIN_PASSWORD, the password for the initial admin user.
 * LDAP_SERVER, the LDPA URI, i.e. ldap-host:389

diff --git a/resources/entrypoint.sh b/resources/entrypoint.sh
@@ -1,22 +1,29 @@
 #!/bin/bash
 
-echo "Genarate JENKINS SSH KEY and add it to gerrit"
-host=$GERRIT_HOST_NAME
-port=$GERRIT_PORT
-gerrit_provider_id="adop-gerrit"
-gerrit_protocol="ssh"
-username=$GERRIT_JENKINS_USERNAME
-password=$GERRIT_JENKINS_PASSWORD
-nohup /usr/share/jenkins/ref/adop\_scripts/generate_key.sh -c ${host} -p ${port} -u ${username} -w ${password} &
-
-echo "Setting up your default SCM provider - Gerrit..."
+context="gitlab"
+gitlab_protocol="ssh"
+gitlab_protocol_2="http"
+host=$GITLAB_HOST
+port=$GITLAB_PORT
+gitlab_provider_id="adop-gitlab"
+
+echo "Genarate JENKINS SSH KEY"
+nohup /usr/share/jenkins/ref/adop\_scripts/generate_key.sh -c ${host} -p ${port} &
+
+echo "Setting up your default SCM provider - Gitlab..."
 mkdir -p $PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH $PLUGGABLE_SCM_PROVIDER_PATH
 mkdir -p ${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/CartridgeLoader ${PLUGGABLE_SCM_PROVIDER_PROPERTIES_PATH}/ScmProviders
-nohup /usr/share/jenkins/ref/adop\_scripts/generate_gerrit_scm.sh -i ${gerrit_provider_id} -p ${gerrit_protocol} -h ${host} &
+nohup /usr/share/jenkins/ref/adop\_scripts/generate_gitlab_scm.sh -i ${gitlab_provider_id} -p ${gitlab_protocol} -p ${gitlab_protocol_2} -h ${host} -c ${context} &
 
 echo "Generate Sonar authentication token"
 source /usr/share/jenkins/ref/adop\_scripts/generate_sonar_auth_token.sh
 
+echo "Generate GitLab authentication token"
+. /usr/share/jenkins/ref/adop\_scripts/generate_gitlab_auth_token.sh
+
+echo "Copy Jenkins's public key to GitLab"
+source /usr/share/jenkins/ref/adop\_scripts/put_jenkins_public_key_in_gitlab.sh
+
 echo "skip upgrade wizard step after installation"
 echo "2.7.4" > /var/jenkins_home/jenkins.install.UpgradeWizard.state
 

diff --git a/resources/init.groovy.d/adop_gerrit.groovy b/resources/init.groovy.d/adop_gerrit.groovy
diff --git a/resources/init.groovy.d/adop_gitlab.groovy b/resources/init.groovy.d/adop_gitlab.groovy
@@ -0,0 +1,111 @@
+import jenkins.model.*;
+import com.dabsquared.gitlabjenkins.connection.*;
+import hudson.model.*;
+import com.cloudbees.plugins.credentials.SystemCredentialsProvider;
+import com.cloudbees.plugins.credentials.CredentialsScope;
+import com.cloudbees.plugins.credentials.domains.*
+import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl;
+import hudson.util.Secret;
+
+// Check if enabled
+def env = System.getenv()
+if (!env['ADOP_GITLAB_ENABLED'].toBoolean()) {
+    println "--> ADOP Gitlab Disabled"
+    return
+}
+
+// Variables
+def gitlab_host_name = env['GITLAB_HOST']
+def gitlab_api_token = env['GITLAB_AUTH_TOKEN']
+def gitlab_ignore_cert_errors = env['GITLAB_IGNORE_CERTIFICATE_ERRORS'] ?: false
+def gitlab_connection_timeout = env['GITLAB_CONNECTION_TIMEOUT'] ?: 10
+def gitlab_read_timeout = env['GITLAB_READ_TIMEOUT'] ?: 10
+
+def gitlab_api_token_description = "Gitlab api token"
+def gitlab_api_token_id = "gitlab_api_token"
+
+def credential_id = "gitlab_user_token"
+def credential_description = "Gitlab Username Token"
+def credential_username = env['GITLAB_USERNAME']
+def system_credentials_provider = SystemCredentialsProvider.getInstance()
+
+// Constants
+def instance = Jenkins.getInstance()
+
+Thread.start {
+  sleep 10000
+
+  api_token = new Secret(gitlab_api_token)
+
+  //Gitlab access token
+  gitlab_api_token_credentials_exist = false
+  system_credentials_provider.getCredentials().each {
+      credentials = (com.cloudbees.plugins.credentials.Credentials) it
+      if ( credentials.getDescription() == gitlab_api_token_description) {
+          gitlab_api_token_credentials_exist = true
+          println("Found existing credentials: " + gitlab_api_token_description)
+      }
+  }
+
+  if(!gitlab_api_token_credentials_exist) {
+    domain = Domain.global()
+    store = Jenkins.instance.getExtensionList('com.cloudbees.plugins.credentials.SystemCredentialsProvider')[0].getStore()
+    gitlabToken = new GitLabApiTokenImpl(
+      CredentialsScope.GLOBAL,
+      gitlab_api_token_id,
+      gitlab_api_token_description,
+      api_token
+    )
+    store.addCredentials(domain, gitlabToken) 
+  }
+
+  //Gitlab username token
+  gitlab_username_credentials_exist = false
+  system_credentials_provider.getCredentials().each {
+      credentials = (com.cloudbees.plugins.credentials.Credentials) it
+      if ( credentials.getDescription() == credential_description) {
+          gitlab_username_credentials_exist = true
+          println("Found existing credentials: " + credential_description)
+      }
+  }
+
+  if(!gitlab_username_credentials_exist) {
+    domain = Domain.global()
+    store = Jenkins.instance.getExtensionList('com.cloudbees.plugins.credentials.SystemCredentialsProvider')[0].getStore()
+    gitlabUserPass = new UsernamePasswordCredentialsImpl(CredentialsScope.GLOBAL,credential_id,credential_description,credential_username,gitlab_api_token)
+    store.addCredentials(domain, gitlabUserPass) 
+  }
+
+  // Gitlab
+  println "--> Configuring Gitlab"
+  def gitlab_config = instance.getDescriptor("com.dabsquared.gitlabjenkins.connection.GitLabConnectionConfig")
+
+  def gitlab_conn = new GitLabConnection(
+    'ADOP Gitlab',
+    gitlab_host_name,
+    gitlab_api_token_id,
+    gitlab_ignore_cert_errors,
+    gitlab_connection_timeout,
+    gitlab_read_timeout
+  )
+
+  def gitlab_connections = gitlab_config.getConnections()
+
+  def gitlab_server_exists = false
+  gitlab_connections.each {
+    connection_name = (GitLabConnection) it
+    if ( gitlab_conn.name == connection_name.getName() ) {
+      gitlab_server_exists = true
+      println("Found existing installation: " + gitlab_conn.name)
+    }
+  }
+
+  if (!gitlab_server_exists) {
+	  gitlab_connections.add(gitlab_conn)
+    gitlab_config.setConnections(gitlab_connections)
+  	gitlab_config.save()
+  }
+
+  // Save the state
+  instance.save()
+}
diff --git a/resources/init.groovy.d/role_based_auth.groovy b/resources/init.groovy.d/role_based_auth.groovy
@@ -49,7 +49,6 @@ Thread.start {
     adminPermissions.add(Permission.fromId("com.cloudbees.plugins.credentials.CredentialsProvider.ManageDomains"));
     adminPermissions.add(Permission.fromId("hudson.model.Computer.Create"));
     adminPermissions.add(Permission.fromId("hudson.model.View.Configure"));
-    adminPermissions.add(Permission.fromId("com.sonyericsson.hudson.plugins.gerrit.trigger.PluginImpl.Retrigger"));
     adminPermissions.add(Permission.fromId("hudson.model.Hudson.ConfigureUpdateCenter"));
     adminPermissions.add(Permission.fromId("hudson.model.Computer.Build"));
     adminPermissions.add(Permission.fromId("hudson.model.Item.Configure"));
@@ -71,7 +70,6 @@ Thread.start {
     adminPermissions.add(Permission.fromId("hudson.model.Hudson.RunScripts"));
     adminPermissions.add(Permission.fromId("hudson.model.View.Create"));
     adminPermissions.add(Permission.fromId("hudson.model.Item.Delete"));
-    adminPermissions.add(Permission.fromId("com.sonyericsson.hudson.plugins.gerrit.trigger.PluginImpl.ManualTrigger"));
     adminPermissions.add(Permission.fromId("hudson.model.Computer.Configure"));
     adminPermissions.add(Permission.fromId("com.cloudbees.plugins.credentials.CredentialsProvider.Create"));
     adminPermissions.add(Permission.fromId("hudson.model.Computer.Disconnect"));

diff --git a/resources/jobs/Load_Platform/config.xml b/resources/jobs/Load_Platform/config.xml
@@ -1,7 +1,7 @@
 <?xml version='1.0' encoding='UTF-8'?>
 <project>
   <actions/>
-  <description>This job is responsible for retrieving the ADOP platform management repository and pushing it to the ADOP Gerrit instance.</description>
+  <description>This job is responsible for retrieving the ADOP platform management repository.</description>
   <keepDependencies>false</keepDependencies>
   <properties>
     <com.sonyericsson.rebuild.RebuildSettings plugin="rebuild@1.25">
@@ -68,31 +68,6 @@ if [ -z $GIT_URL ]; then
     exit 1
 fi
 
-# Create Gerrit repository
-target_repo_name=&quot;platform-management&quot;
-repo_exists=0
-list_of_repos=$(ssh -n -o StrictHostKeyChecking=no -p 29418 gerrit gerrit ls-projects --type code)
-
-for repo in ${list_of_repos}
-do
-  if [ ${repo} = ${target_repo_name} ]; then
-    echo &quot;Found: ${repo}&quot;
-    repo_exists=1
-    break
-  fi
-done
-
-if [ ${repo_exists} -eq 0 ]; then
-  ssh -n -o StrictHostKeyChecking=no -p 29418 gerrit gerrit create-project --parent &quot;All-Projects&quot; &quot;${target_repo_name}&quot;
-else
-  echo &quot;Repository already exists, skipping: ${target_repo_name}&quot;
-fi
-
-# Setup remote &amp; populate
-git remote add adop ssh://jenkins@gerrit:29418/&quot;${target_repo_name}&quot;
-git fetch adop
-git push adop +refs/remotes/origin/*:refs/heads/*
-
 # If a version has been specified, let&apos;s switch to it
 if [ ! -z &quot;${ADOP_PLATFORM_MANAGEMENT_VERSION}&quot; ] &amp;&amp; [[ &quot;${ADOP_PLATFORM_MANAGEMENT_VERSION}&quot; =~ ^[a-fA-F0-9]{8,40}$ ]] &amp;&amp; [ &quot;$(git cat-file -t &quot;${ADOP_PLATFORM_MANAGEMENT_VERSION}&quot;)&quot; = &quot;commit&quot; ]; then
 	echo &quot;INFO - Checking out specified ADOP_PLATFORM_MANAGEMENT_VERSION &apos;${ADOP_PLATFORM_MANAGEMENT_VERSION}&apos;&quot;

diff --git a/resources/plugins.txt b/resources/plugins.txt
@@ -64,7 +64,6 @@ environment-dashboard:1.1.7
 extensible-choice-parameter:1.5.0
 favorite:2.3.2
 gatling:1.2.2
-gerrit-trigger:2.27.5
 git-client:2.7.2
 git-server:1.7
 git:3.9.0
@@ -73,6 +72,7 @@ github-branch-source:2.3.4
 github-oauth:0.29
 github-organization-folder:1.6
 github:1.29.0
+gitlab-plugin:1.5.10
 global-build-stats:1.5
 greenballs:1.15
 groovy:2.0