Skip to content

Commit

Permalink
release 4.4.0 (#1274)
Browse files Browse the repository at this point in the history
  • Loading branch information
BraisVQ authored Apr 22, 2024
1 parent bc21133 commit c410291
Show file tree
Hide file tree
Showing 73 changed files with 1,257 additions and 1,084 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/changelog-enforcer.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ jobs:
changelog:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4.1.1
- uses: actions/checkout@v4.1.2
- uses: dangoslen/changelog-enforcer@v3
with:
changeLogPath: 'CHANGELOG.md'
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
Expand Down
20 changes: 10 additions & 10 deletions .github/workflows/continuous-integration-workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Build UBI8 docker image
run: |
Expand All @@ -27,7 +27,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
- name: Build UBI8 docker image
run: |
./.github/workflows/build-docker-image.sh \
Expand All @@ -51,12 +51,12 @@ jobs:
runs-on: ubuntu-22.04
strategy:
matrix:
version: ['8.9.10.61524'] # 8.9 = LTS
version: ['9.9.4'] # 9.9 = LTS
edition: ['community', 'developer', 'enterprise']
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Check shell scripts
run: |
Expand All @@ -72,7 +72,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Check shell scripts
run: |
Expand All @@ -88,7 +88,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Setup Go 1.18
uses: actions/setup-go@v5
Expand Down Expand Up @@ -128,7 +128,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Check shell scripts
run: |
Expand All @@ -145,7 +145,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Check jsl expectations
run: |
Expand All @@ -163,7 +163,7 @@ jobs:
steps:
-
name: Checkout repository
uses: actions/checkout@v4.1.1
uses: actions/checkout@v4.1.2
-
name: Setup Go 1.18
uses: actions/setup-go@v5
Expand Down Expand Up @@ -207,7 +207,7 @@ jobs:
# run: jq . <<< "${GITHUB_CONTEXT}"
# -
# name: Checkout repository
# uses: actions/checkout@v4.1.1
# uses: actions/checkout@v4.1.2
# with:
# fetch-depth: 0
# path: 'ods-core'
Expand Down
16 changes: 16 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,22 @@

## Unreleased

### Fixed

### Added

### Changed

## [4.4.0] - 2024-04-22

### Fixed
- Update Nexus to version 3.67.1-java11 for Critical Bug Fix ([#1271](https://github.com/opendevstack/ods-core/pull/1271))

### Changed
- Nexus Maintenance (update version to latest, helm migration) ([#1242](https://github.com/opendevstack/ods-core/issues/1242))
- Update api version in ocp templates for image, buildconfig, route and deploymentconfig ([#1072](https://github.com/opendevstack/ods-jenkins-shared-library/issues/1072))
- SonarQube Maintenance (LTS update, DB update, SAML setup) ([#1211](https://github.com/opendevstack/ods-core/issues/1211))
- Update Jenkins and plugins to version v2.426.3, update agent and packages. Switch base image from "registry.redhat.io/openshift4/ose" to "registry.redhat.io/ocp-tools-4" [#1270](https://github.com/opendevstack/ods-core/pull/1270)

## [4.3.1] - 2024-02-19

Expand Down
47 changes: 19 additions & 28 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,10 @@ SHELL = /bin/bash
MAKEFLAGS += --warn-undefined-variables
MAKEFLAGS += --no-builtin-rules

ODS_NAMESPACE := $(shell $(CURDIR)/scripts/get-config-param.sh ODS_NAMESPACE)
NEXUS_URL := $(shell $(CURDIR)/scripts/get-config-param.sh NEXUS_URL)
SONARQUBE_URL := $(shell $(CURDIR)/scripts/get-config-param.sh SONARQUBE_URL)
# Load environment variables from .env file
include ../ods-configuration/ods-core.env
export $(shell sed 's/=.*//' ../ods-configuration/ods-core.env)

INSECURE := false
INSECURE_FLAG :=
ifeq ($(INSECURE), $(filter $(INSECURE), true yes))
Expand Down Expand Up @@ -120,24 +121,19 @@ start-doc-gen-build:

# SONARQUBE
## Install or update SonarQube.
install-sonarqube: apply-sonarqube-build start-sonarqube-build apply-sonarqube-deploy configure-sonarqube
install-sonarqube: apply-sonarqube-chart start-sonarqube-build configure-sonarqube
.PHONY: install-sonarqube

## Update OpenShift resources related to the SonarQube image.
apply-sonarqube-build:
cd sonarqube/ocp-config && tailor apply --namespace $(ODS_NAMESPACE) bc,is
## Apply OpenShift resources related to the SonarQube.
apply-sonarqube-chart:
cd sonarqube/chart && envsubst < values.yaml.template > values.yaml && helm upgrade --install --namespace $(ODS_NAMESPACE) sonarqube . && rm values.yaml
.PHONY: apply-sonarqube-build

## Start build of BuildConfig "sonarqube".
start-sonarqube-build:
ocp-scripts/start-and-follow-build.sh --namespace $(ODS_NAMESPACE) --build-config sonarqube
.PHONY: start-sonarqube-build

## Update OpenShift resources related to the SonarQube service.
apply-sonarqube-deploy:
cd sonarqube/ocp-config && tailor apply --namespace $(ODS_NAMESPACE) --exclude bc,is
@echo "Visit $(SONARQUBE_URL)/setup to see if any update actions need to be taken."
.PHONY: apply-sonarqube-deploy
.PHONY: start-sonarqube-build

## Configure SonarQube service.
configure-sonarqube:
Expand All @@ -147,27 +143,22 @@ configure-sonarqube:

# NEXUS
## Install or update Nexus.
install-nexus: apply-nexus-build start-nexus-build apply-nexus-deploy
install-nexus: apply-nexus-chart start-nexus-build
.PHONY: nexus

## Update OpenShift resources related to the Nexus image.
apply-nexus-build:
cd nexus/ocp-config && tailor apply --namespace $(ODS_NAMESPACE) bc,is
.PHONY: apply-nexus-build
## Apply OpenShift resources related to the Nexus.
apply-nexus-chart:
cd nexus/chart && envsubst < values.yaml.template > values.yaml && helm upgrade --install --namespace $(ODS_NAMESPACE) nexus . && rm values.yaml
.PHONY: apply-nexus-chart

## Start build of BuildConfig "nexus".
start-nexus-build:
ocp-scripts/start-and-follow-build.sh --namespace $(ODS_NAMESPACE) --build-config nexus
.PHONY: start-nexus-build

## Update OpenShift resources related to the Nexus service.
apply-nexus-deploy:
cd nexus/ocp-config && tailor apply --namespace $(ODS_NAMESPACE) --exclude bc,is
.PHONY: apply-nexus-deploy

## Configure Nexus service.
configure-nexus:
cd nexus && ./configure.sh --namespace $(ODS_NAMESPACE) --nexus=$(NEXUS_URL) $(INSECURE_FLAG)
cd nexus && ./configure.sh --namespace $(ODS_NAMESPACE) --nexus=$(NEXUS_URL) --admin-password=$(NEXUS_ADMIN_PASSWORD) $(INSECURE_FLAG)
.PHONY: configure-nexus
### configure-nexus is not part of install-nexus because it is not idempotent yet.

Expand All @@ -177,14 +168,14 @@ configure-nexus:
backup: backup-sonarqube backup-ocp-config
.PHONY: backup

## Create a backup of OpenShift resources in "cd" namespace.
## Create a backup of OpenShift resources in "ods" namespace.
backup-ocp-config:
tailor export --namespace $(ODS_NAMESPACE) > backup_cd.yml
tailor export --namespace $(ODS_NAMESPACE) > backup_ods.yml
.PHONY: backup-ocp-config

## Create a backup of the SonarQube database in the current directory.
## Create a backup of the SonarQube database in backup storage and in the current directory.
backup-sonarqube:
cd sonarqube && ./backup.sh --namespace $(ODS_NAMESPACE) --backup-dir `pwd`
cd sonarqube && ./backup.sh --namespace $(ODS_NAMESPACE) --local-copy=true --backup-dir `pwd`
.PHONY: backup-sonarqube


Expand Down
83 changes: 39 additions & 44 deletions configuration-sample/ods-core.env.sample
Original file line number Diff line number Diff line change
Expand Up @@ -43,8 +43,10 @@ ODS_BITBUCKET_PROJECT=opendevstack
#########

# Nexus base image
# See https://hub.docker.com/r/sonatype/nexus3/tags.
NEXUS_FROM_IMAGE=sonatype/nexus3:3.45.1
# See Dockerhub https://hub.docker.com/r/sonatype/nexus3/tags.
# Officially supported is:
# - 3.67.1-java11
NEXUS_IMAGE_TAG=3.67.1-java11

# Nexus host without protocol.
# The domain should be equal to OPENSHIFT_APPS_BASEDOMAIN (see below).
Expand All @@ -58,11 +60,16 @@ NEXUS_URL=https://nexus-cd.192.168.56.101.nip.io
NEXUS_USERNAME=developer
NEXUS_PASSWORD=changeme
NEXUS_PASSWORD_B64=changeme
# Password of Nexus administrator - should be set to a secure password
# of your choice.
NEXUS_ADMIN_PASSWORD=changeme
NEXUS_ADMIN_PASSWORD_B64=changeme
# Nexus (basic) authentication username:password
NEXUS_AUTH=developer:changeme

# All params defined in the template https://github.com/opendevstack/ods-core/blob/master/nexus/ocp-config/bc.yml
# can be overwritten by specifying the param in this file.
# Nexus JVM parameters, adjust acording to organization size
# See https://help.sonatype.com/en/sonatype-nexus-repository-system-requirements.html
NEXUS_JVM_PARAMS="-Xms2703m -Xmx2703m -XX:MaxDirectMemorySize=2703m -Djava.util.prefs.userRoot=/nexus-data/javaprefs"

#############
# SonarQube #
Expand All @@ -85,16 +92,21 @@ SONAR_ADMIN_PASSWORD_B64=changeme
# Do not change the value manually - the token is created and set automatically during "make configure-sonarqube".
SONAR_AUTH_TOKEN_B64=changeme

# Application in Crowd used for authentication
SONAR_CROWD_APPLICATION=sonarqube
SONAR_CROWD_PASSWORD_B64=changeme
# Toggle authentication via SAML
SONAR_AUTH_SAML='true'

# SAML Application used for authentication
SONAR_SAML_APPLICATION_ID=https://sonarqube-cd.192.168.56.101.nip.io/sonar/saml
SONAR_SAML_PROVIDER_ID_B64=changeme
SONAR_SAML_LOGIN_URL_B64=changeme
SONAR_SAML_CERTIFICATE_B64=changeme

# Postgres DB for SonarQube
# Image to use for the PostgreSQL database. This needs to be compatible with
# your SonarQube version, see https://docs.sonarqube.org/latest/requirements/requirements/.
# Take care when upgrading either database or SQ version.
# E.g. registry.redhat.io/rhel8/postgresql-12
SONAR_DATABASE_IMAGE=docker-registry.default.svc:5000/openshift/postgresql:9.6
# E.g. registry.redhat.io/rhel9/postgresql-15
SONAR_DATABASE_IMAGE=docker-registry.default.svc:5000/openshift/postgresql:15
# Connection string for JDBC. Typically this does not need to be changed.
SONAR_DATABASE_JDBC_URL=jdbc:postgresql://sonarqube-postgresql:5432/sonarqube
# Database name for SonarQube. Typically this does not need to be changed.
Expand All @@ -110,20 +122,10 @@ SONAR_DATABASE_USER=sonarqube
# - Use "developer", "enterprise" or "datacenter" for commercial editions
SONAR_EDITION=community
# SonarQube version.
# See Dockerhub https://hub.docker.com/_/sonarqube/tags
# Officially supported is:
# - 8.9 (LTS release)
SONAR_VERSION=8.9.10.61524
https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.9.10.61524.zip
# SonarQube distribution URL.
# Must be aligned with both SONAR_VERSION and SONAR_EDITION.
# Check https://binaries.sonarsource.com/ for options.
SONAR_DISTRIBUTION_URL=https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.9.10.61524.zip

# Toggle authentication via Crowd plugin
SONAR_AUTH_CROWD=true

# All params defined in the template https://github.com/opendevstack/ods-core/blob/master/sonarqube/ocp-config/sonarqube.yml
# can be overwritten by specifying the param in this file.
# - 9.9 (LTS release)
SONAR_VERSION=9.9.4

#########
# Jira #
Expand Down Expand Up @@ -183,32 +185,25 @@ CONFLUENCE_URL=http://192.168.56.31:8090

# Base image for Jenkins master.
# For UBI8-based images (OpenShift 4):
# - RHEL variant: https://catalog.redhat.com/software/containers/openshift4/ose-jenkins/5cdd918ad70cc57c44b2d279
# - Example: registry.redhat.io/openshift4/ose-jenkins:v4.6
# - Last tested: registry.redhat.io/openshift4/ose-jenkins:v4.10.0-202305170515.p0.g2988625.assembly.stream
# - RHEL variant: https://catalog.redhat.com/software/containers/ocp-tools-4/jenkins-rhel8/5fe1f38288e9c2f788526306
# - Example: registry.redhat.io/ocp-tools-4/jenkins-rhel8:v4.14.0
# - Last tested: registry.redhat.io/ocp-tools-4/jenkins-rhel8:v4.14.0-1706517686
# - Community variant: https://quay.io/repository/openshift/origin-jenkins?tab=tags
# - Example: quay.io/openshift/origin-jenkins:4.6
# For RHEL7-based images (OpenShift 3.11):
# - Available tags listed at: https://catalog.redhat.com/software/containers/openshift3/jenkins-2-rhel7/581d2f4500e5d05639b6517b
# - Example: registry.access.redhat.com/openshift3/jenkins-2-rhel7:v3.11
JENKINS_MASTER_BASE_FROM_IMAGE=registry.redhat.io/openshift4/ose-jenkins:v4.10.0-202305170515.p0.g2988625.assembly.stream
JENKINS_MASTER_BASE_FROM_IMAGE=registry.redhat.io/ocp-tools-4/jenkins-rhel8:v4.14.0-1706517686

# Dockerfile to use for Jenkins master.
# Use "Dockerfile.ubi8" for both OpenShift 3.11 and 4 (UBI8 base image)
JENKINS_MASTER_DOCKERFILE_PATH=Dockerfile.ubi8

# Base image for Jenkins agent base.
# For UBI8-based images (OpenShift 4):
# - RHEL variant: https://catalog.redhat.com/software/containers/openshift4/ose-jenkins-agent-base/5cdd8e2fbed8bd5717d66e77
# - Example: registry.redhat.io/openshift4/ose-jenkins-agent-base:v4.6
# - Last tested: registry.redhat.io/openshift4/ose-jenkins:v4.10.0-202305170515.p0.g2988625.assembly.stream
# - RHEL variant: https://catalog.redhat.com/software/containers/ocp-tools-4/jenkins-agent-base-rhel8/6241e3457847116cf8577aea
# - Example: registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8:v4.14.0
# - Last tested: registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8:v4.14.0-1706516367
# - Community variant: https://quay.io/repository/openshift/origin-jenkins-agent-base?tab=tags
# - Example: quay.io/openshift/origin-jenkins-agent-base:4.6
# For RHEL7-based images (OpenShift 3.11):
# - Available tags listed at: https://catalog.redhat.com/software/containers/openshift3/jenkins-slave-base-rhel7/581d2f3f00e5d05639b6515b.
# - Example: registry.access.redhat.com/openshift3/jenkins-slave-base-rhel7:v3.11
# - Latest tested tag: v3.11.248 (v3.11 is a moving target)
JENKINS_AGENT_BASE_FROM_IMAGE=registry.redhat.io/openshift4/ose-jenkins-agent-base:v4.10.0-202305170515.p0.g2988625.assembly.stream
JENKINS_AGENT_BASE_FROM_IMAGE=registry.redhat.io/ocp-tools-4/jenkins-agent-base-rhel8:v4.14.0-1706516367

# Dockerfile to use for Jenkins agents.
# Use "Dockerfile.ubi8" for both OpenShift 3.11 and 4 (UBI8 base image)
Expand All @@ -217,25 +212,25 @@ JENKINS_AGENT_DOCKERFILE_PATH=Dockerfile.ubi8
# Snyk CLI binary distribution url
# Leave empty to avoid installing Snyk.
# Releases are published at https://github.com/snyk/snyk/releases.
# Latest tested version is v1.1097.0.
JENKINS_AGENT_BASE_SNYK_DISTRIBUTION_URL=https://github.com/snyk/snyk/releases/download/v1.1097.0/snyk-linux
# Latest tested version is v1.1284.0.
JENKINS_AGENT_BASE_SNYK_DISTRIBUTION_URL=https://github.com/snyk/snyk/releases/download/v1.1284.0/snyk-linux

# AquaSec CLI binary distribution url
# Leave empty to avoid installing AquaSec.
# Releases are published at https://download.aquasec.com/scanner
# Check Aqua versions backward compatibility at https://docs.aquasec.com/docs/version-compatibility-of-components#section-backward-compatibility-across-two-major-versions
# To Download the aquaSec scanner cli and check their documentaion requires a valid account on aquasec.com
# Latest tested version is 2022.4.284
# Example: https://<USER>:<PASSWORD>@download.aquasec.com/scanner/2022.4.284/scannercli
# Latest tested version is 2022.4.517
# Example: https://<USER>:<PASSWORD>@download.aquasec.com/scanner/2022.4.517/scannercli
JENKINS_AGENT_BASE_AQUASEC_SCANNERCLI_URL=

# Repository of shared library
# You may also point to repository underneath REPO_BASE.
SHARED_LIBRARY_REPOSITORY=https://github.com/opendevstack/ods-jenkins-shared-library.git

####################
# OpenShift (3.11) #
####################
#############
# OpenShift #
#############

# Internal docker registry host and port - this is used
# for pulling the agent images in jenkins.
Expand Down
1 change: 1 addition & 0 deletions docs/modules/administration/nav.adoc
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
* Administration
** xref:administration:installation.adoc[Installation]
** Upgrade
*** xref:administration:helm-migration.adoc[Helm migration]
*** xref:administration:update-2-to-3.adoc[2.x to 3.x]
*** xref:administration:update-older.adoc[older]
** xref:provisioning-app:configuration.adoc[Provisioning App]
Expand Down
Loading

0 comments on commit c410291

Please sign in to comment.