Jenkins demo (#23)

alt-dima · web-flow · commit 83cda87ddc07 · 2025-11-07T20:43:16.000+02:00
* Create Jenkinsfile

* Update Jenkinsfile

* Update init_examples.go

* Update init_examples.go

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Update Jenkinsfile

* Create README.md

* Create deploy.sh

* Create values.yaml

* Create jenkins-pvc.yaml

* Update values.yaml

* revert init_examples.go

* Update README.md
diff --git a/README.md b/README.md
@@ -7,7 +7,14 @@
 - After the temporary folder is ready, it executes `terraform` or `tofu` with specified parameters
 - Maintains separate state files for each environment/layer, automatically providing configuration for remote state management (different path on the storage regarding configured layers/dimensions). So the deployed set (configuration + terraform) is stored in different `tfstate` files in remote storage (S3, GCS)
 
-## Quick start with demo configuration
+## Quick start with Jenkins and demo configuration
+
+You will need any Kubernetes cluster (best small temporary like Podman+Kind or MiniKube).
+Check that kubectl context poiting to this test cluster! Not Production!
+
+For a full end-to-end example of using TofuGu in a CI/CD pipeline, see the pre-configured Jenkins deployment in [examples/jenkins/README.md](examples/jenkins/README.md).
+
+## Quick start locally with demo configuration
 
 1. [Download release](https://github.com/alt-dima/tofugu/releases) version >= 0.5.0
 2. Install [OpenTofu](https://opentofu.org/docs/intro/install/)
@@ -108,7 +115,7 @@ With the correct `toasterurl`, TofuGu will connect and receive all the required
 An additional parameter could be passed to tofugu `-w workspacename`. In general, `workspacename` is the branch name of the source repo where the dimension is stored. If TofuGu-Toaster does not find the dimension with the specified `workspacename`, it will try to return the dimension from the `master` workspace/branch!
 
 **Toaster-ToasterDB** provides additional features for your CI and CD pipelines. For example, you need to receive a [first-app.json](examples/inventory/demo-org/application/first-app.json) in the CI pipeline, to check the application configuration.
-Or you need a list of all the datacenters in the [datacenter dimension](examples/inventory/demo-org/datacenter) in a [Jenkins drop-down](https://github.com/alt-dima/tofugu/issues/10#issuecomment-2090932416) list to select to which datacenter to deploy the application.
+Or you need a list of all the datacenters in the [datacenter dimension](examples/inventory/demo-org/datacenter) in a [Jenkins drop-down](examples/jenkins/README.md) list to select to which datacenter to deploy the application.
 
 <img width="800" alt="Screenshot_20250915_222357" src="https://github.com/user-attachments/assets/735a4045-eb74-4fc0-b46d-aa01f655c7d0" />
 
diff --git a/examples/jenkins/Jenkinsfile b/examples/jenkins/Jenkinsfile
@@ -0,0 +1,152 @@
+properties([
+  parameters([
+    [
+      $class: 'CascadeChoiceParameter',
+      choiceType: 'PT_SINGLE_SELECT',
+      name: 'Account',
+      description: 'Select the account',
+      script: [
+        $class: 'GroovyScript',
+        fallbackScript: [
+          classpath: [],
+          sandbox: true,
+          script: 'return ["ERROR: Failed to fetch accounts"]'
+        ],
+        script: [
+          classpath: [],
+          sandbox: true,
+          script: '''
+            import groovy.json.JsonSlurper
+
+            try {
+                def url = new URL('https://toaster.altuhov.su/api/dimension/example-org/account?workspace=master&fallbacktomaster=true&needdimdata=false')
+                def connection = url.openConnection()
+                connection.setRequestProperty('Authorization', 'Basic NjYyY2FiN2M1ZTExNjgxOTczOGIwMWZlOnN1cGVydG9hc3Rlcg==')
+                connection.requestMethod = 'GET'
+                
+                def response = connection.content.text
+                def result = new JsonSlurper().parseText(response)
+                
+                if (result.Dimensions) {
+                    return result.Dimensions.collect { it.DimValue }.unique()
+                } else {
+                    return ["No accounts found"]
+                }
+            } catch (Exception e) {
+                return ["Error: ${e.message}"]
+            }
+          '''
+        ]
+      ]
+    ],
+    [
+      $class: 'CascadeChoiceParameter',
+      choiceType: 'PT_SINGLE_SELECT',
+      name: 'DataCenter',
+      description: 'Select the Data Center',
+      script: [
+        $class: 'GroovyScript',
+        fallbackScript: [
+          classpath: [],
+          sandbox: true,
+          script: 'return ["ERROR: Failed to fetch data centers"]'
+        ],
+        script: [
+          classpath: [],
+          sandbox: true,
+          script: '''
+            import groovy.json.JsonSlurper
+
+            try {
+                def url = new URL('https://toaster.altuhov.su/api/dimension/example-org/datacenter?workspace=master&fallbacktomaster=true&needdimdata=false')
+                def connection = url.openConnection()
+                connection.setRequestProperty('Authorization', 'Basic NjYyY2FiN2M1ZTExNjgxOTczOGIwMWZlOnN1cGVydG9hc3Rlcg==')
+                connection.requestMethod = 'GET'
+                
+                def response = connection.content.text
+                def result = new JsonSlurper().parseText(response)
+                
+                if (result.Dimensions) {
+                    return result.Dimensions.collect { it.DimValue }.unique()
+                } else {
+                    return ["No accounts found"]
+                }
+            } catch (Exception e) {
+                return ["Error: ${e.message}"]
+            }
+          '''
+        ]
+      ]
+    ]
+  ])
+])
+
+pipeline {
+  agent any
+  stages {
+    stage('Build') {
+      steps {
+        git url: 'https://github.com/alt-dima/tofugu.git', branch: 'main'
+        echo "Selected account: ${params.Account}"
+        echo "Selected data center: ${params.DataCenter}"
+      }
+    }
+    stage('Install OpenTofu and TofuGu') {
+      steps {
+        script {
+          def arch = sh(script: 'uname -m', returnStdout: true).trim()
+          def archSuffix
+          if (arch == 'aarch64' || arch == 'arm64') {
+            archSuffix = 'arm64'
+          } else if (arch == 'x86_64') {
+            archSuffix = 'amd64'
+          } else {
+            error "Unsupported architecture: ${arch}"
+          }
+
+          sh "curl -L -o tofu_1.10.7_linux_${archSuffix}.tar.gz https://github.com/opentofu/opentofu/releases/download/v1.10.7/tofu_1.10.7_linux_${archSuffix}.tar.gz"
+          sh "tar -xvf tofu_1.10.7_linux_${archSuffix}.tar.gz -C /tmp"
+          
+          sh "curl -L -o tofugu_0.5.1_linux_${archSuffix}.tar.gz https://github.com/alt-dima/tofugu/releases/download/v0.5.1/tofugu_0.5.1_linux_${archSuffix}.tar.gz"
+          sh "tar -xvf tofugu_0.5.1_linux_${archSuffix}.tar.gz"
+        }
+      }
+    }
+    stage('Create .tofugu config') {
+      steps {
+        writeFile file: '.tofugu', text: '''
+defaults:
+  tofies_path: examples/tofies
+  inventory_path: examples/inventory
+  cmd_to_exec: /tmp/tofu
+'''
+      }
+    }
+    stage('TofuGu Plan') {
+      environment {
+        toasterurl = 'https://662cab7c5e116819738b01fe:supertoaster@toaster.altuhov.su'
+      }
+      steps {
+        ansiColor('xterm') {
+          sh "./tofugu cook -o example-org -d account:${params.Account} -d datacenter:${params.DataCenter} -t demo -- init"
+          sh "./tofugu cook -o example-org -d account:${params.Account} -d datacenter:${params.DataCenter} -t demo -- plan"
+        }
+      }
+    }
+    stage('Approval') {
+      steps {
+        input 'Do you want to apply the changes?'
+      }
+    }
+    stage('TofuGu Apply') {
+      environment {
+        toasterurl = 'https://662cab7c5e116819738b01fe:supertoaster@toaster.altuhov.su'
+      }
+      steps {
+        ansiColor('xterm') {
+          sh "./tofugu cook -o example-org -d account:${params.Account} -d datacenter:${params.DataCenter} -t demo -- apply -auto-approve"
+        }
+      }
+    }
+  }
+}
diff --git a/examples/jenkins/README.md b/examples/jenkins/README.md
@@ -0,0 +1,34 @@
+# Pre-configured Jenkins for TofuGu and Tofugu Toaster Demo
+
+This project provides a way to deploy a pre-configured Jenkins instance to any Kubernetes cluster (especially local ones like Kind or Minikube). It's designed to demonstrate an end-to-end workflow using TofuGu and Tofugu Toaster with a demo OpenTofu unit/tofie.
+
+## Steps to setup
+
+1.  Execute the deployment script:
+    ```bash
+    bash deploy.sh
+    ```
+
+2.  Get the password for the Jenkins admin user:
+    ```bash
+    kubectl exec --namespace jenkins -it svc/jenkins-dev -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echo
+    ```
+
+3.  Start port-forwarding to access the Jenkins UI:
+    ```bash
+    kubectl port-forward --namespace jenkins svc/jenkins-dev 8080:8080
+    ```
+
+4.  Navigate your browser to [http://127.0.0.1:8080](http://127.0.0.1:8080).
+
+5.  Log in with the username `admin` and the password obtained in step 2.
+
+6.  Go to the `tofugu-pipeline` job page: [http://127.0.0.1:8080/job/tofugu-pipeline/](http://127.0.0.1:8080/job/tofugu-pipeline/).
+
+7.  On the left menu, click on **Build**. This will download and execute the `Jenkinsfile` from the repository.
+
+8.  Build #1 should start. Click on the build link to open the console output: [http://127.0.0.1:8080/job/tofugu-pipeline/1/console](http://127.0.0.1:8080/job/tofugu-pipeline/1/console).
+
+9.  Scroll to the end of the console output. You should see a plan output from OpenTofu and a question: "Do you want to apply the changes?".
+
+10. Click **Proceed** and watch as the apply stage is performed.
diff --git a/examples/jenkins/deploy.sh b/examples/jenkins/deploy.sh
@@ -0,0 +1,47 @@
+#!/bin/bash
+
+# Exit immediately if a command exits with a non-zero status.
+set -e
+
+# Define variables
+HELM_REPO_NAME="jenkinsci"
+HELM_REPO_URL="https://charts.jenkins.io"
+HELM_CHART_NAME="jenkins"
+RELEASE_NAME="jenkins-dev"
+NAMESPACE="jenkins"
+
+# Add the Jenkins Helm repository
+echo "Adding Jenkins Helm repository..."
+helm repo add $HELM_REPO_NAME $HELM_REPO_URL
+
+# Update your local Helm chart repository cache
+echo "Updating Helm repositories..."
+helm repo update
+
+# Create the namespace if it doesn't exist
+echo "Creating namespace '$NAMESPACE' if it doesn't exist..."
+kubectl create namespace $NAMESPACE --dry-run=client -o yaml | kubectl apply -f -
+
+# Create PersistentVolume and PersistentVolumeClaim for Jenkins data
+# echo "Creating PersistentVolume and PersistentVolumeClaim for Jenkins data..."
+# kubectl apply -f jenkins-pvc.yaml -n $NAMESPACE
+
+# Deploy the latest Jenkins chart with custom values
+echo "Deploying Jenkins to namespace '$NAMESPACE'..."
+helm upgrade --install $RELEASE_NAME $HELM_REPO_NAME/$HELM_CHART_NAME \
+  --namespace $NAMESPACE \
+  --values values.yaml
+
+# Wait for the deployment to be ready
+echo "Waiting for Jenkins to be ready..."
+kubectl wait --namespace $NAMESPACE \
+  --for=condition=ready pod \
+  --selector=app.kubernetes.io/component=jenkins-controller \
+  --timeout=300s
+
+echo "Jenkins has been deployed."
+echo "You can access it by port-forwarding the service:"
+echo "kubectl --namespace $NAMESPACE port-forward svc/$RELEASE_NAME 8080:8080"
+
+echo "To get the admin password, run:"
+echo "kubectl exec --namespace $NAMESPACE -it svc/$RELEASE_NAME -c jenkins -- /bin/cat /run/secrets/additional/chart-admin-password && echo"
diff --git a/examples/jenkins/jenkins-pvc.yaml b/examples/jenkins/jenkins-pvc.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: jenkins-pv
+spec:
+  capacity:
+    storage: 1Gi
+  volumeMode: Filesystem
+  accessModes:
+    - ReadWriteOnce
+  persistentVolumeReclaimPolicy: Retain
+  hostPath:
+    path: /var/jenkins_data
+    type: DirectoryOrCreate
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: jenkins-pvc
+  namespace: jenkins
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
diff --git a/examples/jenkins/values.yaml b/examples/jenkins/values.yaml
@@ -0,0 +1,51 @@
+controller:
+  jenkinsUrl: http://127.0.0.1:8080/
+  # Jenkins Configuration as Code (JCasC)
+  JCasC:
+    configScripts:
+      welcome-message: |
+        jenkins:
+          systemMessage: "Jenkins For TofuGu Toaster Demo"
+      pipeline-job: |
+        jobs:
+          - script: >
+              pipelineJob('tofugu-pipeline') {
+                definition {
+                  cpsScm {
+                    scm {
+                      git {
+                        remote {
+                          url('https://github.com/alt-dima/tofugu.git')
+                          credentials('')
+                        }
+                        branch('main')
+                      }
+                    }
+                    scriptPath('examples/jenkins/Jenkinsfile')
+                    lightweight()
+                  }
+                }
+              }
+  additionalPlugins:
+    - uno-choice:2.8.8
+    - job-dsl:1.93
+    - ansicolor:1.0.6
+  scriptApproval:
+    - "method java.net.HttpURLConnection setRequestMethod java.lang.String"
+    - "method java.net.URL openConnection"
+    - "method java.net.URLConnection getContent"
+    - "method java.net.URLConnection setRequestProperty java.lang.String java.lang.String"
+    - "staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods getText java.io.InputStream"
+  resources:
+    requests:
+      cpu: "50m"
+      memory: "256Mi"
+    limits:
+      cpu: "3"
+      memory: "2Gi"
+
+# Configure persistent storage using host path for development and testing
+persistence:
+  enabled: false
+  # You could use file jenkins-pvc.yaml to create a PV and PVC with hostPath and use pvc here:
+  # existingClaim: jenkins-pvc
