Table of Contents

• Concourse Pipeline (Cloud Foundry)
  • Step-by-step
• Concourse Pipeline (Kubernetes)
  • Step-by-step
  • Concourse in K8S (Kubernetes)

Concourse Pipeline (Cloud Foundry)

Important

In this chapter, we assume that you deploy your application to Cloud Foundry PaaS.

The Spring Cloud Pipelines repository contains opinionated Concourse pipeline definitions. Those jobs form an empty pipeline and an opinionated sample pipeline one that you can use in your company.

There following projects take part in the microservice setup for this demo.

• Github Analytics: The app that has a REST endpoint and uses messaging — part of our business application.

• Github Webhook: Project that emits messages that are used by Github Analytics — part of our business application.

• Eureka: Simple Eureka Server. This is an infrastructure application.

• Github Analytics Stub Runner Boot: Stub Runner Boot server to be used for tests with Github Analytics and uses Eureka and Messaging. This is an infrastructure application.

Step-by-step

If you want only to run the demo as far as possible by using PCF Dev and Docker Compose, do the following:

1. Fork repos

2. Start Concourse and Artifactory

3. Deploy infra to Artifactory

4. Start PCF Dev (if you don’t want to use an existing one)

5. Setup the fly CLI

6. Setup your credentials.yml

7. Build the Pipeline

8. Run the github-webhook Pipeline

Fork Repositories

Four applications compose the pipeline

• Github Webhook

• Github Analytics

• Github Eureka

• Github Stub Runner Boot

You need to fork only the following repositories, because only then can you tag and push the tag to the repository:

• Github Webhook

• Github Analytics

Start Concourse and Artifactory

You can run Concourse + Artifactory locally. To do so, run the start.sh script from this repository. The following listing shows the script:

git clone https://github.com/spring-cloud/spring-cloud-pipelines
cd spring-cloud-pipelines/concourse
./setup_docker_compose.sh
./start.sh 192.168.99.100

The setup_docker_compose.sh script should be run only once, to allow generation of keys.

The 192.168.99.100 param is an example of an external URL of Concourse (equal to the Docker-Machine IP in this example).

Then Concourse runs on port 8080, and Artifactory runs on 8081.

Deploy the infra JARs to Artifactory

When Artifactory is running, run the tools/deploy-infra.sh script from this repo. The following listing shows the script:

git clone https://github.com/spring-cloud/spring-cloud-pipelines
cd spring-cloud-pipelines/
./tools/deploy-infra.sh

As a result, both eureka and stub runner repos are cloned, built, and uploaded to Artifactory.

Start PCF Dev

Tip	You can skip this step if you have CF installed and do not want to use PCF Dev. The only thing you have to do is to set up spaces.

Warning

Servers often run run out of resources at the stage step. If that happens, clear some apps from PCF Dev and continue.

You have to download and start PCF Dev, as described here.

The default credentials for PCF Dev are as follows:

username: user
password: pass
email: user
org: pcfdev-org
space: pcfdev-space
api: api.local.pcfdev.io

You can start the PCF Dev as follows:

cf dev start

You must create three separate spaces, as follows:

cf login -a https://api.local.pcfdev.io --skip-ssl-validation -u admin -p admin -o pcfdev-org

cf create-space pcfdev-test
cf set-space-role user pcfdev-org pcfdev-test SpaceDeveloper
cf create-space pcfdev-stage
cf set-space-role user pcfdev-org pcfdev-stage SpaceDeveloper
cf create-space pcfdev-prod
cf set-space-role user pcfdev-org pcfdev-prod SpaceDeveloper

You can also run the ./tools/cf-helper.sh setup-spaces script to create the spaces.

Setup the fly CLI

If you go to the Concourse website, you should see something resembling the following image:

You can click one of the icons (depending on your OS) to download fly, which is the Concourse CLI. Once you download that (and maybe, depending on your OS, add it to your PATH) you can run the following command:

fly --version

If fly is properly installed, it should print out the version.

Set up Your credentials.yml File

The repository comes with credentials-sample-cf.yml, which is set up with sample data (mostly credentials) that are applicable for PCF Dev. Copy this file to a new file called credentials.yml (the file is added to .gitignore so that you cannot push it with your passwords) and edit it as you wish. For our demo, set up the following:

• app-url: URL pointing to your forked github-webhook repository.

• github-private-key: Your private key to clone and tag GitHub repositorys.

• repo-with-binaries: The IP is set to the defaults for Docker Machine. You should update it to point to your setup.

If you do not have a Docker Machine, run th ./whats_my_ip.sh script to get an external IP that you can pass to your repo-with-binaries, instead of the default Docker Machine IP.

The following table describes the environment variables required by the scripts:

Property Name	Property Description	Default value
PAAS_TEST_API_URL	The URL to the CF Api for TEST env	api.local.pcfdev.io
PAAS_STAGE_API_URL	The URL to the CF Api for STAGE env	api.local.pcfdev.io
PAAS_PROD_API_URL	The URL to the CF Api for PROD env	api.local.pcfdev.io
PAAS_TEST_ORG	Name of the org for the test env	pcfdev-org
PAAS_TEST_SPACE_PREFIX	Prefix of the name of the CF space for the test env to which the app name will be appended	sc-pipelines-test
PAAS_STAGE_ORG	Name of the org for the stage env	pcfdev-org
PAAS_STAGE_SPACE	Name of the space for the stage env	sc-pipelines-stage
PAAS_PROD_ORG	Name of the org for the prod env	pcfdev-org
PAAS_PROD_SPACE	Name of the space for the prod env	sc-pipelines-prod
REPO_WITH_BINARIES_FOR_UPLOAD	URL to repo with the deployed jars	http://192.168.99.100:8081/artifactory/libs-release-local
M2_SETTINGS_REPO_ID	The id of server from Maven settings.xml	artifactory-local
PAAS_HOSTNAME_UUID	Additional suffix for the route. In a shared environment the default routes can be already taken
BUILD_OPTIONS	Additional options you would like to pass to the Maven / Gradle build

The right column shows the default values for PCF Dev that we set in the credentials-sample-cf.yml. PAAS_HOSTNAME_UUID and BUILD_OPTIONS have no default values.

Build the Pipeline

Log in (for example, for a Concourse instance running at 192.168.99.100 — if you do not provide any value, localhost is assumed). If you run the login script, it assumes that either fly is on your PATH or it is in the same folder as the script. The following example shows how to specify an IP address for the login script:

./login.sh 192.168.99.100

Next, run the command to create the pipeline, as follows:

./set_pipeline.sh

Then you can create a github-webhook pipeline under the docker alias, using the provided credentials.yml file. You can override these values in exactly that order (for example ./set-pipeline.sh some-project another-target some-other-credentials.yml)

Run the github-webhook Pipeline

The following images show the various steps involved in running the github-webhook pipeline:

   

Step 1: Click Login

   

Step 2: Pick main team

   

Step 3: Log in with concourse user and changeme password

   

Step 4: Your screen should look more or less like this

   

Step 5: Unpause the pipeline by clicking in the top lefr corner and then clicking the play button

   

Step 6: Click 'generate-version'

   

Step 7: Click + sign to start a new build

   

Step 8: The job is pending

   

Step 9: Job is pending in the main screen

   

Step 10: Job is running in the main screen

Concourse Pipeline (Kubernetes)

Important

In this chapter, we assume that you deploy your application to Kubernetes PaaS

The Spring Cloud Pipelines repository contains opinionated Concourse pipeline definitions. Those jobs form an empty pipeline and an opinionated sample pipeline that you can use in your company.

The following projects take part in the microservice setup for this demo:

• Github Analytics: The application that has a REST endpoint and uses messaging — part of our business application.

• Github Webhook: Project that emits messages that are used by Github Analytics — part of our business application.

• Eureka: Simple Eureka Server. This is an infrastructure application.

• Github Analytics Stub Runner Boot: Stub Runner Boot server to be used for tests with Github Analytics and uses Eureka and Messaging. This is an infrastructure application.

Step-by-step

If you want only to run the demo as far as possible by using PCF Dev and Docker Compose, do the following:

1. Fork repos

2. Start Concourse and Artifactory

3. Setup the fly CLI

4. Setup your credentials.yml

5. Setup the pipeline

6. Run the github-webhook pipeline

Fork Repositories

Four applications compose the pipeline:

• Github Webhook

• Github Analytics

• Github Eureka

• Github Stub Runner Boot

You need to fork only the following repositories, because only then can you tag and push the tag to the repository:

• Github Webhook

• Github Analytics

Concourse in K8S (Kubernetes)

The simplest way to deploy Concourse to K8S is to use Helm. Once you have Helm installed and your kubectl is pointing to the cluster, run the following command to install the Concourse cluster in your K8S cluster:

$ helm install stable/concourse --name concourse

Once the script is done, you should see the following output

1. Concourse can be accessed:

  * Within your cluster, at the following DNS name at port 8080:

    concourse-web.default.svc.cluster.local

  * From outside the cluster, run these commands in the same shell:

    export POD_NAME=$(kubectl get pods --namespace default -l "app=concourse-web" -o jsonpath="{.items[0].metadata.name}")
    echo "Visit http://127.0.0.1:8080 to use Concourse"
    kubectl port-forward --namespace default $POD_NAME 8080:8080

2. Login with the following credentials

  Username: concourse
  Password: concourse

Follow the steps and log in to Concourse under http://127.0.0.1:8080.

Deploying Artifactory to K8S

You can use Helm also to deploy Artifactory to K8S, as follows:

$ helm install --name artifactory --set artifactory.image.repository=docker.bintray.io/jfrog/artifactory-oss stable/artifactory

After you run this command, you should see the following output:

NOTES:
Congratulations. You have just deployed JFrog Artifactory Pro!

1. Get the Artifactory URL by running these commands:

   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
         You can watch the status of the service by running 'kubectl get svc -w nginx'
   export SERVICE_IP=$(kubectl get svc --namespace default nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
   echo http://$SERVICE_IP/

2. Open Artifactory in your browser
   Default credential for Artifactory:
   user: admin
   password: password

Next, you need to set up the repositories.

First, access the Artifactory URL and log in with a user name of admin and a password of password.

Figure 1. Click on Quick Setup

Then, click on Maven setup and click Create.

Figure 2. Create the Maven Repository

Setup the fly CLI

If you go to the Concourse website you should see something resembling the following:

You can click one of the icons (depending on your OS) to download fly, which is the Concourse CLI. Once you download that (and maybe added it to your PATH, depending on your OS) you can run the following command:

fly --version

If fly is properly installed, it should print out the version.

Setup your credentials.yml

We made a sample credentials file called credentials-sample-k8s.yml prepared for k8s. You can use it as a base for your credentials.yml.

To allow the Concourse worker’s spawned container to connect to the Kubernetes cluster, you must pass the CA contents and the auth token.

To get the contents of CA for GCE, run the following command:

$ kubectl get secret $(kubectl get secret | grep default-token | awk '{print $1}') -o jsonpath='{.data.ca\.crt}' | base64 --decode

To get the auth token, run the following command:

$ kubectl get secret $(kubectl get secret | grep default-token | awk '{print $1}') -o jsonpath='{.data.token}' | base64 --decode

Set that value under paas-test-client-token, paas-stage-client-token, and paas-prod-client-token

Build the pipeline

After running Concourse, you should get the following output in your terminal:

$ export POD_NAME=$(kubectl get pods --namespace default -l "app=concourse-web" -o jsonpath="{.items[0].metadata.name}")
$ echo "Visit http://127.0.0.1:8080 to use Concourse"
$ kubectl port-forward --namespace default $POD_NAME 8080:8080
Visit http://127.0.0.1:8080 to use Concourse

Log in (for example, for Concourse running at 127.0.0.1 — if you do not provide any value, localhost is assumed). If you run this script, it assumes that either fly is on your PATH or that it is in the same folder as the script:

$ fly -t k8s login -c http://localhost:8080 -u concourse -p concourse

Next, run the following command to create the pipeline:

$ ./set_pipeline.sh github-webhook k8s credentials-k8s.yml

Run the github-webhook Pipeline

The following images show the various steps involved in runnig the github-webhook pipeline:

   

Step 1: Click Login

   

Step 2: Pick main team

   

Step 3: Log in with concourse user and concourse password

   

Step 4: Your screen should look more or less like this

   

Step 5: Unpause the pipeline by clicking in the top lefr corner and then clicking the play button

   

Step 6: Click 'generate-version'

   

Step 7: Click + sign to start a new build

   

Step 8: The job is pending

   

Step 9: Job is pending in the main screen

   

Step 10: Job is running in the main screen