I want to pass in --isolation hyperv to the az acr build, but I can't find an equivalent in the docs. Is there a way to do this?
You cannot pass in the isolation parameter to az acr build.
If you create a Azure DevOps build agent, you could create your docker image using whatever parameters you want, then push it to the container registry. Make sure to select a v3 VM type if you wish to use Hyper-V isolation.
Related
We are using OpenShift. I have a confusion between buildconfig file vs jenkinsfile. Do we need both of them or one is sufficient. I have seen examples where in jenkinsfile docker build is defined using buildconfig file. In some cases buildconfig file is using jenkinsfile as the build strategy. Can some one please clarify on this
BuildConfig is the base type for all builds, there are different build strategies that can be used in a build config, by running oc explain buildconfig.spec.strategy you can see them all. If you want to do a docker build you use the dockerStrategy, if you want to build from source code using source2image you specify the sourceStrategy.
Sometimes you have more complex needs than simply running a build with an output image, let's say you want to run the build, wait for that image to be deployed to some environment and then run some automated GUI tests. In this case you need a pipeline. If you want to trigger and configure this pipeline from the OpenShift Web Console you would use the jenkinsPipelineStrategy in your BuildConfig. In the OpenShift 3.x web console such BuildConfigs are presented as Pipelines and not Builds even though they are all really BuildConfigs.
Any BuildConfig with the jenkinsPipelineStrategy will be executed by the Jenkins Build Server running inside the project. That Jenkins instance could also have other pipelines that are not mapped or visible in the OpenShift Web Console, there does not need to be a BuildConfig for every Jenkinsfile if you don't see the benefit of them appearing in the OpenShift Web Console.
The difference of running builds inside a Jenkinsfile and a BuildConfig with some non-jenkinsfile-strategy is that the build is actually executed inside the jenkins build agent rather than a normal OpenShift build pod.
At our company we utilize a combination of jenkinsFile pipelines and BuildConfigs with the sourceStrategy. Instead of running builds in our Jenkinsfile pipelines directly inside the Jenkins build agent we let the pipeline call the OpenShift API and tell it to execute the BuildConfig with sourceStrategy. So basically we still use s2i for building the images but the Jenkinsfile as our CI/CD pipeline engine. You can find some examples of this at https://github.com/openshift/jenkins-client-plugin.
I have docker image pushed to artifactory docker registry, JFrog XRay is up and running.
I understand that to use XRay, it requires some build info passed to it (like buildName, buildNumber), which artifactory docker registry doesn't contain.
According to https://www.jfrog.com/confluence/display/JFROG/Scripted+Pipeline+Syntax#ScriptedPipelineSyntax-DockerBuildswithArtifactory I must have access to docker daemon (on jenkins agent itself or some other container). As far as I know running docker requires privileged access which is unsafe as it could compromise cluster security.
Is there any way to push docker build to XRay without docker daemon?
To scan a Docker with Xray you don't have to add the build-info.
It is enough to define a Watch on the relevant Docker repository with the needed policies.
If you want to scan a Docker build as part of the build process, I suggest that you will contact JFrog Support and they will assist you with any relevant question.
Thanks,
Ofir - trying to help with Xray :-)
Currently learning about CI CD for an upcoming project. Currently our project is being hosted on bitbucket and thus can't use Travis CI. Was thinking of using Circle CI in this case. Searched through the internet for examples of how to configure circle CI to deploy to openshift. Does anyone have experience with this?
In this case you do not want to use automatic webhook based build triggering in Openshift based on accepted pull requests in GitHub, but just simply trigger a build by CircleCI via e.g. the Openshift (oc start-build <buildconfig_name> --follow) CLI tool.
I want to use Devops pipeline for building and deploying Castiron orchestrations in Castiron containers. How can i create the Castiron container through devops pipeline.
Do I need to upload the cast iron docker image into GIT repository and configure the build and deploy stage.
Yes, You need to first upload cast iron docker image.
Steps in this link might help
Generally when working with containers, you should be considering the output of any container build as an immutable artefact. And as such an additional stage in your pipeline could be to publish the container to a repository or an artefact repository.
The artefact (container) is then available in subsequent stages within your pipeline. i.e. The container can be pulled down and deployed in a Deploy Stage.
In terms of pushing your container into GIT, you can do that directory within a script or with the Bluemix DevOps Service GUI.
Documentation on how you can achieve with just Bluemix DevOps Sevice:
IBM Developerworks:
https://www.ibm.com/developerworks/library/d-bluemix-devops-pipeline-trs/index.html
I would however recommend looking into an actual artefact repository (such as Artifactory). Register a custom service using the CF (Cloud Foundry) CLI to your Bluemix account, then utilize that service when you are required to store/retrieve a container(s).
I am using Azure cli. I have created app by using azure cli command. azure site create $SITENAME --location $LOCATION --hostname $HOSTNAME -s $SUBSCRIPTIONID.
Now i want to connect it with my git account using Azure CLI.
If you use the new CLI 2.0 (https://github.com/Azure/azure-cli) you should be able to use the following command:
az appservice web source-control config-local-git -g {group} -n {webapp name}
git remote add azure https://<deploy_user_name>#MyApp.scm.azurewebsites.net/MyApp.git
If this doesn't work for your scenario, please post a feature request to our repo.
If you wish to customize continious deployment, I'm afraid there is no way to use Azure CLI in this case now.
Please use Azure web-portal to do it - details are here
You can also use Visual Studio Team Services and have the compile website, and then execute your ARM template, through release management to update environment.