RedHatTraining/rht-labs-docs.git

Rob Harris

2018-04-23 01c4da7a2011689d41eaaf26fabd62b6fb5fc3d3

commit \| author \| age
5d0992	1	# The Manual Menace
7c832b	2	> In this lab learners will use Ansible to drive automated provisioning of Projects in Openshift, Git, Jenkins and Nexus.
c951f7	3
7c832b	4	![automation-xkcd](https://imgs.xkcd.com/comics/automation.png)
D	5
	6	## Exercise Intro
	7	In this exercise we will use automation tooling to create Project namespaces for our `CI/CD` tooling along with the `dev` and `test` namespaces for our deployments to live. We do this to manually using the OpenShift CLI; but as we go from cluster to cluster or project to project Dev and Ops teams often find themselves having to redo these tasks again and again. Configuring our cluster using code; we can easily store this in Git and repeat the process again and again. By minimising the time taken to do these repetitive tasks we can accelerate our ability to deliver value to our customers; working on the hard problems they face.
	8
	9	This exercise uses Ansible to drive the creation of the cluster content. In particular; we'll use a play book called the `OpenShift Applier`. Once the project namespace have been created; we will add some tools to support CI/CD such as Jenkins, Git and Nexus. These tools will be needed by later lessons to automate the build and deploy of our apps. Again; we will use OpenShift Templates and drive their creation in the cluster using Ansible. To prove things are working, finally we'll delete all our content and re-apply the inventory to re-create our clusters content.
5d0992	10
D	11	_____
c951f7	12
D	13	## Learning Outcomes
	14	As a learner you will be able to
5d0992	15
D	16	1. Run the OpenShift Applier to automate creating cluster content
	17	1. Create and admin project namespaces in OpenShift
	18	1. Deploy commonly used applications to support the development process
c951f7	19
D	20	## Tools and Frameworks
	21
5d0992	22	* [GitLab](https://about.gitlab.com/) - Community driven Git server now with integrated DevOps Toolchain.
D	23	* [Nexus](https://www.sonatype.com/nexus-repository-sonatype) - Repository manager for storing lots of application types. Can also host `npm` and `Docker` registries.
	24	* [Jenkins](https://jenkins.io/) - OpenSource Build automation server. Highly customisable with plugins.
	25	* [Ansible](https://www.ansible.com/) - IT Automation tool used to provision and manage state of cloud and physical infrastructure.
dba30b	26	* [OpenShift Applier](https://github.com/redhat-cop/openshift-applier) - used to apply OpenShift objects to an OpenShift Cluster.
A	27
	28
c951f7	29
5d0992	30	## Big Picture
D	31	This exercise begins with an empty Cluster
	32	> TODO - add big picture here...
	33
	34	_____
c951f7	35
D	36	## 10,000 Ft View
5d0992	37	> This lab is aimed at the creation of the tooling that will be used to support the rest of the Exercises. The highlevel goal is to create a collection of project namespaces and populate them with Git, Jenkins & Nexus.
D	38
	39	If you're feeling confident and don't want to follow the step-by-step guide these highlevel instructions should provide a challenge for you:
	40
3b1c96	41	2. Clone the repo `https://github.com/rht-labs/enablement-ci-cd` which contains the scaffold of the project.
3558ae	42
5d0992	43	2. Create `<your-name>-ci-cd`, `<your-name>-dev` and `<your-name>-test` project namespaces using the inventory and run them with the OpenShift Applier to populate the cluster
3558ae	44
D	45	2. Use the templates provided to create build and deployment configs in `<your-name>-ci-cd` for. Templates are on a branch called `exercise1/git-nexus` && `exercise1/jenkins`:
5d0992	46	* Nexus
D	47	* GitLab
3558ae	48	* Jenkins (using an s2i to pre-configure jenkins)
D	49
5d0992	50	2. Commit your `enablement-ci-cd` repository to the GitLab Instance you've created
3558ae	51
D	52	2. Burn it all down and re-apply your inventory proving config-as-code works.
c951f7	53
D	54	## Step by Step Instructions
bc2e43	55	> This is a structured guide with references to exact filenames and explanations.
c951f7	56
bc2e43	57	### Part 1 - Create OpenShift Projects
de8ebb	58	> _Using the OpenShift Applier, we will add new project namespaces to the cluster which will be used throughout the exercise._
D	59
e7c877	60	3. Clone the scaffold project to your local machine and pull all remote branches for use in later labs. Open the repo in your favourite editor.
bc2e43	61	```bash
e7c877	62	$ git clone https://github.com/rht-labs/enablement-ci-cd && cd enablement-ci-cd
RH	63	```
	64	Followed by;
	65	```
	66	$ for branch in `git branch -a \| grep remotes \| grep -v HEAD \| grep -v master`; do
	67	git branch --track ${branch#remotes/origin/} $branch
	68	done
c951f7	69	```
D	70
bc2e43	71	3. The project is laid out as follows
D	72	```
	73	.
	74	├── README.md
62db52	75	├── apply.yml
bc2e43	76	├── docker
62db52	77	│ └── jenkins-slave-npm
bc2e43	78	├── inventory
62db52	79	│ ├── host_vars
D	80	│ │ ├── ci-cd-tooling.yml
	81	│ │ └── projects-and-policies.yml
	82	│ └── hosts
bc2e43	83	├── jenkins-s2i
D	84	├── params
62db52	85	│ └── project-requests-ci-cd
bc2e43	86	├── requirements.yml
D	87	└── templates
62db52	88	└── project-requests.yml
bc2e43	89	```
D	90	* `docker` folder contains our jenkins-slave images that will be used by the builds.
	91	* `jenkins-s2i` contains the configuration and plugins we want to bring jenkins to life with
	92	* `params` houses the variables we will load the templates with
	93	* `templates` is a collection of OpenShift templates
62db52	94	* `inventory/host_vars/*.yml` is the collection of objects we want to insert into the cluster.
bc2e43	95	* `requirements.yml` is a manifest which contains the ansible modules needed to run the playbook
62db52	96	* `apply.yml` is a playbook that sets up some variables and runs the OpenShift Applier role.
bc2e43	97
62db52	98	3. Open the `apply.yml` file in the root of the project. Update the namespace variables by replacing the `<YOUR_NAME>` with your name or initials. For example; my name is Dónal so I've created:
D	99	```yaml
	100	vars:
	101	ci_cd_namespace: donal-ci-cd
	102	dev_namespace: donal-dev
	103	test_namespace: donal-test
	104	```
	105
	106	3. Open the `inventory/host_vars/projects-and-policies.yml` file; you should see some variables setup already to create the `<YOUR_NAME>-ci-cd` namespace. This object is passed to the OpenShift Applier to call the `templates/project-requests.yml` template with the `params/project-requests-ci-cd` parameters. We will add some additional content here but first let's explore the parameters and the template
	107
	108	3. Open the `params/project-requests-ci-cd` and replace the `<YOUR_NAME>` with your name to create the correstponding projects in the cluster.
ff1bd7	109	![new-item](../images/exercise1/ci-cd-project-namespace.png)
bc2e43	110
62db52	111	3. Let's add two more param files to pass to our template to be able to create a `dev` and `test` project.
D	112	* Create another two params files `params/project-requests-dev` & `params/project-requests-test`.
	113	* Add to `params/project-requests-dev` the following; substituting `<YOUR_NAME>` accordingly
	114	```
	115	NAMESPACE=<YOUR_NAME>-dev
	116	NAMESPACE_DISPLAY_NAME=<YOUR-NAME> Dev
	117	```
	118	* Add to `params/project-requests-test` the following; substituting `<YOUR_NAME>` accordingly
	119	```
	120	NAMESPACE=<YOUR_NAME>-test
	121	NAMESPACE_DISPLAY_NAME=<YOUR-NAME> Test
	122	```
bc2e43	123
62db52	124	3. In the `inventory/host_vars/projects-and-policies.yml` file; add the new objects for the projects you want to create (dev & test) by adding another object to the content array for each. You can copy and paste them from the `ci-cd` example and update them accordingly. If you do this; remember to change the params file! e.g.
bc2e43	125	```yaml
62db52	126	- name: "{{ dev_namespace }}"
D	127	template: "{{ playbook_dir }}/templates/project-requests.yml"
ff1bd7	128	template_action: create
62db52	129	params: "{{ playbook_dir }}/params/project-requests-dev"
ff1bd7	130	tags:
D	131	- projects
62db52	132	- name: "{{ test_namespace }}"
D	133	template: "{{ playbook_dir }}/templates/project-requests.yml"
ff1bd7	134	template_action: create
62db52	135	params: "{{ playbook_dir }}/params/project-requests-test"
ff1bd7	136	tags:
D	137	- projects
bc2e43	138	```
ff1bd7	139	![project-request-yaml](../images/exercise1/project-request-yml.png)
bc2e43	140
D	141	3. With the configuration in place; install the OpenShift Applier dependency
	142	```bash
	143	$ ansible-galaxy install -r requirements.yml --roles-path=roles
	144	```
	145
f79b6f	146	3. Apply the inventory by logging into OpenShift and running the following:
bc2e43	147	```bash
D	148	$ oc login -p <password> -u <user> <cluster_url>
62db52	149	$ ansible-playbook apply.yml -i inventory/ -e target=bootstrap
D	150	```
	151	where the `-e target=bootstrap` is passing an additional variable specifying that we run the `bootstrap` inventory
bc2e43	152
f79b6f	153	3. Once successful you should see an output similar to this: ![playbook-success](../images/exercise1/play-book-success.png)
bc2e43	154
D	155	### Part 2 - Nexus and GitLab
3f16e0	156	> _Now that we have our Projects setup; we can start to populate them with Apps to be used in our dev lifecycle_
bc2e43	157
b43054	158	#### Part 2a - Nexus
3558ae	159	4. In the `enablement-ci-cd` repo, checkout the templates for Nexus by running
3f16e0	160	```bash
3558ae	161	$ git checkout exercise1/git-nexus templates/nexus.yml
D	162	```
f79b6f	163	The template contains all the things needed to setup a persistent nexus server, exposing a service and route while also creating the persistent volume needed. Have a read through the template; at the bottom you'll see a collection of parameters we will pass to the template.
3558ae	164
D	165	4. Add some parameters for running the template by creating a new file in the `params` directory.
	166	```bash
	167	$ touch params/nexus
3f16e0	168	```
D	169
3558ae	170	4. The essential params to inclue in this file are: `params` directory.
D	171	```bash
	172	VOLUME_CAPACITY=5Gi
	173	MEMORY_LIMIT=2Gi
	174	```
	175
62db52	176	4. Create a new object in the inventory variables `inventory/host_vars/ci-cd-tooling.yml` called `ci-cd-deployments` and populate it's `content` is as follows
D	177
3558ae	178	```yaml
62db52	179	---
D	180	ansible_connection: local
	181	openshift_cluster_content:
	182	- object: ci-cd-tooling
	183	content:
ff1bd7	184	- name: "nexus"
62db52	185	namespace: "{{ ci_cd_namespace }}"
D	186	template: "{{ playbook_dir }}/templates/nexus.yml"
	187	params: "{{ playbook_dir }}/params/nexus"
ff1bd7	188	tags:
D	189	- nexus
3558ae	190	```
ff1bd7	191	![ci-cd-deployments-yml](../images/exercise1/ci-cd-deployments-yml.png)
3558ae	192
06fc7b	193	4. Run the OpenShift applier, specifying the tag `nexus` to speed up it's execution (`-e target=tools` is to run the other inventory).
3558ae	194	```bash
06fc7b	195	$ ansible-playbook apply.yml -e target=tools \
3558ae	196	-i inventory/ \
ff1bd7	197	-e "filter_tags=nexus"
3558ae	198	```
D	199
b47510	200	4. Once successful; login to the cluster through the browser (using cluster URL) and navigate to the `<YOUR_NAME>-ci-cd`. You should see Nexus up and running. You can login with default credentials (admin / admin123) ![nexus-up-and-running](../images/exercise1/nexus-up-and-running.png)
3558ae	201
b43054	202	#### Part 2b - GitLab
D	203	<p class="tip">
	204	NOTE - This section may already have been completed for you, please check with your tutor. If this is the case, skip to section 6 to add your code to GitLab.
	205	</p>
	206
f79b6f	207	4. Now let's do the same thing for GitLab to get it up and running. Checkout the template and params provided by running
3558ae	208	```bash
aa106a	209	$ git checkout exercise1/git-nexus templates/gitlab.yml params/gitlab
3558ae	210	```
D	211	Explore the template; it contains the PVC, buildConfig and services. The DeploymentConfig is made up of these apps
	212	- Redis (3.2.3)
	213	- PostgreSQL (9.4)
	214	- GitLab CE (v10.2.3)
	215
b47510	216	4. Open the `params/gitlab` file and complete the following params
RH	217	<p class="tip">
	218	Note - The values here for the LDAP and BIND credentials will be provided by your tutor.
	219	</p>
3558ae	220	```
D	221	LDAP_BIND_DN=uid=<BIND_USER>,ou=People,dc=<YOUR_DOMAIN>,dc=com
	222	LDAP_USER_FILTER=(memberof=CN=YourGroup,OU=Users,DC=<YOUR_DOMAIN>,DC=com)
	223	LDAP_PASSWORD=<BIND_USER_PASSWORD>
	224	LDAP_HOST=<LDAP_HOST>
	225	LDAP_BASE=ou=People,dc=<YOUR_DOMAIN>,dc=com
	226	LDAP_LABEL="<LDAP_DESCRIPTION>"
	227	GITLAB_ROOT_PASSWORD=<GITLAB_ROOT_USER_PASSWORD>
	228	GITLAB_DATA_VOL_SIZE=2Gi
	229	POSTGRESQL_VOL_SIZE=1Gi
	230	APPLICATION_HOSTNAME=<GITLAB_URL>
c41b51	231	NAMESPACE=<YOUR_NAME>-ci-cd
3558ae	232	```
D	233	where the following need to be replaced by actual values:
	234	* `<BIND_USER>` is the user used to query the LDAP
	235	* `<BIND_USER_PASSWORD>` is the password used when querying the LDAP
	236	* `<YOUR_DOMAIN>` is the domain the LDAP is hosted on
	237	* `<LDAP_HOST>` is fqdn of the LDAP server
	238	* `<LDAP_DESCRIPTION>` is the description to be used on the sign-in header for GitLab eg "Name LDAP Login"
	239	* `<GITLAB_ROOT_USER_PASSWORD>` is the root user for GOD access on the GitLab instance eg password123
	240	* `<GITLAB_URL>` is the endpoint for gitlab. It will take the form `gitlab-<YOUR_NAME>-ci-cd.apps.<ENV_ID>.<YOUR_DOMAIN>.com`
	241
62db52	242	4. Create another object in the inventory `inventory/host_vars/ci-cd-tooling.yml` file to run the build & deploy of this template. Add the following and update the `namespace:` accordingly
3558ae	243	```yaml
ff1bd7	244	- name: "gitlab"
62db52	245	namespace: "{{ ci_cd_namespace }}"
D	246	template: "{{ playbook_dir }}/templates/gitlab.yml"
	247	params: "{{ playbook_dir }}/params/gitlab"
ff1bd7	248	tags:
D	249	- gitlab
3558ae	250	```
D	251
	252	4. Run the OpenShift applier, specifying the tag `gitlab` to speed up it's execution.
	253	```bash
06fc7b	254	$ ansible-playbook apply.yml -e target=tools \
3558ae	255	-i inventory/ \
ff1bd7	256	-e "filter_tags=gitlab"
3558ae	257	```
D	258
ff1bd7	259	4. Once successful; login to the cluster and navigate to the `<YOUR_NAME>-ci-cd`. You should see GitLab up and running. ![gitlab-up-and-running](../images/exercise1/gitlab-up-and-running.png)
c41b51	260
aa106a	261	4. Navigate to gitlab. You can login using your cluster credentials using the LDAP tab displaying your `<LDAP_DESCRIPTION>` from previous steps
ff1bd7	262	![gitlab-ui](../images/exercise1/gitlab-ui.png)
c41b51	263
de8ebb	264	4. Once logged in create a new project called `enablement-ci-cd` and mark it as internal. Once created; copy out the `git remote add origin ...` instructions for use on the next step.
ff1bd7	265	![gitlab-new-project](../images/exercise1/gitlab-new-project.png)
D	266	<p class="tip">
de8ebb	267	Note - we would not normally make the project under your name but create an group and add the project there on residency but for simplicity of the exercise we'll do that here
ff1bd7	268	</p>
D	269
	270	4. Commit your local project to this new origin by first removing the existing origin (github) where the the project was cloned from. Remember to substitute `<YOUR_NEW_GIT_PROJECT>` accordingly
	271	```bash
06e3b4	272	$ git remote set-url origin <YOUR_NEW_GIT_PROJECT>
ff1bd7	273	$ git add .
D	274	$ git commit -m "Adding git and nexus config"
	275	$ git push -u origin --all
	276	```
06e3b4	277	Note - When making changes to enablement-ci-cd you should frequently commit the changes to git.
bc2e43	278
D	279	### Part 3 - Jenkins & s2i
de8ebb	280	> _Create a build and deployment config for Jenkins. Add new configuration and plugins to the OCP Stock Jenkins using s2i_
bc2e43	281
ff1bd7	282	5. Add the Jenkins Build & Deployment configs to the `enablement-ci-cd` repo by merging the contents `exercise1/jenkins` in
D	283	```bash
	284	$ git checkout exercise1/jenkins templates/jenkins.yml
	285	```
	286	The Jenkins template is essentially the standard persistent jenkins one with OpenShift.
	287
	288	5. As before; create a new set of params by creating a `params/jenkins` file and adding some overrides to the template and updating the `NAMESPACE` value.
	289	```bash
	290	MEMORY_LIMIT=8Gi
f54f70	291	VOLUME_CAPACITY=10Gi
ff1bd7	292	JVM_ARCH=x86_64
D	293	NAMESPACE=<YOUR_NAME>-ci-cd
	294	JENKINS_OPTS=--sessionTimeout=720
	295	```
62db52	296
D	297	5. Add a `jenkins` variable to the ansible inventory underneath the git (if you have it) and nexus ones.
ff1bd7	298	```yaml
D	299	- name: "jenkins"
62db52	300	namespace: "{{ ci_cd_namespace }}"
D	301	template: "{{ playbook_dir }}/templates/jenkins.yml"
	302	params: "{{ playbook_dir }}/params/jenkins"
ff1bd7	303	tags:
D	304	- jenkins
	305	```
f79b6f	306	This configuration, if applied now, will create the deployment configuration needed for Jenkins but the `${NAMESPACE}:${JENKINS_IMAGE_STREAM_TAG}` in the template won't exist yet.
ff1bd7	307
D	308	5. To create this image we will take the supported OpenShift Jenkins Image and bake into it some extra configuration using an [s2i](https://github.com/openshift/source-to-image) builder image. More information on Jenkins s2i is found on the [openshift/jenkins](https://github.com/openshift/jenkins#installing-using-s2i-build) github page. To create an s2i configuration for jenkins, check out the pre-canned configuration source in the `enablement-ci-cd` repo
	309	```bash
	310	$ git checkout exercise1/jenkins-s2i jenkins-s2i
	311	```
	312	The structure of the jenkins s2i config is
	313	```
	314	jenkins-s2i
	315	├── README.md
	316	├── configuration
	317	│ ├── build-failure-analyzer.xml
	318	│ ├── init.groovy
	319	│ ├── jenkins.plugins.slack.SlackNotifier.xml
	320	│ └── jobs
	321	│ └── seed-multibranch-job
	322	│ └── config.xml
	323	└── plugins.txt
	324	```
	325	* `plugins.txt` is a list of `pluginId:version` for Jenkins to pre-install when starting
	326	* `./configuration` contains content that is placed in `${JENKINS_HOME}`. A `config.xml` could be placed in here to control the bulk of Jenkins configuration.
	327	* `./configuration/jobs/*` contains job names and xml config that jenkins loads when starting. The seed job in there we will return to in later lessons.
de8ebb	328	* `build-failure-analyzer.xml` is config for the plugin to read the logs and look for key items based on a Regex. More on this in later lessons.
ff1bd7	329	* `init.groovy` contains a collection of settings jenkins configures itself with when launching
D	330
	331	5. Let's add a plugin for Jenkins to be started with, [green-balls](https://plugins.jenkins.io/greenballs). This simply changes the default `SUCCESS` status of Jenkins from Blue to Green. Append the `plugins.txt` file with
	332	```txt
	333	greenballs:1.15
	334	```
	335	![green-balls.png](../images/exercise1/green-balls.png)
	336	Why does Jenkins have Blue Balls? More can be found [on reddit](https://www.reddit.com/r/programming/comments/4lu6q8/why_does_jenkins_have_blue_balls/) or the [jenkins blog](https://jenkins.io/blog/2012/03/13/why-does-jenkins-have-blue-balls/)
	337
06e3b4	338	5. Before building and deploying the Jenkins s2i; add git credentials to it. These will be used by Jenkins to access the Git Repositories where our apps will be stored. We want Jenkins to be able to push tags to it so write access is required. There are a few ways we can do this; either adding them to the `template/jenkins.yml` as environment Variables and then including them in the `params/jenkins` file. We could also create a token in GitLab and use it as the source secret in the jenkins template.
RH	339	But for simplicity just replace the `<USERNAME>` && `<PASSWORD>` in the `jenkins-s2i/configuration/init.groovy` with your ldap credentials as seen below. This init file gets run when Jenkins launches and will setup the credentials for use in our Jobs in the next exercises
ff1bd7	340	<p class="tip">
de8ebb	341	Note in a residency we would not use your GitCredentials for pushing and pulling from Git, A service user would be created for this.
ff1bd7	342	</p>
D	343	```groovy
	344	gitUsername = System.getenv("GIT_USERNAME") ?: "<USERNAME>"
	345	gitPassword = System.getenv("GIT_PASSWORD") ?: "<PASSWORD>"
	346	```
	347
de8ebb	348	5. Open the `params/jenkins-s2i` file and add the following content; replacing variables as appropriate.
ff1bd7	349	```
D	350	SOURCE_REPOSITORY_URL=<YOUR_ENABLEMENT_REPO>
	351	NAME=jenkins
	352	SOURCE_REPOSITORY_CONTEXT_DIR=jenkins-s2i
	353	IMAGE_STREAM_NAMESPACE=<YOUR_NAME>-ci-cd
06e3b4	354	SOURCE_REPOSITORY_USERNAME=<BASE64_YOUR_LDAP_USERNAME>
RH	355	SOURCE_REPOSITORY_PASSWORD=<BASE64_YOUR_LDAP_PASSWORD>
ff1bd7	356	```
D	357	where
de8ebb	358	* `<YOUR_ENABLEMENT_REPO>` is the full path clone path of the repo where this project is stored (including the https && .git)
D	359	* `<YOUR_NAME>` is the prefix for your `-ci-cd` project.
	360	* Explore some of the other parameters in `templates/jenkins-s2i.yml`
06e3b4	361	* `<BASE64_YOUR_LDAP_USERNAME>` is the base64encoded username builder pod will use to login and clone the repo with
RH	362	* `<BASE64_YOUR_LDAP_PASSWORD>` is the base64encoded password the builder pod will use to authenticate and clone the repo using
f79b6f	363	You can use `echo -n '<YOUR_LDAP_PASSWORD>' \| openssl base64` to encode your username and password accordingly. For example 'password' base64 encoded will look like `cGFzc3dvcmQ=`.
de8ebb	364	<p class="tip">
D	365	Note in a residency we would not use your GitCredentials for pushing and pulling from Git, A service user would be created for this.
	366	</p>
ff1bd7	367
62db52	368	5. Create a new object `ci-cd-builds` in the ansible `inventory/host_vars/ci-cd-tooling.yml` to drive the s2i build configuration.
ff1bd7	369	```yaml
D	370	- object: ci-cd-builds
	371	content:
	372	- name: "jenkins-s2i"
62db52	373	namespace: "{{ ci_cd_namespace }}"
D	374	template: "{{ playbook_dir }}/templates/jenkins-s2i.yml"
	375	params: "{{ playbook_dir }}/params/jenkins-s2i"
ff1bd7	376	tags:
D	377	- jenkins
	378	```
	379
	380	5. Commit your code to your GitLab instance
	381	```bash
de8ebb	382	$ git add .
ff1bd7	383	$ git commit -m "Adding Jenkins and Jenkins s2i"
D	384	$ git push
	385	```
	386
	387	5. When your code is commited; run the OpenShift Applier to add the config to the cluster
	388	```bash
06fc7b	389	$ ansible-playbook apply.yml -e target=tools \
ff1bd7	390	-i inventory/ \
D	391	-e "filter_tags=jenkins"
	392	```
	393
de8ebb	394	5. This will trigger a build of the s2i and when it's complete it will add an imagestream of `<YOUR_NAME>-ci-cd/jenkins:latest` to the project. The Deployment config should kick in and deploy the image once it arrives. You can follow the build of the s2i by going to the OpenShift console's project
D	395	![jenkins-s2i-log](../images/exercise1/jenkins-s2i-log.png)
bc2e43	396
de8ebb	397	5. When the Jenkins deployment has completed; login (using your openshift credentials) and accept the role permissions. You should now see a fairly empty Jenkins with just the seed job
3558ae	398
de8ebb	399	### Part 4 - Jenkins Hello World
D	400	> _To test things are working end-to-end; create a hello world job that doesn't do much but proves we can pull code from git and that our balls are green._
	401
	402	6. Log in to Jenkins and hit `New Item` ![new-item](../images/exercise1/new-item.png).
	403
e90e9c	404	6. Create a freestyle job called `hello-world` ![jenkins-new-hello-world](../images/exercise1/jenkins-new-hello-world.png).
de8ebb	405
f79b6f	406	6. On the Source Code Management tab; add your `enablement-ci-cd` git repo and hit the dropdown to add your credentials we baked into the s2i on previous steps ![jenkins-scm-git](../images/exercise1/jenkins-scm-git.png)
de8ebb	407
D	408	6. On the build tab add an Execute Shell step and fill it with `echo "Hello World"` ![jenkins-hello-world](../images/exercise1/jenkins-hello-world.png).
	409
	410	6. Run the build and we should see if pass succesfully and with Green Balls! ![jenkins-green-balls](../images/exercise1/jenkins-green-balls.png)
	411
	412	### Part 5 - Live, Die, Repeat
7c832b	413	> _In this section you will proove the infra as code is working by deleting your Cluster Content and recreating it all_
de8ebb	414
D	415	7. Commit your code to the new repo in GitLab
7c832b	416	```bash
D	417	$ git add .
	418	$ git commit -m "ADD - all ci/cd contents"
	419	$ git push
	420	```
de8ebb	421
D	422	7. Burn your OCP content to the ground
7c832b	423	```bash
D	424	$ oc delete project <YOUR_NAME>-ci-cd
	425	$ oc delete project <YOUR_NAME>-dev
	426	$ oc delete project <YOUR_NAME>-test
	427	```
de8ebb	428
7c832b	429	7. Re-apply the inventory to re-create it all!
D	430	```bash
	431	$ oc login -p <password> -u <user> <cluster_url>
	432	$ ansible-playbook apply.yml -i inventory/ -e target=bootstrap
	433	$ ansible-playbook apply.yml -i inventory/ -e target=tools
	434	```
c951f7	435
5d0992	436	_____
D	437
c951f7	438	## Extension Tasks
de8ebb	439	> _Ideas for go-getters. Advanced topic for doers to get on with if they finish early. These will usually not have a solution and are provided for additional scope._
c951f7	440
3558ae	441	- Add more secure access for Nexus (ie not admin / admin123) using the automation to drive secret creation
ff1bd7	442	- Add a SonarQube persistent deployment to the `ci-cd-deployments` section.
D	443	- Add `jenkins.plugins.slack.SlackNotifier.xml` to `jenkins-s2i/configuration` to include URL of Slack for team build notifications and rebuild Jenkins S2I
c951f7	444
5d0992	445	_____
D	446
c951f7	447	## Additional Reading
7c832b	448	> List of links or other reading that might be of use / reference for the exercise
01c4da	449
RH	450	## Slide links
	451
	452	- [Intro](https://docs.google.com/presentation/d/1LsfAkH8GfIhulEoy_yd-usWBfDHnZEyQdNvYeTmAg4A/)
	453	- [Wrap-up](https://docs.google.com/presentation/d/1cfyJ6SHddZNbM61oz67r870rLYVKY335zGclXN2uLMY/)
	454	- [All Material](https://drive.google.com/drive/folders/13Bt4BXf9P2OB8VI4YQNcNONF1786dqOx)