Looking for a classical non-hosted CI platform that works and is not Jenkins

TL;DR - Jenkins good, Jenkinsfiles bad, need a better tool to handle builds

We have 5 apps. Each has its own code repo (Java EE), web repo (Angular) and integration test repo (Python) plus few additional repos in 2 apps (docbuilds, database migrations and such). Everything is in Linux.

We have had Jenkins since like forever - this is about 10-20+ jobs per app (Maven+freestyle), linked together via downstream job relationship, bash scripts (one per job) handle environment setup, orchestration and report generation. There is no big dependency hell, but there are some usual deps (like deploy only when all test pass, etc). There are periodical builds, SCM polling and manual starts.

Not only this does everything from initial "build code with Maven" job up to the very last "deploy to staging" job, I still have flexibility to either restart the single build or just test few odd jobs. All in all this worked just fine for years.

Now what happened is that with Jenkins 2.277 the MultipleSCMs plugin that handles our checkouts got deprecated and stopped working... I managed to fix it locally based on one unmerged PR it had (and in time this was fixed in Jenkins as well). But given that this might happen again, I've tried to migrate one app to Jenkinsfiles since this is a way Jenkins development go to. This brought in more problems than it solved. :-/

Pipeline visualization is out of the window, not even Blue Ocean helps (and this has its own issues). There are weird problems when jobs are aborted/timeouted, and the more I play with this thing, the more angry I am. :-) I've tried "one Jenkinsfile per job" and also "everything in one Jenkinsfile" (ugh), even different combinations of those two, neither seems to work in a way I'd like it to.

So I've looked at some alternatives and was surprised that almost everything I've found is either

* unmaintained (some promising tools with latest release 10 year ago)
* hosted (this is a no-go, this needs to run locally)
* rather costly (for hosted solutions that have those "Enterprise" packs you can still run on premise)
* "cloud ready" - aka only for Kubernetes etc., we are not planning to go there (yet)
* does not seem to have good support for multiple repos - aka only works as "Build your Pull Requests" - we do have PRs but our workflow is not PR based

Only tool that looks rather decent is buildbot; I've experimented a bit with it few years back and it looked promising, but the web UI in current version 3 seems like a step backwards? I know Chromium uses this but they seem to stick with their fork(?) from v2?

So is there any tool that I haven't found that is as close to good-old-classical Jenkins as possible?

P.S. Some of the issues could've been fixed if we transition to a mono-repo, but this is not possible for various reasons; and many devs do hate Git submodules so I won't be able to force anyone to deliver code like this...

https://redd.it/o8t97b
@r_devops

Deploying to different namespaces via Jenkins in k8s (and secrets mgmt)

Hi all,

Just a couple of things I wanted to run past you folks to get opinions. First on deploying to different namespaces from Jenkins

My current plan is to deploy Jenkins in k8s under a cicd namespace, and then teams a, b, and c can use that instance for their cicd. Agents will run as ephemeral pods. The question I have is around how to give Jenkins access to other namespaces. As I see it, I have two options:

1. Agents run with a service account that I give the relevant rolebindings to, to enable it to deploy/destroy in other namespaces.
2. Every namespace gets a svc account, and the token for it is saved in Jenkins as a credential (possibly under a folder to restrict usage). Then a job references that single credential which can only talk to one namespace.

However, 1 doesn't feel great because you end up with a service account that can do everything (e.g. delete everything from every namespace) and with 2, a.) it's more work and ultimately b.) you end up storing loads of credentials in Jenkins that are notoriously easy to exfiltrate and hard to manage.

What's the ideal solution here? I think I could use Vault as an external secret store, but I'm not sure what advantage that gives and I was planning to use Sealed Secrets for non-cicd secrets, so Vault would end up just being for storing service account tokens from other project which feels over the top.

P. S. If the best solution is Vault, it would be hugely appreciated if you could expand just a little on the best implementation as I haven't had much Vault xp.

Thanks

https://redd.it/o8tyn9
@r_devops

OPEN source alternative to whitesource

Is there any open source database/software which provides same information as provided by whitesource?

https://redd.it/o8vb65
@r_devops

What's a good place to learn cloud networking fundamentals?

I've started doing some self-learning on the weekends to fill in any knowledge gaps. I've heard CCNA is a great course but it seems a bit too in-depth. I'm more interested in general cloud networking concepts. Knowing what components are and how they all fit in.

Does anyone know of any good resources?

https://redd.it/o8vn6w
@r_devops

How do you handle developer tooling support in your company? Especially for build tools, CI/CD, infrastructure etc.?

As SRE team in our company, we maintain a number of internal tools and their support. We have a system to respond to the requests/questions using Slack and Opsgenie, which I explained here:

https://mtyurt.net/post/2021/mention-opsgenie-oncalls-in-slack.html

Do you have a similar problem? How do you solve it?

https://redd.it/o8ub27
@r_devops

Notes on Upgrading Sonarqube to 8.9 LTS

https://link.medium.com/CU6uKu4Lqhb

https://redd.it/o8x3ae
@r_devops

AWS Cloudwatch Monitoring & Alerts using Bash Scripts

https://themythicalengineer.com/setup-aws-cloudwatch-monitoring-and-alarms.html

https://redd.it/o8yikm
@r_devops

What should I focus on learning?

Been in industry for 1.5 years but there's still a lot of fundamental stuff I don't know. In the sea of devops tools and technologies I feel overwhelmed on what to tackle next.

At work I've done a lot of Jenkins, Python and Azure. So right now I'm trying to knuckle down on the many fundamentals. But as I said there's so much to learn (OS, networking, compute).

Do I focus on these fundamentals as general concepts or go at it from a more cloud angle?

https://redd.it/o8zedp
@r_devops

Ship It! A new podcast about DevOps, Infra, and Cloud Native things

Hey everyone! 👋

We recently launched the [Ship It!](https://changelog.com/shipit) podcast and I thought y'all might find it interesting. [Gerhard Lazu](https://gerhard.io) hosts and the description is:

>A show about getting your best ideas into the world and seeing what happens. We talk about code, ops, infrastructure, and the people that make it happen. Yes, we focus on the people. Because everything else is an implementation detail.

I'd love it if you'd be willing to give it a listen and let me know in the comments what you think! Specifically:

* Do you like the format? The music? The sound?
* What kind of topics should we cover on the show?
* Who are some must-have guests from the DevOps world?

If you're not sure which episode to listen to, you can't go wrong with either of:

1. [The foundations of Continuous Delivery with Dave Farley](https://changelog.com/shipit/5)
2. [Why Kubernetes? with Lars Wikman](https://changelog.com/shipit/7)

I'm excited to hear your thoughts!

https://redd.it/o8xmuv
@r_devops

Starting my first DevOps job soon

Hi all,

I'm in my late 20s and about to start a DevOps job soon. I have 8 months experience as a software engineer. No degree.

I want to learn a lot and make myself employable after this DevOps job contract ends. Are there any certifications that I should focus on?

​

I feel nervous but also really excited to be joining this field.

https://redd.it/o90z04
@r_devops

Is Jenkins still Recommended for ADO

For example, Im working on a process to streamline an onboarding process to Azure for out internal business units that one to use it. I want to automate applying rbac to subscription using the blueprints I have and not entirely sure of the best approach yet but would Jenkins be helpful, if not in this use case then for what? What else is used in this scenario?

https://redd.it/o935tn
@r_devops

How is Linux Academy’s Hands-On Lab System Architected?

Linux Academy / ACloudGuru has a hands-on lab system that gives you access to a self-destructing AWS account for each lab. I tried finding blog posts etc on how they might have actually implemented this, but without success.

Maybe they have some deal with AWS where they get access to a special API that can create an AWS account with an ephemeral JWT token? When the token expires, access to the account halts and a DELETE request is sent to the API so AWS can destroy all the resources and decommission the account? How is Linux Academy serving the Remote Desktop connection?

https://redd.it/o8ydhc
@r_devops

How does your team do devops

I arm wondering how you do devops at your company. Taking a look at the posts on this sub reddit, it seems that people spend most of their time with things like kubernetes, docker, CICD pipelines, infrastructure as code, configuration management, etc, and not on Javascript, node, Java, .NET, etc... The disconnect that I am seeing is that most people here believe devops is a culture thing and not specific to one team. So where does your team fit on this spectrum? Do you spend most of your time doing full stack development, then applying devops principles. Or are you part of a devops teams helping other teams better adopt devops. What are the advantages and disadvantages of being on either spectrum, from a personal growth point of view

https://redd.it/o94z1j
@r_devops

I've got a potential opportunity to start a career in devops and I'm wanting to know what sort of skills I should get/have

I just finished a 3 year Higher level apprenticeship in computer science, I have expierence in service desk, basic software development, infrastructure, SQL and most recently M365 and power platform.

I just want to know if devops is something I could really get into. It seems really interesting and something right up my street but I feel some external advice and tips could be super useful.

I'm thankful for any and all advice you guys can give me

https://redd.it/o95mtf
@r_devops

I want to migrate off of Heroku, where do I start?

Note: Not so much migrate but avoid, as this is a fresh app and I won't need to transfer data off of Heroku such as a database.

Right now I use Heroku for hosting web apps as it's easy. I'm getting ready to push a project into production soon. Comparing pricing, going with a Kubernetes setup on GKE and Cloud SQL is about 20% cheaper for my needs versus Heroku. And since I'm paying hosting fees, I like the sound of cheaper.

But I know absolutely nothing about replicating what Heroku does on GCP. I'm only a developer, I've never had to deal with a complicated setup like this. I've got my web app running in Docker just fine and with a Docker Compose, but that's about it. How do I get to merging my git branches and auto-deploying onto Kubernetes Cluster(s)?

What are some good resources to learn this stuff? For reference it's a pretty standard Rails app with Sidekiq. Uses Postgresql.

Thanks.

https://redd.it/o9b0zd
@r_devops

DevOps with AWS Live Demo in Telugu | తెలుగులో DevOps | DevOps Real Time...

In this video we are going to cover DevOps with AWS Live Demo in Telugu | తెలుగులో DevOps | DevOps Real Time Training in Telugu | DevOps Training in Telugu with Real Time Projects

In this DevOps with AWS Demo we are going to cover below points

1.DevOps introduction

2.AWS introduction

3.who can learn this course

4.Laptop configuration needed for practical's

5.Duration of the Course

6.Latest DevOps Tools Trending in Present Market in 2021

https://redd.it/o9e1rm
@r_devops

Dockerfile optimization

I have been given a task to optimize a messy Dockefile. I've dome some of it on my own. Posting it here to gather some fresh ideas.


FROM python:3.6
WORKDIR */app*
COPY *.* *.*
RUN *chmod* *+x* */app/run.sh*
ENTRYPOINT *\[*"/app/run.sh"*\]*
RUN *pip3* *install* *snakemake*
RUN *apt-get* *update* *&&* *apt-get* *install* *-y* *dirmngr* *gnupg* *apt-transport-https* *ca-certificates* *software-properties-common*
RUN *apt-key* *adv* *--keyserver* *keys.gnupg.net* *--recv-key* '0123456789ABCD'
RUN *add-apt-repository* 'deb https://cloud.r-project.org/bin/linux/debian buster-cran35/' *&&* *apt-get* *update*
RUN *apt-get* *install* *-y* *r-base*
RUN *apt-get* *update* *&&* *apt-get* *-y* *upgrade* *&&* *apt-get* *install* *-y* *--allow-unauthenticated* *gcc* *zlib1g* *zlib1g-dev* *libbz2-dev* *liblzma-dev* *build-essential* *unzip* *default-jre* *default-jdk* *make* *tabix* *libcurl4-gnutls-dev*
RUN *pip3* *install* *cython*
RUN *pip3* *install* *numpy==1.18.\** *pyvcf==0.6.8* *pysam==0.15.\** *pandas* *boto3*
RUN *pip* *install* *awscli*
ARG AWS\_ACCESS\_KEY\_ID
ARG AWS\_SECRET\_ACCESS\_KEY
ENV AWS\_ACCESS\_KEY\_ID=$AWS\_ACCESS\_KEY\_ID
ENV AWS\_SECRET\_ACCESS\_KEY=$AWS\_SECRET\_ACCESS\_KEY
RUN *mkdir* *tempo* *&&* *cd* *tempo* *&&* *aws* *s3* *cp* *s3://some-bucket/some-dir/plink\_linux\_x86\_64\_20201019.zip* *./* *&&* *unzip* *plink\_linux\_x86\_64\_20201019.zip* *&&* *mv* *plink* */bin/*
RUN *git* *clone* *git://github.com/SelfHacked/htslib.git* *&&* *git* *clone* *git://github.com/SelfHacked/bcftools.git* *&&* *cd* *bcftools* *&&* *make* *&&* *cd* *..* *&&* *mv* *bcftools/\** */bin/*
RUN *apt-get* *install* *tabix*
RUN *aws* *s3* *cp* *s3://some-bucket/some-dir/snpEff\_latest\_core.zip* *./*
RUN *unzip* *snpEff\_latest\_core.zip* *&&* *mv* *snpEff* */app/*
RUN *aws* *s3* *cp* *s3://some-bucket/some-dir/conform-gt.24May16.cee.jar* *./* *&&* *mv* *conform-gt.24May16.cee.jar* */app/*
RUN *aws* *s3* *cp* *s3://some-bucket/some-dir/beagle.18May20.d20.jar* *./* *&&* *mv* *beagle.18May20.d20.jar* */app/*
RUN *aws* *s3* *cp* *s3://some-bucket/some-dir/picard.jar* *./* *&&* *mv* *picard.jar* */app/*
RUN *aws* *s3* *cp* *s3://some-bucket/some-dir/bedops\_linux\_x86\_64-v2.4.39.tar.bz2* *./* *&&* *tar* *jxvf* *bedops\_linux\_x86\_64-v2.4.39.tar.bz2* *&&* *cp* *-r* *bin/\** */usr/local/bin*
RUN *git* *clone* *-b* *1.2.1* *https://github.com/Illumina/GTCtoVCF.git*
RUN *Rscript* *-e* 'install.packages("https://cran.r-project.org/src/contrib/BiocManager\_1.30.10.tar.gz", repos=NULL, type="source")'
RUN *Rscript* *-e* 'BiocManager::install("rtracklayer")'
RUN *Rscript* *-e* 'BiocManager::install("GenomicRanges")'
RUN *aws* *s3* *cp* *s3://some-bucket/some-dir/master.zip* *./* *&&* *unzip* *master.zip* *&&* *Rscript* *-e* "install.packages('GenomeBuildPredictor-master/',repos=NULL,type='source')"
RUN *apt-get* *update* *&&* *apt-get* *install* *-y* *wait-for-it* *vim* *man* *awscli* *jq*
COPY *scripts/wkhtmltopdf.sh* *scripts/*
RUN *scripts/wkhtmltopdf.sh*
COPY *requirements.frozen.txt* */opt/requirements.txt*
RUN *cd* */opt* *&&* *pip* *install* *--upgrade* *pip* *&&* *pip* *install* *-r* *requirements.txt*





Please provide me some of your thoughts.

https://redd.it/o9eq5e
@r_devops

Devs to DevOPs Ratio

Hi DevOps folk...

Probably a hard question to answer, and its likely "it depends"... but... do any of you know the magic ratio of Devs a single DevOps engineer can support? Is it 10:1 ? More? Less?

Im trying to determine the site my DevOps team needs to be as i scale out my development team with external developers. I want to keep DevOps in-house, whilst i outsource my software development.

I heard anecdotes that 10:1 is a safe average ratio, but keen to hear what others see.

Im aware that if you have invested in an automated CI/CD you can probably do more with less, but lets see. I use Azure DevOps, and have an OK-ish CI automation engine, and we have GitHub actions that acts as a CD, calling terraform scripts to deploy on Azure.

Thanks in advance.

​

Neil

https://redd.it/o9ehbk
@r_devops

DevOps/SRE Reading Material

Hi guys, Just wondering if anyone had hany meterial beyond The DevOps Handbook, The Pheonix project and Site Reliability Engineering. I am looking for something that will really advance my system design/system architecture knowledge.

Feel free to also share any book that you found of interest.

https://redd.it/o9gcxl
@r_devops

Tech newsletters.

Hey community! ✌

I was wondering what are your go-to sources for industry news? Any newsletter you are subscribed to?

I'm particularly interested in AI / ML / AIOps , Cloud , Open Source, IT Culture, DevOps tools, IoT Security.

Thank you. 🙏

https://redd.it/o9i8g6
@r_devops

Transform legacy apps to Microservices using the DevOps approach

Read this blog post to know how DevOps can help you to transform your old apps into microservices.

https://redd.it/o9k3fq
@r_devops