feat: Use GitHub user env variable instead of a hardcoded value.

dksifoua · Jul 9, 2024 · 0f38ea9 · 0f38ea9
1 parent 8bf2fd0
commit 0f38ea9
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -1,3 +1,17 @@
 # AWS Jenkins Deployment
 
 `$ terraform login`
+
+TODOs
+- [] Divide JCasC file into multiple files
+- [] Use Variables instead of hardcoded values
+- [] Deactivate daily scanning of GitHub organization
+- [] Jenkins System Message
+- [] Setup Jenkins URL (jenkins.dksifoua.io)
+- [] Enable https access to jenkins url and redirect http to https
+- [] Jenkins Agent
+- [] Jenkins Controller EFS Volume
+- [] Setup AWS Backup for EFS
+- [] Move Jenkins to Private Subnet
+- [] Allows Jenkins Internet Access
+- [] Setup Jenkins Monitoring
diff --git a/Taskfile.yaml b/Taskfile.yaml
@@ -30,6 +30,8 @@ tasks:
         --build-arg JENKINS_ADMIN_NAME="$JENKINS_ADMIN_NAME" \
         --build-arg JENKINS_ADMIN_DESC="$JENKINS_ADMIN_DESC" \
         --build-arg JENKINS_ADMIN_PASS="$JENKINS_ADMIN_PASS" \
+        --build-arg JENKINS_ADMIN_EMAIL="$JENKINS_ADMIN_EMAIL" \
+        --build-arg GITHUB_USER="$GITHUB_USER" \
         --build-arg GITHUB_ACCESS_TOKEN="$GITHUB_ACCESS_TOKEN" \
         --builder {{.BUILDER}} \
         --file {{.DOCKER_FILE}} \

diff --git a/modules/jenkins/docker/Dockerfile b/modules/jenkins/docker/Dockerfile
@@ -12,13 +12,15 @@ ARG JENKINS_ADMIN_NAME
 ARG JENKINS_ADMIN_DESC
 ARG JENKINS_ADMIN_PASS
 ARG JENKINS_ADMIN_EMAIL
+ARG GITHUB_USER
 ARG GITHUB_ACCESS_TOKEN
 
 ENV JENKINS_ADMIN_USER $JENKINS_ADMIN_USER
 ENV JENKINS_ADMIN_NAME $JENKINS_ADMIN_NAME
 ENV JENKINS_ADMIN_DESC $JENKINS_ADMIN_DESC
 ENV JENKINS_ADMIN_PASS $JENKINS_ADMIN_PASS
 ENV JENKINS_ADMIN_EMAIL $JENKINS_ADMIN_EMAIL
+ENV GITHUB_USER $GITHUB_USER
 ENV GITHUB_ACCESS_TOKEN $GITHUB_ACCESS_TOKEN
 
 #USER root

diff --git a/modules/jenkins/jcasc/jenkins.yaml b/modules/jenkins/jcasc/jenkins.yaml
@@ -37,20 +37,31 @@ jenkins:
             name: authenticated
             permissions:
               - Overall/Read
+              - Job/Read
+              - View/Read
+              - Run/Replay
         - user:
             name: anonymous
             permissions:
               - Overall/Read
+              - Job/Read
+              - View/Read
 
 credentials:
   system:
     domainCredentials:
       - credentials:
           - string:
               description: GitHub Personal Access Token
-              id: github
+              id: github-token
               scope: GLOBAL
               secret: ${GITHUB_ACCESS_TOKEN}
+          - usernamePassword:
+              description: GitHub Username & Password
+              id: github-pass
+              scope: GLOBAL
+              username: ${GITHUB_USER}
+              password: ${GITHUB_ACCESS_TOKEN}
 
 appearance:
   locale:
@@ -62,23 +73,23 @@ unclassified:
     configs:
       - name: Default
         apiUrl: https://api.github.com
-        credentialsId: github
+        credentialsId: github-token
         manageHooks: true
 
   githubconfiguration:
     apiRateLimitChecker: NoThrottle
 
 jobs:
   - script: >
-      organizationFolder('GitHub Org - dksifoua') {
-        description('This contains all repositories with a Jenkinsfile from my github account')
-        displayName('GitHub Organization Folder - dksifoua')
+      organizationFolder("GitHub Org - ${GITHUB_USER}") {
+        description("This contains all repositories with a Jenkinsfile from my github account")
+        displayName("GitHub Organization Folder - ${GITHUB_USER}")
       
         organizations {
           github {
-            repoOwner('dksifoua')
-            apiUri('https://api.github.com')
-            credentialsId('github')
+            repoOwner("${GITHUB_USER}")
+            apiUri("https://api.github.com")
+            credentialsId("github-pass")
             enableAvatar(true)
             
             traits {
@@ -98,7 +109,7 @@ jobs:
                 strategyId(2) // The Current Pull Request Revision
               }
               multiBranchProjectDisplayNaming {
-                displayNamingStrategy('RAW_AND_OBJECT_DISPLAY_NAME')
+                displayNamingStrategy("RAW_AND_OBJECT_DISPLAY_NAME")
               }
               /*userIdentity {
                 extension {
@@ -121,11 +132,11 @@ jobs:
         
         projectFactories {
           workflowMultiBranchProjectFactory {
-            scriptPath('Jenkinsfile')
+            scriptPath("Jenkinsfile")
           }
         }
       
         triggers {
-          cron('@daily')
+          cron("@daily")
         }
       }