Automated setup of continuous integration for Go projects hosted on GitHub with Jenkins and GolangCI-Lint.
- Runs unit tests and code quality tools
- Automatically sets up webhooks on GitHub
- Can also be configured for non Go projects
Includes:
- Pull request job template
- Branch push job template
- Various plugins for simple or advanced jobs management
- Automatic backups to local path or remote repository
-
Tools (see install script):
- make
- Docker
- Docker compose
-
GitHub personal access token with scopes:
- repo
- write:repo_hook
First, clone/download repository.
-
Copy .env.dist to .env and fill in each variable.
JENKINS_USERNAME
The username you are going to log in withJENKINS_PASSWORD
The password you are going to log in withJENKINS_URL
The URL which you'll use to access JenkinsJENKINS_PORT
The port number Jenkins container will run onGITHUB_USERNAME
The username of your GitHub accountGITHUB_ACCESS_TOKEN
The personal access token generated from your GitHub accountGO_VERSION
Default version of GoGOLANGCI_LINT_VERSION
Default version of GolangCI-Lint -
Then run:
sudo make
See Makefile for more options.
./setup/install.sh
- Create a new job with
Copy from
option and search for the template you need - Enable it by unchecking
General -> Disable this project
- Configure it (see below)
- Saving it will create the required webhooks
Manage Jenkins -> Global Tool Configuration -> Go -> Go installations
(http://jenkinsurl/configureTools/)- Add a new version:
Add installer -> Extract *.zip/*.tar.gz
(similar to default installed version) - Check versions on Downloads page
- Add a new version:
- Use a Go version for a job (from the job Configure page: http://jenkinsurl/job/jobname/configure)
Build Environment -> Set up Go programming language tools -> Go version
- Plugin: Golang
Manage Jenkins -> Configure System -> Global properties -> Environment variables -> GOLANGCI_LINT_VERSION -> Value
- Check versions on Releases page
- Use in a job (from the job Configure page: http://jenkinsurl/job/jobname/configure)
Build -> Add build step -> Execute shell: GO111MODULE=on golangci-lint-run
- Before the tool runs it installs the configured version (if not already installed)
- It uses a default config which can be overwritten by placing a config file in the root of your repository
- A tool to check source code consistency.
- Not added by default to job templates, it can be added as an
Execute shell
build step to a job asgo-consistent-run
. - If used, it will install the tool automatically and update it on each run (it has no releases for now).
- Configured as a build trigger (from the job Configure page: http://jenkinsurl/job/jobname/configure)
Source Code Management -> Repository URL
Build Triggers -> GitHub Pull Request Builder
- Global configuration
Manage Jenkins -> GitHub Pull Request Builder -> GitHub Auth
- Security
- The [Go GitHub Pull Request job template](JENKINS_HOME/jobs/Go GitHub Pull Request/config.xml) is configured with the
Build every pull request automatically without asking
option which will trigger the job for any user submitting a pull request. Disable it if it's not safe for you.- From the from the job Configure page:
Build Triggers -> GitHub Pull Request Builder -> Advanced -> Build every pull request automatically without asking (Dangerous!).
- From the from the job Configure page:
- The [Go GitHub Pull Request job template](JENKINS_HOME/jobs/Go GitHub Pull Request/config.xml) is configured with the
- Result
- The build result will be published as a comment on the PR page
- This can be disabled from the job Configure page
Build Triggers -> GitHub Pull Request Builder -> Trigger Setup -> Comment File
- Plugin: GitHub Pull Request Builder
- Configured as a build trigger (from the job Configure page: http://jenkinsurl/job/jobname/configure)
General -> GitHub project -> Project url (repository url)
Source Code Management -> Repository URL
Build Triggers -> GitHub hook trigger for GITScm polling
Build Triggers -> Poll SCM
- Global configuration
Manage Jenkins -> GitHub -> GitHub Servers
- Plugin: GitHub Pull Request Builder
- Workspace data (repository used in job) is always deleted after job is finished
- Configure from the job Configure page:
Post-build Actions -> Delete workspace when build is done
- Plugin: Workspace Cleanup
Authorization (http://jenkinsurl/configureSecurity/)
- Configure who has access to Jenkins
Manage Jenkins -> Configure Global Security -> Enable security -> Access Control -> Authorization -> Matrix-based security
- Plugin: Matrix Authorization Strategy
- To local path
Manage Jenkins -> ThinBackup
- Plugin: Matrix Authorization Strategy
- To remote repository
- See
Backup
job- Requires an existing GitHub repository
- Enable job by unchecking
General -> Disable this project
- Set the repository url:
Source Code Management -> Repository URL
- Set the build schedule:
Build Triggers -> Build periodically -> Schedule
- Customize the process:
Build -> Execute shell
- Configure repository push:
Post-build Actions -> Git Publisher
- The process is simple: every day, some important parts of the environment are pushed to the specified repository.
The server you want to run Jenkins on can be automatically configured with basic security options.
- A machine with a private SSH key file inside is required
- A non-root user will be created with SSH access based on the provided key
- Password authentication will be disabled
- Root user authentication will be disabled
- Firewall will be set up with Jenkins and SSH ports open
See server setup script.
To fully test on localhost you need a tunnel for GitHub to access your machine. You can use tools like serveo and ngrok.