Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Note

Work in progress

Info
iconfalse

Contribution from Eric Dalquist and Tim Levett (University of Wisconsin - Madison)


University of Wisconsin - Madison is using Maven and Jenkins to manage build and deployment of uPortal and portlets across five different environments from one central UI. The WAR Overlay feature of the Maven WAR Plugin is used to inject environment specific configuration into uPortal and each portlet. Jenkins automatically builds and deploys portlets in the development and test environments when changes or new releases are detected reducing developer overhead and turnaround time. A key-pair based token encryption tool is used to securely store credentials a version control system allowing them only to be decrypted at build time on the target server.

 

Prerequisites:

  • Java 7
  • Maven 3

Components:

  1. Jenkins (see below for installation and example configuration) 
  2. Maven
  3. Git
  4. Token Encryption Service 
  5. Projects and Scripts to use in Jenkins

...

  • Download the latest Jenkins release at http://jenkins-ci.org/
  • Deploy the jenkins.war file to your tomcat/webapp directory
  • Restart your tomcat instance

    Image Added

Jenkins Configuration

  • Navigate to 'Manage Jenkins' and then "Configure Global Security".
  • Check 'Enable security'
  • Choose 'Jenkins's own user database'
  • Uncheck 'Allow users to sign up'
  • Choose 'Matrix-based security'
  • Enter an admin username next to 'User/group to add:'
  • Enter log in information for the admin user at (http://localhost:8080/jenkins/securityRealm/firstUser)

...

  1. Clone the project at https://github.com/UW-Madison-DoIT/token-crypt.git
  2. Set Local Path For Keys Storage
    • /token-crypt/tcrypt-web/src/main/resources/webapp.properties
    • For example: edu.wisc.doit.tcrypt.path.keydirectory=/opt/keystore
    • Local Directory MUST be READABLE and WRITEABLE by Tomcat process
  3. Build the application With Maven 3
    • /token-crypt/pom.xml
    • From /token-crypt/ run mvn clean package
  4. Deploy .war file below to Tomcat webapps
    • /TokenCrypt/tcrypt-web/target/tcrypt-web-1.0.4-SNAPSHOT.war
  5. Caveats
    • Remove the jsp-api.jar from the /WEB-INF/lib directory if you get the following error: '500 Unable to read TLD "META-INF/fmt.tld"'

 Image Added

Keys Setup

There is one key directory for the tcrypt service, which will hold all the public keys for each of your server environments so the tcrypt service can encrypt tokens and/or files. The other key directory should be located on each server which will contain the private key. This is used during the overlay build to decrypt the tokens in the property files. 

  • To create the keys, click on the "CREATE SERVICE KEY"
  • Enter the name of your service (ex. my-dev.university.edu) and click the "Create Service Key" button
  • Download the generated public and private keys 
  • Place the public key on the tcrypt server under the directory path that you created above in webapp.properties (ex., /opt/keystore).
  • Place the private key on the server you created a service for under the directory path that you in webapp.properties (ex., /opt/keystore).

    Image Added

Projects & Scripts to use in Jenkins

...