Jenkins Github App

Hello everyone,

I saw Jenkins is working on using the Github checks API:

I’ve created a Github App and installed it to our Jenkins instance. However, it appears this can only be used with the Multibranch pipelines. Those require a Jenkinsfile inside the repo.

That means we essentially need to rewrite all our jobs. That isn’t the worst, since we still have quite a few jobs that are written in the old flow style. My concerns are with repetition and secrets.

Repetition can be dealt with by creating a shared library.

Secrets are not needed for most jobs. However, it does mean we need to properly scope the current secrets we have so they can’t be used outside of a select group of jobs.

One of the possible benefits is that developers are no longer tied to making changes in foreman-infra, which is a painful workflow. It’s hard make changes that you haven’t tested. A Jenkinsfile allows for a lot more experimentation.

I’d also like to discuss this in our next SIG meeting, but by posting this early I hope everyone can come prepared.

This alone can be worth investing in using this. I believe the main reason developers today prefer using travis or gh actions for testing is that it’s very easy to set up from the project repo directly, without having to dig into foreman-infra and figure out all the different pipelines and jobs there. If we can provide some very simple way of setting up common tasks (e.g. run ruby tests on pr, run js tests on pr, run linting etc) in the repo directly while allowing also more complex flows, we could gain a lot from it.