Simplified image management with our Harbor and Jenkins integration
We’re excited to introduce our latest setup, aimed at streamlining the process of pushing images to Harbor. The setup can be further distributed to multiple other registries, like ECR or Azure/Google container registries. This is done while ensuring secure credential management within Jenkins and Kubernetes. Our main objective is to achieve full automation, empowering developers to create custom images within Dynatrace and seamlessly integrate their deployment into their projects.
Leverage backstage templates
If you are familiar with Backstage, you’re likely already familiar with its templating functionality. Utilizing this feature, we significantly reduced the workload for setting up new image repositories. You can now easily create a repository for your image, set up a pipeline, create all necessary credentials, and automatically push the image to Harbor and ECR, thereby eliminating the need for multiple pull requests and their associated wait times, as well as the need to wait for credentials.
You can find the template here:
https://backstage.internal.dynatrace.com/create/templates/default/onboarding-standalone-docker
After the template is executed, there is a single pull request to review to confirm the auto-onboarding of your new Harbor project. You can find a demonstration pull request here: https://github.com/dynatrace-infrastructure/dtp-state-prod/pull/381
Technicalities
For all this to work, we had to extend our previous Jenkins-Vault setup to work across different Kubernetes clusters. With security as our top priority, we found a solution by combining external-secrets and our improved version of the Jenkins kubernetes-credential-provider, which we have contributed to the open-source community. With these changes we eliminated the need for complex networking setups and Jenkins restarts. Most importantly we reduced the number of needed pull requests down to just one.
What’s next
If you want to learn more about how we are integrating all this into our builds, or you are interested in integrating steps of this workflow into your own, please check our Dynatrace Backstage documentation at: https://backstage.internal.dynatrace.com/docs/delivery/domain/ci-cd/external-secrets/
The post Simplified image management: Dive into our end-to-end Harbor and Jenkins integration appeared first on Dynatrace news.