Jenkins

Hero image for Jenkins

Jenkins Master

Password for administrator account must be changed right after initial setup. New password is saved in 1Password with name jenkins-master under the appropriate scope.

Source Repository

Bitbucket

Attribute Value
Bitbucket Account nimble-bot
Credential ID bitbucket-username-and-password
Credential Type Username and password
Scope Global
Store Jenkins

Jenkins Agent

Jenkins agent is connected from master via SSH.

  1. Create new SSH key pair

    ssh-keygen -t rsa -C "[email protected]"
    
  2. Register public key to Jenkins agent

    ssh-copy-id -i [PATH_TO_PUBLIC_KEY] [USERNAME]@[JENKINS_AGENT_HOST]
    
  3. Add a SSH private key credential to System scope on Jenkins master’s root domain

  4. Add agent named [SERVICE_PROVIDER_NAME]-[PLATFORM_NAME] all in lowercase

  5. Select Launch agent agents via SSH on Launch method option and provide SSH connection information

Pipeline

Credentials are retrieved on agent through credentials and sshagent methods only in stages they are used.

stage('Bootstrap') {
  environment {
    MATCH_PASSWORD = credentials('match-password')
    MATCH_KEYCHAIN_PASSWORD = credentials('match-keychain-password')
  }
  steps {
    sshagent(credentials: ['bitbucket-ssh']) {
      addToKnownHosts 'bitbucket.org'
      fastlane 'install_certificates'
    }
    podInstall()
    swiftgen()
    sourcery()
  }
}