14 jenkins

00-dev-environment/README.md

@@ -74,7 +74,18 @@ aws sts get-session-token \
 /
 ```
 
-This will return json containing the temporarily credentials.(**WARNING: special characters in the 'SecretAccessKey' may not work for Windoze machines)  
+This will return json containing the temporary credentials.(**WARNING: special characters in the 'SecretAccessKey' may not work for Windoze machines)
+
+**Notice: these are not the SecretAccessKey and SessionToken you provided before. These are brand spanking new to be used specifically for a new programmatic connection**
+
+```mermaid
+sequenceDiagram
+You ->> AWS: I need temporary credentials
+Note right of AWS: Thinking... Thinking
+AWS ->> You: Here are the new credentials...
+You ->> AWS: Here's the credentials to get me access
+AWS ->> You: Soup for you. You have access!!
+```
 
 ```shell
 "Credentials": {
@@ -221,5 +232,5 @@ to complete the training work. In your Cloud9 Editor, perform the following:
   application in that language
 - Add the files to your new branch, commit them, and push the branch up to
   your forked repository
-- Create a pull request from your branch to the master branch within your forked
+- Create a pull request from your branch to the master branch within YOUR forked
   repository and merge after reviewing

14-Jenkins/README.md

@@ -70,6 +70,11 @@ For ease of deployment and scalability, we will provision a Jenkins
 environment using CloudFormation templates on the AWS platform. In order
 to do this you will need the following:
 
+Follow these directions instead
+```
+https://www.jenkins.io/doc/tutorials/tutorial-for-installing-jenkins-on-AWS/#downloading-and-installing-jenkins
+```
+
 - EC2 Instance (as the Jenkins Server) -- use the Amazon Linux AMI with JDK installed
   - EIP, for the instance to receive traffic
 - Subnet, containing the Jenkins master instance
@@ -94,6 +99,15 @@ present and you can:
 - Manage "Credentials"
 - View "My Views"
 
+#### I had to re-create the RSA key pair (joels-key-pair) in order to login again
+
+```
+ aws cloudformation create-stack --profile temp --stack-name Joels1411 --template-body file://base.yaml --parameters file://base-params.json --capabilities CAPABILITY_NAMED_IAM
+{
+    "StackId": "arn:aws:cloudformation:us-east-1:324320755747:stack/Joels1411/e8ac7090-cf28-11ed-a8ab-1222a4b30ce5"
+}
+```
+
 #### Lab 14.1.2 - Adding Agents
 
 As it stands, the Jenkins server can be used to execute jobs. Executing jobs

14-Jenkins/base-params.json

@@ -13,18 +13,18 @@
     },
     {
       "ParameterKey": "EC2InstanceAmi",
-      "ParameterValue": "ami-0bce08e823ed38bdd"
+      "ParameterValue": "/aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id"
     },
     {
       "ParameterKey": "EC2InstanceType",
       "ParameterValue": "t2.micro"
     },
     {
       "ParameterKey": "EC2KeyName",
-      "ParameterValue": "test-user-key"
+      "ParameterValue": "joels-key-pair"
     },
      {
       "ParameterKey": "IAMUserOwnerIp",
-      "ParameterValue": "XX.XXX.XXX.XXX"
+      "ParameterValue": "66.110.242.65"
     }
   ]

14-Jenkins/base.yaml

@@ -12,9 +12,9 @@ Parameters:
     Type: String
     Description: IAM user that is owner of this CFN stack
   EC2InstanceAmi:
-    Type: AWS::EC2::Image::Id
+    Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
     Description: EC2 Instance AMI
-    Default: ami-014534a11156c1a0d
+    Default: /aws/service/ecs/optimized-ami/amazon-linux-2/recommended/image_id
   EC2KeyName:
     Type: String
     Description: Name of the EC2 keys used for ssh
@@ -84,6 +84,16 @@ Resources:
           ToPort: 22
           IpProtocol: tcp
           CidrIp: 0.0.0.0/0
+        -
+          FromPort: 80
+          ToPort: 80
+          IpProtocol: tcp
+          CidrIp: 0.0.0.0/0
+        -
+          FromPort: 8080
+          ToPort: 8080
+          IpProtocol: tcp
+          CidrIp: 0.0.0.0/0
         -
           FromPort: -1
           ToPort: -1
@@ -110,6 +120,19 @@ Resources:
         -
           Key: stack
           Value: !Ref "AWS::StackId"
+      UserData:
+        #  https://www.jenkins.io/doc/tutorials/tutorial-for-installing-jenkins-on-AWS/#downloading-and-installing-jenkins
+        Fn::Base64: |
+          #!/bin/bash
+          yum -y update
+          yum install -y wget
+          wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins.io/redhat-stable/jenkins.repo
+          rpm --import https://pkg.jenkins.io/redhat-stable/jenkins.io.key
+          yum -y upgrade
+          amazon-linux-extras install java-openjdk11 -y
+          yum install -y jenkins
+          systemctl enable jenkins
+          systemctl start jenkins
   MyNetworkAcl:
     Type: AWS::EC2::NetworkAcl
     Properties:
@@ -168,14 +191,14 @@ Resources:
       NetworkAclId: !Ref MyNetworkAcl
       RuleNumber: 202
       RuleAction: allow
-      Protocol: 6
+      Protocol: 1
       CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ]
       Icmp:
         Code: -1
         Type: -1
       PortRange:
-        From:  
-        To:
+        From: 8
+        To: -1
   MyNetworkEntryMySecondSubnetIngressAllHttp:
     Type: AWS::EC2::NetworkAclEntry
     Properties:
@@ -187,6 +210,17 @@ Resources:
       PortRange:
         From: 80
         To: 80
+  MyNetworkEntryMySecondSubnetIngressAllJenkins:
+    Type: AWS::EC2::NetworkAclEntry
+    Properties:
+      NetworkAclId: !Ref MyNetworkAcl
+      RuleNumber: 205
+      RuleAction: allow
+      Protocol: 6
+      CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ]
+      PortRange:
+        From: 8080
+        To: 8080
   MyNetworkEntryMySecondSubnetEgressAllTraffic:
     Type: AWS::EC2::NetworkAclEntry
     Properties:
@@ -197,8 +231,8 @@ Resources:
       Protocol: -1
       CidrBlock: !Join ['/', ["10.0.0.128", '25' ] ]
       PortRange:
-        From:
-        To:   
+        From: 0
+        To: 65000
   MySecondSubnet:
     Type: AWS::EC2::Subnet
     Properties:
@@ -250,6 +284,65 @@ Resources:
         -
           Key: stack
           Value: !Ref "AWS::StackId"
+  # JenkinsArtifactsBucket:
+  #   Type: AWS::S3::Bucket
+  #   Properties:
+  #     BucketName: !Sub "${AWS::StackName}-jenkins-artifacts"
+  # JenkinsBuildPipeline:
+  #   Type: AWS::CodePipeline::Pipeline
+  #   Properties:
+  #     Name: !Sub "${AWS::StackName}-jenkins-build-pipeline"
+  #     RoleArn: !GetAtt [CodePipelineRole, Arn]
+  #     Stages:
+  #       - Name: Source
+  #         Actions:
+  #           - Name: SourceAction
+  #             ActionTypeId:
+  #               Category: Source
+  #               Owner: ThirdParty
+  #               Provider: GitHub
+  #               Version: '1'
+  #             OutputArtifacts:
+  #               - Name: SourceArtifact
+  #             Configuration:
+  #               Owner: !Ref GitHubOwner
+  #               Repo: !Ref GitHubRepo
+  #               Branch: !Ref GitHubBranch
+  #               OAuthToken: !Ref GitHubOAuthToken
+  #             RunOrder: 1
+  #       - Name: Build
+  #         Actions:
+  #           - Name: BuildAction
+  #             ActionTypeId:
+  #               Category: Build
+  #               Owner: Custom
+  #               Provider: Jenkins
+  #               Version: '1'
+  #             Configuration:
+  #               ProjectName: !Ref JenkinsProjectName
+  #               Url: !Ref JenkinsUrl
+  #               Username: !Ref JenkinsUsername
+  #               Password: !Ref JenkinsPassword
+  #             InputArtifacts:
+  #               - Name: SourceArtifact
+  #             OutputArtifacts:
+  #               - Name: BuildArtifact
+  #             RunOrder: 1
+  #       - Name: Deploy
+  #         Actions:
+  #           - Name: DeployAction
+  #             ActionTypeId:
+  #               Category: Deploy
+  #               Owner: AWS
+  #               Provider: S3
+  #               Version: '1'
+  #             Configuration:
+  #               BucketName: !Ref JenkinsArtifactsBucket
+  #               ObjectKey: !Ref S3ObjectKey
+  #               Extract: true
+  #             InputArtifacts:
+  #               - Name: BuildArtifact
+  #             RunOrder: 1
 Outputs:
   MyVpcOutput:
     Description: Id of MyVpc