Skip to end of metadata
Go to start of metadata

Introduction

  • For JS7 - Rollout of Scheduling Objects, the JOC Cockpit can be used to interface with Git repositories in order to store and rollout scheduling objects such as workflows and jobs.
    • JS7 supports the use of Git compliant servers to manage remote repositories such as GitLabGitHub.
    • JS7 makes use of a Git CLI Client that has to be provided by the user.
  • Scheduling objects can be versioned (tagged) with Git and can be rolled out to different JS7 environments via Git. This allows the creation and testing of workflows in a development environment and  rollouts to a production environment to be performed using a Git repository.
  • A connection to a Git repository is considered an additional option for managing versions and rollouts of JS7 scheduling objects.
  • For operations available from the JOC Cockpit GUI see JS7 - Inventory Git Integration. For automation see JS7 - How to rollout from test to prod environments in a CI/CD pipeline.
  • The Git Repository Interface is made available with the following JS7 releases:
    • FEATURE AVAILABILITY STARTING FROM RELEASE 2.3.0  
    • Release 2.3.0: Make JS7 objects available from the file system to allow use of external Git tools.
    • Release 2.4.0: Enable JOC Cockpit to manage JS7 objects with Git.

Object Mappings

Scheduling Objects

JS7 handles the separation of Rollout Objects and Local Objects as described below. JOC Cockpit allows configuration of the category applied for individual object types.

Rollout Objects

JS7 scheduling object types that are independent of a specific environment (dev, test, prod) and that can be rolled out across environments include:

  • Workflows
  • Resource Locks
  • File Order Sources
  • Notice Boards
  • Script Includes

Such objects can be managed with JS7 in a way that allows re-use of the objects - without any changes - across rollout environments such as dev, test, prod.

Local Objects

The following scheduling object types typically hold values that are specific for an individual environment (dev, test, prod) and are therefore usually added to a separate repository. Such objects are not rolled out across environments.

  • Job Resources
  • Calendars
  • Schedules

Folder Mappings

The JS7 inventory is organized with folders.

  • Folders hold scheduling objects such as workflows etc. and any level of sub-folders.
  • Folders are the basic unit for JS7 - Default Roles and Permissions. For example, users can be granted access only to specific folders.
  • Folders allow bulk operations such as deploying, releasing, removing and the renaming of scheduling objects to be performed.

Folders can be mapped to Git repositories managed by the same or by different Git Servers like this:



The mapping of folder objects to repositories implies:

  • user access:
    • users with JS7 access permissions to manage folders and to access the Git repository can manage scheduling objects in the JOC Cockpit and can commit, push, pull scheduling objects to/from Git,
    • users with JS7 access permissions to manage folders but without access to the Git repository can manage scheduling objects in the JOC Cockpit,
    • users with JS7 access permissions to view folders do not require Git access.
  • folder usage:
    • if a single Git repository should be used then all folders have to be available from a single top-level folder,
    • for use with a number of Git repositories each top-level folder maps to a different repository,
    • folders can remain without Git integration for local management and deployment.

JOC Cockpit maps top-level folders to Git repositories and stores the relevant Git repository URL for each folder in its inventory.

Git Access

User Access

User access is available in line with JOC Cockpit security levels used for deployment of workflows, see JS7 - Security Architecture.

  • Security level LOW maps to use of a single Git account used by all users. Credentials are stored with the root account's profile in the JS7 database.
  • Security level MEDIUM maps to use of an individual Git account per user. Credentials are stored with each user account's profile in the JS7 database.
  • Security level HIGH does not allow storage of Git credentials with JOC Cockpit. Operations on the remote Git repository have to be performed with tools external to JOC Cockpit such as Git Extensions.

The following credentials are managed depending on the Git Server's authentication method:

  • Git Server
    • host(:port) of the remote Git Server
  • Git Account
    • account that is used to connect to a Git server
  • User name
    • name used as author name e.g. for commits
  • E-Mail
    • mail address used as author mail address, for example for commits
  • password
    • the user's password for HTTP(S) Git access
  • private key
    • the path to the user's private key file for SSH Git access
  • Access Token
    • the access token for HTTP(S) Git access

If repositories are used from a number of Git Servers, that require different sets of user credentials, then this can be managed within one JOC Cockpit account, Only one set of credentials per Git Server is used.

If repositories are used from the same Git Servers that require different sets of user credentials then separate user accounts in JOC Cockpit have to be used.

Repository Access

  • The JS7 - REST Web Service API executes a set of Git operations by using the Git Command Line Client.
  • All operations to add scheduling objects to a repository, to stage, commit, push, pull and to merge objects are available from the JS7 REST Web Service API.
  • The JOC Cockpit provides a user interface for Git operations.
  • Users are free to use additional tools such as Git Extensions to manage repositories.

Git Operations

Management

JS7 scheduling objects are transparently managed in a Git repository via the JS7 REST Web Service API. In addition, tools such as Git Extensions and Git command line clients can be used for repository operations.

JOC Cockpit holds a number of local repositories inside the JETTY_BASE/resources/joc/repositories folder. Each top-level folder in the JS7 Configuration view can be mapped to a Git repository. 

  • The local repository for a JS7 top-level folder is created when a user performs the clone operation for the Git repository via the JOC Cockpit.
  • The local repository is persistent and is updated from the JOC Cockpit database (store operation) and from the remote Git repository (pull operation).
  • The remote Git repository is updated from the local repository by use of the push operation.
  • The JS7 - Cleanup Service removes any local repositories if the JS7 top-level folder no longer exists, i.e. if a top-level folder has been dropped from the JOC Cockpit.

The following REST Web Service API operations are available:

  • /inventory/repository/git/checkout
    • checks out a specific branch or tag from the Git repository to the local repository
  • /inventory/repository/git/clone
    • initially clones a Git repository to a local repository
  • /inventory/repository/git/add
    • adds or updates (stages) all new or modified scheduling object on the file system to the local repository
  • /inventory/repository/git/commit
    • commits all staged scheduling objects to a local repository
  • /inventory/repository/git/push
    • pushes changes from the local repository to the remote Git repository

Versioning

Versioning of JS7 scheduling objects is performed by using the tagging capabilities of Git. 

The JS7 REST Web Service API manages the Git tagging process.

The following operations are available:

  • git-tag
    • JS7 REST Web Service API not implemented yet
    • tags a commit with a version label
  • /inventory/repository/git/push
    • see above

Rollout

Rollout between JS7 instances is performed using the Git functionality. The JS7 REST Web Service API manages the processes for checkout and cloning.

The following operations are available:

  • /inventory/repository/git/checkout
    • checks out a specific branch or tag on the local repository
  • /inventory/repository/git/clone
    • initially clones a remote repository to a local repository
  • /inventory/repository/git/pull
    • pulls recent changes from the remote repository to the local repository

JOC Cockpit Operations

The synchronization of scheduling objects between the JOC Cockpit database and the local repositories is managed by the JS7 REST Web Service API and is available from the JOC Cockpit GUI.

The following JS7 REST Web Service operations are available:

  • /inventory/repository/read
    • reads the file tree of the local repository file system folder and updates the JOC Cockpit database
  • /inventory/repository/store
    • stores a set of scheduling objects from the JOC Cockpit database to the file system folder of the local repository
  • /inventory/repository/delete
    • deletes a set of scheduling objects from the file system folder of the local repository
  • /inventory/repository/update
    • adds or updates a set of scheduling objects in the JOC Cockpit database with scheduling objects from the local repository's file system folder

Scenarios

Single Client - Multiple Repositories

Scenario

  • Architecture
    • A dedicated JOC Cockpit instance is used with Controller and Agents for each rollout environment such as dev, test, prod.
    • A set of two Git repositories is used per folder and per rollout environment:
      • one repository holding local objects such as job resources that are specific for an environment,
      • one repository holding rollout objects such as workflows that are rolled out across environments.
    • The JOC Cockpit database holds the JS7 scheduling objects:

      • each JOC Cockpit instance is connected to its own database,
      • each repository is mapped to an individual JOC Cockpit instance,
      • the database can be updated from a local repository.
  • Users
    • All users act in the same JOC Cockpit instance of the relevant rollout environment that is a single client to the Git server.
    • Changes to the Git repositories are performed on behalf of the users' individual accounts and are added to the remote repositories.
  • Rollout
    • Deployments are performed from a single source (JOC Cockpit) to each Controller and Agents per rollout environment (dev, test, prod).
    • Rollouts are performed by copying rollout objects from a local Git repository to a remote Git repository of the target rollout environment (dev => test => prod).

Repositories holding local objects are excluded from rollout. Repositories holding rollout objects are copied across repositories and environments.


JOC Cockpit Operations

The following operations are provided from the JS7 REST Web Service API and from the JOC Cockpit GUI: 

  • Job Management
    • Manage changes to scheduling objects such as workflows and jobs.
    • Deploy scheduling objects to Controller and Agents.
  • Repository Management
    • Store and commit changes to a set of local repositories, push changes to a set of remote repositories.
      • one repository holding local objects such as job resources that are specific for an environment
      • one repository holding rollout objects such as workflows that are rolled out across environments.
    • Pull changes from a remote repository to a local repository and update JOC Cockpit from the local repository.
    • Tag changes (commits) for versioning purposes in a remote repository.

Git Operations

The following operations can be performed with a Git Client outside of JOC Cockpit:

  • Operations similarly available from JOC Cockpit:
    • Push changes from a local repository to a remote repository.
    • Pull changes from a remote repository to a local repository.
    • Tag changes (commits) for versioning purposes in a remote repository.
  • Operations not available from JOC Cockpit:
    • Manage branches in a remote repository.
    • Checkout branches to a local repository.

Multiple Clients - Multiple Repositories

Scenario

  • Architecture
    • A dedicated JOC Cockpit instance is used with Controller and Agents
      • for each user in the dev environment,
      • for all users in the test and prod environments.
    • A set of two Git repositories are used per folder and per rollout environment (dev, test, prod):
      • one repository holding local objects such as job resources that are specific for an environment,
      • one repository holding rollout objects such as workflows that are rolled out across environments.
  • Users
    • Users act in individual JOC Cockpit instances of the dev environment as multiple clients to the Git server.
    • Users act in the same JOC Cockpit instance of the test and prod environments as a single client to the Git server.
    • Changes to the Git repositories are performed on behalf of the users' individual accounts.
  • Rollout
    • Deployments are performed from multiple sources (JOC Cockpit) to the connected Controller and Agents per rollout environment.
    • Rollouts are performed by copying rollout objects from a local Git repository to a remote Git repository of the target rollout environment (dev => test => prod).

Repositories holding local objects are excluded from rollout. Repositories holding rollout objects are copied across repositories and environments.



Operations

JOC Cockpit operations and Git operations are the same as for the above scenario: Single Client - Multiple Repositories.

Use Cases

Lifecycle Support for Workflow Changes

Use Case

Each environment dev, test, prod makes use of an individual JS7 instance using JOC Cockpit and database, Controller and Agents. Any operations are performed by the JS7 REST Web Service API and are offered by the JOC Cockpit GUI.

  • Job Development in a dev environment 
    • A number of scheduling objects, e.g. workflows, are created or changed by a job developer.
    • On completion of the change the job developer deploys the workflows to Controller and Agents to perform functional tests in the dev environment.
    • With functional tests being successful the developer:
      • stores changes to workflows and related rollout objects to the local dev-rollout repository, commits changes and pushes changes to the remote dev-rollout repository.
      • optionally stores changes of local objects such as job resources to the local dev-local repository, commits changes and pushes changes to the remote dev-local repository.
  • Integration Testing in a test environment
    • A tester with access to the job developer's remote dev-rollout repository adopts the current change:
      • The tester performs a checkout operation of the remote dev-rollout repository to a local dev-rollout repository.
      • The tester is offered the list of recent commits to the dev-rollout repository. From this list the tester filters the commits related to the change by date, author or message. Typically the change is assigned an identifier (Issue Key or similar) that is available with the messages of any commits related to this change.
      • From the selected commits the tester receives the list of changed files and launches the operation to copy the files in this list from the local dev-rollout repository to the local test-rollout repository.
      • The tester updates the JOC Cockpit instance from the local test-rollout repository.
    • The tester adjusts local objects such as job resources as required by the change.
    • The tester deploys changed workflows and related local objects to Controller and Agents to perform integration testing.
    • On completion of integration tests with changes being approved the tester:
      • optionally tags the latest commit in the remote test-rollout repository with a label, e.g. v2.3-approved.
        • Should the tester modify workflows then the tester commits changes to the local test-rollout repository and pushes changes to the remote test-rollout repository before tagging.
        • Some users might deny object modifications being performed in a test environment and instead prefer to apply modifications in dev environments only.
      • optionally stores changes of local objects to the local test-local repository, commits changes and pushes changes to the remote test-local repository.
  • Production Rollout to a prod environment
    • An operator with access to the tester's test-rollout repository adopts the current change:
      • The operator performs a checkout operation of the remote test-rollout repository to a local test-rollout repository. Optionally the checkout is performed for the tag v2.3-approved should the tester have tagged the change accordingly.
      • The operator is offered the list of recent commits to the test-rollout repository. From this list the operator filters the commits related to the change by date, author or message. Typically the change is assigned an identifier (Issue Key or similar) that is available with the messages of any commits related to this change.
      • From the selected commits the operator receives the list of changed files and launches the operation to copy the files in this list from the local test-rollout repository to the local prod-rollout repository.
      • The operator updates the JOC Cockpit instance from the local prod-rollout repository.
    • The operator adjusts local objects such as job resources as required by the change. 
    • The operator deploys changed workflows and local objects to the Controller and Agents for production use.
    • On completion of deployment the operator:
      • stores changes to the local prod-rollout repository, commits changes and pushes changes to the remote prod-rollout repository.
      • optionally tags changes in the remote prod-rollout repository with a label, e.g. v2.3.
      • optionally stores changes to local objects to the local prod-local repository, commits changes and pushes changes to the remote prod-local repository.

References

Rollout by a CI/CD Pipeline

Use Case

Each environment dev, test, prod makes use of an individual JS7 instance using JOC Cockpit and database, Controller and Agents. Any operations are performed by the JS7 REST Web Service API.

  • Job Development and Integration Testing are explained in the use case described above: Lifecycle Support for Workflow Changes.
  • Production Rollout
    • Checkout remote test-rollout repository to local test-rollout repository, optionally based on use of a tag such as v2.3-approved.
    • Filter commits relevant to a change by an identifier available from the commit message and create the list of files affected by resulting commits.
    • Copy files in this list from the local test-rollout repository to the local prod-rollout repository.
    • Update the JOC Cockpit instance from the local prod-rollout repository.
    • Deploy changed workflows to Controller and Agents for production use.
    • Store changes to the local prod-rollout repository, commit changes and push changes to the remote prod-rollout repository.
    • Optionally tag changes in the remote prod-rollout repository with a label, e.g. v2.3.

Automation

Automation of the CI/CD pipeline can be achieved by scripting using the JS7 REST Web Service API:

References



  • No labels
Write a comment…