GCP Compute Engine

7 minute readExtensibilityDeveloper productivity

This plugin integrates with Google Cloud Platform to provision new resources from the pre-defined resource templates.

Plugin version 2.5.3.2021090625

Revised on September 06, 2021

Service Account

The plugin is using GCP service accounts in order to communicate with GCP API. In order to get a service account, please perform the listed steps:

  • In Google Cloud Console, open section IAM & Admin -> Service Accounts.

  • Provide a new name and a description for the Service Account.

  • Provide required roles for the service account. The needed roles will depend on the planned actions. Here is one of the possible roles configurations:

    • Compute Image User

    • Compute Instance Admin (v1)

    • Compute Network User

    • Service Account User

  • Grant user access to the service account if needed.

  • Create a new JSON key. The key will be downloaded.

  • Provide the contents of the key into the plugin configuration.

Plugin configurations

Plugin configurations are sets of parameters that apply across some or all of the plugin procedures. They reduce repetition of common values, create predefined parameter sets for end users, and securely store credentials where needed. Each configuration is given a unique name that is entered in designated parameters on procedures that use them.

Creating plugin configurations

To create plugin configurations in CloudBees CD, do these steps:

  • Go to Administration Plugins to open the Plugin Manager.

  • Find the EC-GCP-ComputeEngine-2.5.3.2021090625 row.

  • Click Configure to open the Configurations page.

  • Click Create Configuration as per the description of parameters below.

Configuration procedure parameters

ParameterDescription

Configuration name

The name for the created configuration

Description

Description for the configuration

Project Id

Project ID of the project in GCP under which Instances are provisioned. If not provided, will be taken from the key. If the key is not provided then this field is mandatory.

Zone

Zone name, e.g. us-east1-b

Authorization type

Authorization type: either provide a JSON key file or use the instance metadata (a service account should be assigned to the instance) to authenticate API calls.

Check connection resource

Select resource to run test connection step on. This resource should have a proper service account authorized (applicable to the instance metadata authorization type only).

Credential

Service account key in JSON format. For example,

[source,json] ---- { "type": "service_account", "project_id": "PROJECT ID", "private_key_id": "PRIVATE KEY ID", "private_key": "-----BEGIN PRIVATE KEY-----PRIVATE KEY CONTENT-----END PRIVATE KEY-----\n", "client_email": "SERVICE ACCOUNT NAME@PROJECT ID.iam.gserviceaccount.com", "client_id": "CLIENT ID", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://oauth2.googleapis.com/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/ACCOUNT ID" } ----

Check Connection?

If checked, the connection endpoint and credentials entered as part of the configuration will be tested. If this option is checked, configuration will not be saved if the test fails.

Debug Level

This option sets debug level for logs. If info is selected, only summary information will be shown, for debug, there will be some debug information and for trace the whole requests and responses will be shown.

Run Script Procedure

This procedure is dangerous because it allows users to run their own code.

By default this procedure has a special ACL for group Everyone, that denies execution privilege. In order to use the procedure, remove the ACL.

Also, it is not recommended to use service account with wide permissions.

Plugin procedures

IMPORTANT Note that the names of Required parameters are marked in *bold italics* in the parameter description table for each procedure.

Create Image

Creates a new Virtual Machine image in GCP

Create Image parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Family

Name of the Image family. Either image family name or image name should be provided. If the image name is not provided, it will be calculated from the family name.

Name

Name of the image. Either image family name or image name should be provided. If the image name is not provided, it will be calculated from the family name.

Source Disk

Name of the Source Disk.

Disk Zone

Zone of the Source Disk. If Source Disk is chosen, this field should be specified.

Description

Description for the new image.

Disk Size (GB)

Disk size in GB

Deprecate Old Image?

If checked, the old image from the same family will be deprecated and replaced with the new image

Force Create?

If checked, the image will be created even if the disk is in use by a running instance.

Locations

Space or newline-separated zone names for the new image. By default the new image will be multi-zonal.

Start Instances

Starts one or more Virtual Machine Instances in GCP.

Start Instances parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Instance Names

Instance name.

In case of multiple instances, specify one instance name per line.

Result Property Sheet

Property Sheet to store instances that are started in JSON format.

Output parameters

ParameterDescription

instances

JSON representation of instances

Provision

Creates one or more Virtual Machine instances.

Provision parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Instance Name Template

Name of the instance template e.g. my-instance-1.

The instance name is typically generated by adding a random string to the end of this name.

Instance Type

Instance type, e.g. n1-standard-2

Source Image

Source image starting with a project name, e.g. my-project/global/images/image-name.

Either URL or family should be provided.

Source Image Project

Project to which Source Image belongs.

If not specified, the project from the configuration will be used.

Source Image Family

Source Image family.

Either the family or a URL should be provided.

Keys

SSH keys in JSON format, e.g. [{"userName": "user", "key": "ssh-rsa …​.."}]

Network

The name of the VPC network, e.g. default. This may be a name, if the network is located in the same project with the newly created instance, or a path to the network if it is located in another project, e.g. projects/other-project/global/networks/shared-network.

Subnetwork

The name of the VPC subnetwork, e.g. default. This may be a name, if the subnetwork is located in the same project with the newly created instance, or a path to the subnetwork if it is located in another project, e.g. projects/other-project/regions/us-east1/subnetworks/shared-subnetwork.

Disk Size

Instace disk size in Gb

Instance Tags

Instance tags, newline-separated, e.g. my-tag1

Assign Public IP?

If checked, a NAT network interface will be attached to the instance.

Use Service Account

If specified, the Service Account used to provision the virtual machine. Options are as follows.

* None - No Service Account is used.

* Same - Use the Service Account as in the plugin configuration.

* Another - Use the Service account as specified in the Service Account email field. In this case the expectation is that the Service Account used in the plugin configuration has privileges to access this other service account.

Service Account Email

Service account email to use with the provisioned machine.

Service Account Scopes

Access scopes. See Access Scopes for more details. By default, https://www.googleapis.com/auth/cloud-platform scope is used.

Protect from Deletion?

If checked, the instance will be protected from deletion.

Labels

Labels for the instance, in JSON format, e.g. {"team": "myteam"}.

Preemptible

A preemptible VM costs much less, but lasts only 24 hours. It can be terminated sooner due to system demands.

Hostname

Hostname for the instance

Count

The number of instances to create.

Ping Resource?

If checked, the resource will be pinged and the job will finish successfully only when the resource is up and running.

Timeout in Seconds

If specified, time to wait for provisioning to finish (in seconds).

Resource Pool Name

If specified, the resource will be created for the instance and placed into this pool.

Resource Port

Agent port for the created resource.

Resource Workspace

Workspace name for the created resource.

Resource Zone

Zone to use for the created resource

Result Property

Property sheet to store instance result.

Output parameters

ParameterDescription

instanceDetails

Details of the Instance created.

List Instances

List Virtual Machine instances in GCP.

List Instances parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Filter

Filter expression used to filter resources. The filter expression must specify the field name, a comparison operator, and the value used to filter them.

The value must be a string, a number, or a boolean and the comparison operator must be either =, !=, >, or <.

For example, name != foobar-instance will exclude all Virtual Instances named foobar-instance.

Max Results

The maximum number of results per page that should be returned. If the number of available results is larger than maxResults, Compute Engine returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Acceptable values are 0 to 500, inclusive. (Default: 500)

Order By

Order used to sort results.

By default results are sorted in alphanumerical order of resource name. In addition results can be sorted in descending order of time stamp by using orderBy="creationTimestamp desc". This sorts results based on the creationTimestamp field in reverse chronological order (newest result first).

Currently, only sorting by name or creationTimestamp desc is supported.

Result Property Sheet

Property Sheet used to store JSON representation of instances found.

Output parameters

ParameterDescription

instances

JSON representation of instances found.

Delete Instances

Destroys one or more Virtual Machine Instances in GCP.

Delete Instances parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Instance Names

Instance name.

In case of multiple instances, specify one instance name per line.

Timeout in Seconds

Time (in seconds) to wait for instances to be deleted.

Reset Instances

Reset one or more Virtual Machine Instances in GCP.

Reset Instances parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Instance Names

Instance name.

In case of multiple instances, specify one instance name per line.

Stop Instances

Stops one or more Virtual Machine Instances in GCP.

Stop Instances parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Instance Names

Instance name. In case of multiple instances, specify one instance name per line.

Timeout

Time (in seconds) to wait for instances to be deleted.

Teardown

Deletes Virtual Machines Instance or Instances that correspond to either a CD Resource or a CD Resource Pool. This procedure essentially calls the Delete Instance procedure followed by removing the Resource from CD.

Teardown parameters

ParameterDescription

Configuration Name

Previously defined configuration for the plugin

Resource name or pool name

CD resource name or pool name

Third-party dependencies

ModuleLicense

com.fasterxml.jackson.core:jackson-core:2.13.0-rc2

The Apache Software License, Version 2.0

com.google.api-client:google-api-client:1.32.1

The Apache Software License, Version 2.0

com.google.apis:google-api-services-compute:v1-rev20200331-1.30.9

The Apache Software License, Version 2.0

com.google.auth:google-auth-library-credentials:0.20.0

BSD New license

com.google.auth:google-auth-library-oauth2-http:0.20.0

BSD New license

com.google.auto.value:auto-value-annotations:1.7

Apache 2.0

com.google.code.findbugs:jsr305:3.0.2

The Apache Software License, Version 2.0

com.google.code.gson:gson:2.8.6

Apache 2.0

com.google.errorprone:error_prone_annotations:2.5.1

Apache 2.0

com.google.guava:failureaccess:1.0.1

The Apache Software License, Version 2.0

com.google.guava:guava:30.1.1-android

Apache License, Version 2.0

com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava

The Apache Software License, Version 2.0

com.google.http-client:google-http-client:1.39.2

The Apache Software License, Version 2.0

com.google.http-client:google-http-client-apache-v2:1.39.2

The Apache Software License, Version 2.0

com.google.http-client:google-http-client-gson:1.39.2

The Apache Software License, Version 2.0

com.google.http-client:google-http-client-jackson2:1.34.0

The Apache Software License, Version 2.0

com.google.j2objc:j2objc-annotations:1.3

The Apache Software License, Version 2.0

com.google.oauth-client:google-oauth-client:1.31.5

The Apache Software License, Version 2.0

io.grpc:grpc-context:1.40.1

Apache 2.0

io.opencensus:opencensus-api:0.28.0

The Apache License, Version 2.0

io.opencensus:opencensus-contrib-http-util:0.28.0

The Apache License, Version 2.0

org.checkerframework:checker-compat-qual:2.5.5

The MIT License

Release notes

EC-GCP-ComputeEngine 2.5.3

  • Fixed Teardown procedure to work with the new configurations.

EC-GCP-ComputeEngine 2.5.2

  • Fixed TestConnection procedure.

EC-GCP-ComputeEngine 2.5.1

  • Upgraded dependencies.

EC-GCP-ComputeEngine 2.5.0

  • Added support for the new configurations

  • Fixed "No signature of method: java.util.Date.format()" for Create Image procedure

EC-GCP-ComputeEngine 2.4.0

  • Added instance auth.

EC-GCP-ComputeEngine 2.3.2

  • Upgraded third-party dependencies.

EC-GCP-ComputeEngine 2.3.1

  • Fixed typo in the label and documentation.

EC-GCP-ComputeEngine 2.3.0

  • Added "Preemptible" option to the VM provisioning

  • Removed force block from Run Script procedure.

EC-GCP-ComputeEngine 2.2.2

  • Upgraded third-party dependencies to address vulnerabilities.

EC-GCP-ComputeEngine 2.2.1

  • Fixed a security issue.

EC-GCP-ComputeEngine 2.2.0

  • Added support for shared VPC for the Provision procedure.

  • Added support for Labels field.

EC-GCP-ComputeEngine 2.1.2

  • The documentation has been migrated to the main documentation site.

EC-GCP-ComputeEngine 2.1.1

  • Fixed logging in the dropdown handling.

EC-GCP-ComputeEngine 2.1.0

  • Teardown procedure has been optimized.

  • Groovy core has been upgraded to 1.1.0.

  • Added service account scopes to the Provision procedure.

EC-GCP-ComputeEngine 2.0.0

  • Dynamic Resource Template support has been added.

  • The plugin has been made CloudBees supported.

EC-GCP-ComputeEngine 1.1.0

  • Added pingResource parameter to the Provision procedure: now resource is pinged for availability.

EC-GCP-ComputeEngine 1.0.0

  • Introduced the EC-GCP-Provision plugin.