Nathan Burrell from Atlassian discusses how Connect, AWS, and Docker can be used together with Bitbucket Pipelines. Connect provides an integration point for third party services with Atlassian products. AWS is used to host and run microservices. Docker is utilized for containerization of services both locally during development and in production on AWS. The talk covers Connect descriptors, permissions, iFrames, and webhooks for integrating with Atlassian products, as well as how microservices are structured and interact with each other when run on AWS using services like DynamoDB, ECS, and SQS. Kubernetes is also mentioned for container management at scale. Security best practices when using Docker and Kubernetes in production are briefly discussed
6. Permissions
iFrames
Webhooks
Scopes control what your integration can do with JWT tokens
generated using the shared secret provided on installation.
{
…
“scopes”: [
“account”,
“repository:admin”,
“pipeline”,
“pipeline:variable”
],
…
}
7. Permissions
iFrames
Webhooks
Modules are used to specify where you will inject UI fragments
into the parent application.
{
…
“modules”: {
“webPanel”: [ {
“key”: “pipelines-overview”,
“name”: { “value”: “Pipelines Overview” },
“url”: “pipelinesOverview.html?accountUuid={repo_owner_uuid} ”,
“location”: “org.bitbucket.repository.overview.informationPanel”,
“condition”: [ { …} ]
}]
},
…
}
8. Permissions
iFrames
Webhooks
Webhooks are used to specify URLs to be called back to when
certain events occur.
{
…
“lifecycle”: {
“installed”: “/api/events/connect/installed”,
“uninstalled”, “api/events/connect/uninstalled”
},
…
“webhooks” : [ {
“event”: “repo:push”,
“url”: “/api/events/repository/push
}]
}
9. iFrames and Webhooks
iFrames are your UI injection
points into an Atlassian cloud
product. Webhooks allow you to
interact with a product when
certain events occur.
13. Creating
Authenticating
OAuth
Each and every request be it for an iFrame or webhook contains
a JWT token either as a query parameter or in a header
parameter.
Request
Bitbucket Pipelines
JWT
14. Creating
Authenticating
OAuth
Each and every request be it for an iFrame or webhook contains
a JWT token either as a query parameter or in a header
parameter.
Request
Pipelines
JWT
Bitbucket
18. Anatomy of a Microservice
The architecture of a typical
pipelines microservice and how it
interacts with connect.
19. Use the arrows, lines and
symbols included here. Do
not change the styles. Delete
this instructional text.
Microservice
DynamoDB ElastiCache
EC2 ELB
Dropwizard
SQSSNS
Hystrix RxJavaJava
29. Local development
Using compose
Building containers
Use containers to play with multiple versions of tools.
Use container to spin up dependencies.
Dev machine
docker
Working directory
postgres
container
-v $(pwd):/opt/code –w /opt/code openjdk:8-jdk javac …-v $(pwd):/opt/code –w /opt/code openjdk:9-jdk javac …
Java
container
-d --name postgres postgres:9.6 …docker run ... --link postgres openjdk:8-jdk …
30. Local development
Using compose
Building containers
Use compose to manage your entire local environment.
version: ‘2’
services:
java:
image: openjdk:8-jdk
links:
- postgres
volumes:
- .:/opt/code
postgres:
image: postgres:9.6
docker-compose up -ddown
31. Local development
Using compose
Building containers
Using compose and dockerfiles to produce your own images.
version: ‘2’
services:
service:
image: service:dev
build:
context: .
dockerfile: DOCKERFILE
docker tag service:dev service:production &&
docker push service:production
FROM openjdk:8-jdk
ADD [ “*.jar”, “/opt/app/service.jar”]
ENTRYPOINT [ “java”, “-jar” “service.jar”]
DOCKERFILE
docker-compose.yml
docker-compose build
33. Pods
Namespaces
Management
Pods are the base concept of kubernetes. They describe a
collection of related containers, volumes and their settings.
Node
Web Server File synchronizer
Shared directory
Shared network
Pod
41. DockerMicroservices on AWSConnect
Your entry point to an
Atlassian cloud product
Speed up time to
market and free up
time to focus on your
business logic
A runtime environment
for your services and
more ;)
Review