This manual covers the installation of Develocity on Microsoft’s Azure Kubernetes Service.

Develocity is a Kubernetes-based application, distributed as a Helm chart. Helm is a package manager for Kubernetes applications. Develocity can generally be installed on Kubernetes clusters running modern Kubernetes versions. Compatibility between versions of Kubernetes, Helm and the Develocity can be found here. Later versions may be compatible but have not been verified to work.

Helm manages all Develocity components.

Prerequisites

This tutorial focuses on the usage of Azure Command-Line Interface. All described steps can be executed in the Azure Cloud Shell or in a local shell with the Azure CLI installed. Please consult the installation guide for more information about local installation.

This tutorial defines several shell variables that are reused in later steps. It requires that all statements are executed in a single shell session.

1. An Azure Account

A Pay as you go with Azure subscription or better is required. Note that a Build in the cloud with an Azure free account is not sufficient.

2. A Develocity License

If you have purchased Develocity or started a trial, you should already have a license file called develocity.license. Otherwise, you may request a Develocity trial license.

3. Optionally add an Active Directory User

You can use the Global Administrator user to continue with this tutorial, but it is advisable to create a separate user with the necessary permissions for security reasons. If you decided to use a local shell, please complete the Azure CLI installation before continuing with the following steps:

$ az login (1)

$ AZ_DOMAIN=$(az rest --method get \
  --url 'https://graph.microsoft.com/v1.0/domains?$select=id' \
  --query "value[0].id" \
  -o tsv)
$ AZ_PRINCIPAL="develocity-tutorial@$AZURE_DOMAIN"

$ az ad user create --user-principal-name $AZ_PRINCIPAL \
  --display-name "Develocity Tutorial" \
  --password "«your chosen password»" (2)

$ AZ_SUBSCRIPTION=$(az account show -o json | jq -r '.id')
$ AZ_RESOURCE_GROUP=develocity
$ AZ_LOCATION=eastus (3)

$ az group create --name $AZ_RESOURCE_GROUP \
  --location $AZ_LOCATION
$ az role assignment create --role "Contributor" \
  --assignee "$AZ_PRINCIPAL" \
  --scope "/subscriptions/$AZ_SUBSCRIPTION"
$ az role assignment create --assignee "$AZ_PRINCIPAL" \
  --role "Role Based Access Control Administrator" \
  --scope "/subscriptions/$AZ_SUBSCRIPTION/resourceGroups/$AZ_RESOURCE_GROUP"
1 Log in with a Global Administrator user or a user with equivalent permissions to create the new user and give permissions.
2 Replace «your chosen password» with a password of your choice.
3 Replace eastus with a nearby Azure region of your choice that fulfills your requirements regarding compliance, data residency, service availability and pricing.
The az account list-locations --query '[].name' -o tsv command lists all available locations.
The Contributor role is used throughout this tutorial, but in a production environment you should use more fine-grained role assignments. The Contributor role grants full access to manage all resources, but does not allow you to assign roles in Azure RBAC, manage assignments in Azure Blueprints, or share image galleries. Therefore, the "Role Based Access Control Administrator" role in the scope of the resource group is assigned to the user as well.

It may be required that multi-factor authentication (MFA) is enabled for the user. Please consult Microsoft’s documentation for more information.

Now log out of the Azure CLI and log back in with the new user:

$ az logout
$ az login (1)
1 Interactive login is required on first login attempt.

4. Hostname (optional)

Azure AKS clusters are provisioned with a public IP address but no hostname. Develocity is not accessible directly by IP, but there are services like nip.io that automatically map hostnames to IPs, so using your own hostname is not required.

If you want to access Develocity by a host name of your choosing (e.g. develocity.example.com), you will need the ability to create the necessary DNS record to route this name to the instance IP address.

You will be able to update this later. You can start with a public DNS name based on the IP address, and later reconfigure to use a custom hostname if desired.

Host Requirements

This section outlines cluster and host requirements for the installation.

1. Compute resources

The default quota for 'Total Regional vCPUs' and 'Standard DDSv5 Family vCPUs' used in this tutorial may not be sufficient for Develocity. You can check your quotas by running (in Azure Cloud Shell or a local shell with the Azure CLI installed):

$ az vm list-usage --location $AZ_LOCATION \
  --query "[?name.value=='cores' || name.value=='standardDDSv5Family'].{"Max":limit,"Used": currentValue,"Quota":name.localizedValue}" \
  -o table

Output:

Used

Max

Quota

0

10

Total Regional vCPUs

0

0

Standard DDSv5 Family vCPU

If there are less than 12 vCPUs available, you can request a quota increase by executing the following commands (assuming 0 are currently used):

$ AZ_SUBSCRIPTION=$(az account show -o json | jq -r '.id')
$ az quota update --resource-name cores \
  --limit-object value=12 \
  --scope "/subscriptions/$AZ_SUBSCRIPTION/providers/Microsoft.Compute/locations/$AZ_LOCATION"
$ az quota update --resource-name standardDDSv5Family \
  --limit-object value=12 \
  --scope "/subscriptions/$AZ_SUBSCRIPTION/providers/Microsoft.Compute/locations/$AZ_LOCATION"

2. Database

Develocity installations have two database options:

  1. An embedded database that is highly dependent on disk performance.

  2. A user-managed database that is compatible with PostgreSQL 12, 13, or 14, including Azure Database for PostgreSQL.

By default, Develocity stores its data in a PostgreSQL database that is run as part of the application itself, with data being stored in a directory mounted on its host machine.

Azure Database for PostgreSQL

There are instructions for using Azure Database for PostgreSQL as a user-managed database in the Appendix A. This can have a number of benefits, including easier resource scaling, backup management, and failover support.

3. Storage

Storage Class Configuration

The Kubernetes StorageClass can be configured for data and backup volumes. If omitted, the default storage class for the cluster will be picked, if there is one. Please consult your cluster documentation for available storage classes.

values.yaml
global:
  storage:
    data:
      class: managed-csi-premium
    backup:
      class: managed-csi
Backup storage class is not necessary when connecting to a user-managed database.

Storage Capacity Configuration

Develocity needs a certain amount of storage for data, logs and backups. If omitted, the shown default amount of storage will be requested from the cluster.

values.yaml
database:
  storage:
    data:
      capacity: 1000Gi # default 250Gi
    backup:
      capacity: 1000Gi # default 250Gi
metrics:
  storage:
    data:
      capacity: 1Gi # default 200Mi
testDistribution:
  storage:
    data:
      capacity: 20Gi # default 10Gi
monitoring:
  storage:
    data:
      capacity: 20Gi  # Default 20Gi
objectStorage:
  embedded:
    storage:
      data:
        capacity: 20Gi  # Default 10Gi
Backup storage capacity is not necessary when connecting to a user-managed database.

Performance

For production workloads, storage volumes should exhibit SSD-class disk performance of at least 3000 IOPS (input/output operations per second). Develocity is not compatible with network-based storage solutions due to limitations of latency and data consistency.

Disk performance has a significant impact on Develocity performance. Develocity is not compatible with network-based storage solutions due to limitations of latency and data consistency.

Object storage

Develocity administrators can store Build Scan data in an object storage service, such as Azure Blob Storage. This can help performance in high-traffic installations by reducing the load on the database. Object storage services also offer performance and cost advantages compared to database storage. Gradle recommends using an object storage service for your installation if you deploy Develocity to Azure Kubernetes Services. See Appendix B for details.

Embedded object storage capacity is not necessary when connecting to an object storage service.

4. Network Connectivity

Develocity requires network connectivity for periodic license validation.

An installation of Develocity will not start if it cannot connect to both registry.gradle.com and harbor.gradle.com.

It is strongly recommended that production installations of Develocity are configured to use HTTPS with a trusted certificate.

When installing Develocity, you will need to provide a hostname, such as develocity.example.com.

Pre-Installation

If you decide to use Azure Cloud Shell, all required tools are already available, and you can skip to step 4. Create a Resource Group.

1. Azure CLI

You will be using the az command line to provision and configure your Azure resources. To install it on your local machine, follow the instructions in the Azure Command-Line Interface (CLI) documentation.

2. Kubectl

kubectl is a command line tool for working with Kubernetes clusters. Use a recent version corresponding with your cluster version.

You can install kubectl by following the steps in the Kubernetes documentation.

3. Helm

Helm is a package manager for Kubernetes applications.

Openssl is a requirement for Helm. Install it by running:

$ sudo yum install openssl -y

Alternatively, if you don’t use yum, you can use sudo apt install openssl -y, brew install openssl, or your package manager of choice.

If you don’t want to install openssl, you can disable Helm’s installer checksum verification using export VERIFY_CHECKSUM=false.

To install Helm, run:

$ curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
See Helm’s installation documentation for more details and non-Linux instructions.

4. Create a Resource Group

Create an Azure resource group to contain all the resources you create for Develocity. If you already created a resource group in step 3. Optionally add an Active Directory User, you can skip this step.

Use the following commands to create a resource group:

$ AZ_RESOURCE_GROUP=develocity
$ AZ_LOCATION=eastus (1)
1 Replace eastus with a nearby Azure region of your choice that fulfills your requirements regarding compliance, data residency, service availability and pricing.
$ az group create --name $AZ_RESOURCE_GROUP --location $AZ_LOCATION

Cluster Configuration

In this section you will create an AKS cluster to run Develocity.

1. Create a Cluster

Create your Azure Kubernetes Service called develocity.

To create it, run:

$ AZ_AKS_NAME=develocity
$ az aks create --name $AZ_AKS_NAME \
  --resource-group $AZ_RESOURCE_GROUP \
  --network-plugin azure \
  --enable-managed-identity \
  --generate-ssh-keys \
  --enable-app-routing \
  --node-count 3 \(1)
  --node-vm-size standard_d4ds_v5 \(2)
  --node-resource-group $AZ_RESOURCE_GROUP-$AZ_AKS_NAME-NRG
1 Recommended node group specification: three nodes with 4 CPU’s and 16GiB memory each
2 eg. standard_d4ds_v5 instances to fulfill requirements
Please consult Virtual machine sizes in Azure for more information on available VM sizes.

This will take several minutes. To add the cluster context to kubectl execute:

$ az aks get-credentials -g $AZ_RESOURCE_GROUP -n $AZ_AKS_NAME

2. Inspect Nodes

These are managed Azure virtual machines (VM) that run the Kubernetes node components, and container runtime.

Once your cluster is up and running, you will be able to see the nodes:

$ kubectl get nodes -o wide
NAME                                STATUS   ROLES   AGE    VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION      CONTAINER-RUNTIME
aks-nodepool1-99999999-vmss000000   Ready    agent   138m   v1.28.5   10.224.0.4    <none>        Ubuntu 22.04.4 LTS   5.15.0-1060-azure   containerd://1.7.15-1
aks-nodepool1-99999999-vmss000001   Ready    agent   138m   v1.28.5   10.224.0.33   <none>        Ubuntu 22.04.4 LTS   5.15.0-1060-azure   containerd://1.7.15-1
aks-nodepool1-99999999-vmss000002   Ready    agent   138m   v1.28.5   10.224.0.62   <none>        Ubuntu 22.04.4 LTS   5.15.0-1060-azure   containerd://1.7.15-1

You can also see the workloads running on your cluster.

$ kubectl get pods -A -o wide
NAMESPACE            NAME                                  READY   STATUS    RESTARTS   AGE    IP            NODE                                NOMINATED NODE   READINESS GATES
app-routing-system   nginx-75b695b88d-sb8r4                1/1     Running   0          139m   10.224.0.56   aks-nodepool1-99999999-vmss000001   <none>           <none>
app-routing-system   nginx-75b695b88d-xbphx                1/1     Running   0          139m   10.224.0.65   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          azure-ip-masq-agent-pxxqm             1/1     Running   0          139m   10.224.0.62   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          azure-ip-masq-agent-qmwwb             1/1     Running   0          139m   10.224.0.33   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          azure-ip-masq-agent-zcm9t             1/1     Running   0          139m   10.224.0.4    aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          cloud-node-manager-lvr6s              1/1     Running   0          139m   10.224.0.33   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          cloud-node-manager-n6dd6              1/1     Running   0          139m   10.224.0.62   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          cloud-node-manager-v6mvw              1/1     Running   0          139m   10.224.0.4    aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          coredns-767bfbd4fb-4gks4              1/1     Running   0          139m   10.224.0.35   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          coredns-767bfbd4fb-t5wkb              1/1     Running   0          139m   10.224.0.32   aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          coredns-autoscaler-7c88465478-wk7g2   1/1     Running   0          139m   10.224.0.13   aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          csi-azuredisk-node-46lrf              3/3     Running   0          139m   10.224.0.4    aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          csi-azuredisk-node-64wp9              3/3     Running   0          139m   10.224.0.62   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          csi-azuredisk-node-fktvz              3/3     Running   0          139m   10.224.0.33   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          csi-azurefile-node-866tz              3/3     Running   0          139m   10.224.0.4    aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          csi-azurefile-node-gkjpv              3/3     Running   0          139m   10.224.0.62   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          csi-azurefile-node-rk5fb              3/3     Running   0          139m   10.224.0.33   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          konnectivity-agent-779db8c5fb-m6fx6   1/1     Running   0          118m   10.224.0.64   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          konnectivity-agent-779db8c5fb-r6tsj   1/1     Running   0          118m   10.224.0.43   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          kube-proxy-2jtb5                      1/1     Running   0          139m   10.224.0.33   aks-nodepool1-99999999-vmss000001   <none>           <none>
kube-system          kube-proxy-2p762                      1/1     Running   0          139m   10.224.0.4    aks-nodepool1-99999999-vmss000000   <none>           <none>
kube-system          kube-proxy-jqt7w                      1/1     Running   0          139m   10.224.0.62   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          metrics-server-76848-qxwk9            2/2     Running   0          138m   10.224.0.71   aks-nodepool1-99999999-vmss000002   <none>           <none>
kube-system          metrics-server-76848-vb22c            2/2     Running   0          138m   10.224.0.60   aks-nodepool1-99999999-vmss000001   <none>           <none>

3. Storage Class

This guide uses the embedded database. You may have a different setup depending on your Helm values file.

Instructions for using Azure Database for PostgreSQL as a user-managed database can be found in the Appendix A.

As outlined in Storage Class Configuration, the provided storage classes `managed-csi' and 'managed-csi-premium' are used for the develocity instance.

For more details on the options available for storage classes see Storage options for applications in Azure Kubernetes Service (AKS).

The Build Scan® service of Develocity can be configured to store the data in Azure Blob Storage. This can help performance in high-traffic installations by taking load off the database. See the Appendix B for details.

4. Ingress Controller

In this tutorial, we will use the Managed NGINX ingress with the application routing add-on already enabled during cluster creation. This is a managed service that provides an ingress controller for your cluster and supports the gRPC protocol.

5. Configure the hostname

Azure will automatically create a public IP address for your cluster load balancer, but no hostname. If you intend to use a custom hostname to access your Develocity instance, you now need to add the appropriate DNS records.

Add an A record for your hostname that points to the public IP address obtained by:

$ az network public-ip list --resource-group $AZ_RESOURCE_GROUP-$AZ_AKS_NAME-NRG \
  --query '[?tags."k8s-azure-service" == `app-routing-system/nginx`].ipAddress' \
  -o tsv

For example for this fictitious IP:

develocity.example.com A 10.110.226.160

Verify that your DNS record works correctly before installing Develocity, such as by using dig develocity.example.com.

Develocity cannot use an IP address as a hostname, but there are services like nip.io that automatically map hostnames to IPs. You can start with a public DNS name based on the IP address, and later reconfigure to use a custom hostname if desired.

It is not possible to use an IP address directly as the Develocity hostname. If you do not wish to set up a permanent DNS record at this time, you can instead use a service like nip.io to provide one based on the IP address. Any of the dash-based naming schemes on the nip.io web page should work, but the following commands generate a useful short name tied to that IP address:

$ DV_IP_ADDRESS=$(az network public-ip list \
  --resource-group $AZ_RESOURCE_GROUP-$AZ_AKS_NAME-NRG \
  --query '[?tags."k8s-azure-service" == `app-routing-system/nginx`].ipAddress' \
  -o tsv)
$ DV_HOSTNAME=$(echo "develocity-$(printf '%02x' $(echo ${DV_IP_ADDRESS//./ })).nip.io") \
&& echo $DV_HOSTNAME

yields something like:

develocity-12345a67.nip.io

Use develocity-12345a67.nip.io as the hostname.

Helm Configuration

Installation options for Develocity are depicted in a Helm values file.

Follow the instructions in the Kubernetes Helm Chart Configuration Guide and return to this document with a complete values.yaml file.

For the usage of Managed NGINX ingress with the application routing add-on, you require these additional values:

cat << EOF >> values.yaml
global:
  hostname: develocity.example.com (1)
  storage:
    data:
      class: managed-csi-premium
    backup:
      class: managed-csi
ingress:
  enabled: true
  annotations:
    nginx.ingress.kubernetes.io/force-ssl-redirect: "true" (2)
  grpc:
    annotations:
      nginx.ingress.kubernetes.io/backend-protocol: GRPC (3)
  ingressClassName: webapprouting.kubernetes.azure.com (4)
EOF
1 The hostname you configured in step 5. Configure the hostname.
2 All HTTP traffic is redirected to HTTPS by the load balancer
3 Required for usage with Bazel
4 The ingress class name of the managed NGINX ingress controller
When adding things to your Helm values file, merge any duplicate blocks. Alternatively, you can use separate files and pass all of them with --values «file» when running Helm commands.
If you want to use Azure Database for PostgreSQL as your database instead of the embedded database, follow Appendix A.
If you want to use Azure Blob Storage for Build Scans, see Appendix B.

Installation

In this section you will install Develocity on your newly created instance.

1. Install the Helm chart

First, add the https://helm.gradle.com/ helm repository and update it:

helm repo add gradle https://helm.gradle.com/
helm repo update gradle

2. Install Develocity

This tutorial assumes you use a valid, self-signed certificate for the used hostname like this:

mkcert $DV_HOSTNAME

Then run helm install with the following command:

helm install \
  --create-namespace --namespace develocity \
  develocity \
  gradle/gradle-enterprise \
  --values ./values.yaml \(1)
  --set-file global.license.file=./develocity.license \(2)
  --set-file ingress.ssl.cert=./$DV_HOSTNAME.pem \(3)
  --set-file ingress.ssl.key=./$DV_HOSTNAME-key.pem (4)
1 The Helm values file you created in Helm Configuration.
2 The Develocity license you obtained in 2. A Develocity License.
3 The self-signed certificate you created.
4 The corresponding key for the self-signed certificate you created.

You should see output similar to this:

NAME: develocity
LAST DEPLOYED: Wed Apr 24 08:08:35 2024
NAMESPACE: develocity
STATUS: deployed
REVISION: 1
TEST SUITE: None

3. Wait for Develocity to start

You can see the status of Develocity starting up by examining its pods.

$ kubectl --namespace develocity get pods
NAME                                               READY   STATUS              RESTARTS     AGE
gradle-database-5f9ddc958b-pn8wm                   0/3     Init:0/3            0            4s
gradle-embedded-object-storage-86745c9cd7-2lpb9    0/1     ContainerCreating   0            4s
gradle-enterprise-app-58b7b75579-4c5hz             0/1     Init:0/4            0            4s
gradle-enterprise-operator-bdb9b67bc-5m9wb         0/1     ContainerCreating   0            4s
gradle-keycloak-64cd768b89-rk9g2                   0/2     Init:0/2            1            4s
gradle-metrics-dbbb75cf5-k86fs                     1/2     Running             0            4s
gradle-monitoring-849994bb56-4wr9t                 0/1     ContainerCreating   0            3s
gradle-proxy-6d7b965c4f-b6jdb                      2/3     Running             0            3s
gradle-test-distribution-broker-5494796d9b-gb289   0/1     Init:0/1            0            3s

Eventually the pods should all report as Running:

$ kubectl --namespace develocity get pods
NAME                                               READY   STATUS    RESTARTS   AGE
gradle-database-5f9ddc958b-tnhh5                   3/3     Running   0          4m41s
gradle-embedded-object-storage-86745c9cd7-m77jf    1/1     Running   0          4m41s
gradle-enterprise-app-58b7b75579-6rmdf             1/1     Running   0          4m41s
gradle-enterprise-operator-bdb9b67bc-pm5x4         1/1     Running   0          4m41s
gradle-keycloak-64cd768b89-cskfj                   2/2     Running   0          4m41s
gradle-metrics-dbbb75cf5-lw2q7                     2/2     Running   0          4m41s
gradle-monitoring-849994bb56-sg46h                 1/1     Running   0          4m41s
gradle-proxy-6d7b965c4f-c7nbr                      3/3     Running   0          4m41s
gradle-test-distribution-broker-5494796d9b-2w9ch   1/1     Running   0          4m41s

Develocity has a /ping endpoint, which can be used to verify network connectivity with Develocity.

Connectivity to Develocity installation can be tested by running the following command on machines which need to connect to Develocity:

curl -sw \\n --fail-with-body --show-error https://$DV_HOSTNAME/ping

It should return SUCCESS.

Once all pods have a status of Running and the system is up and connected, you can interact with it by visiting its URL in a web browser (i.e. the hostname).

develocity

Develocity is installed and running.

Post-Installation

Many features of Develocity, including access control, database backups, and Build Scan retention can be configured in Develocity, once it is running. Consult the Develocity Administration guide to learn more.

For instructions on how to start using Develocity in your builds, consult the Getting Started with Develocity for Gradle users guide.

Appendix

Appendix A: Using Azure Database for PostgreSQL

This appendix will walk you through using an Azure Database for PostgreSQL flexible server as your user-managed database.

1. Obtain the Required Permissions

You need permission to create and manage an Azure Database for PostgreSQL.

The Contributor Azure built-in role granted earlier contains the necessary permissions.

2. Create and set up an Azure Database for PostgreSQL Instance

Develocity is compatible with PostgreSQL 12, 13, or 14. The minimum storage space required is 250 GB with 3,000 or more IOPS.

A. Create a root username and password

Create a root username and password for the database instance, referred to below as «db-root-username» and «db-root-password», respectively. These are the credentials you will use for your database connection; save them somewhere secure.

B. Create the instance

Create the Azure Database for PostgreSQL instance:

$ AZ_POSTGRES=develocity-managed-db
$ AZ_POSTGRES_ADMIN="«db-root-username»"
$ AZ_POSTGRES_ADMIN_PASSWORD="«db-root-password»"
$ DV_DATABASE_NAME=develocity
$ az postgres flexible-server create --name $AZ_POSTGRES \
  --resource-group $AZ_RESOURCE_GROUP \
  --admin-user $AZ_POSTGRES_ADMIN \
  --admin-password $AZ_POSTGRES_ADMIN_PASSWORD \
  --location $AZ_LOCATION \
  --version 14 \
  --tier Burstable \
  --sku-name Standard_B4ms \(1)
  --storage-type PremiumV2_LRS \
  --throughput 125 \
  --iops 3000 \(2)
  --public-access 0.0.0.0 \(3)
  --storage-size 256 \(4)
  --database-name $DV_DATABASE_NAME \
  -o json
1 Use a SKU that fulfills your requirements regarding performance and pricing. Standard_B4ms is a good starting point for this tutorial and provides enough client connections, but most probably is not sufficient for a production instance. See Compute and storage options for Azure Database for PostgreSQL for more information.
2 Use premium storage type and 3000 IOPS for optimal performance.
3 The 0.0.0.0 parameter allows access to this database from any resource deployed in Azure.
4 Develocity should be installed with 250GB of database storage.
$ AZ_POSTGRES_HOSTNAME=$(az postgres flexible-server show --name $AZ_POSTGRES \
  --resource-group $AZ_RESOURCE_GROUP \
  --query 'fullyQualifiedDomainName' \
  -o tsv)

C. Set required server parameters

Develocity requires the following Azure database server extensions:

  • amcheck

  • intarray

  • pg_trgm

  • pgcrypto

  • pgstattuple

To install the extensions, run the following command:

$ az postgres flexible-server parameter set \
  --resource-group $AZ_RESOURCE_GROUP \
  --server-name $AZ_POSTGRES \
  --subscription $AZ_SUBSCRIPTION \
  --name azure.extensions \
  --value amcheck,intarray,pg_trgm,pgcrypto,pgstattuple

You can view the status of your instance with:

$ az postgres flexible-server db show \
  --resource-group $AZ_RESOURCE_GROUP \
  --server-name $AZ_POSTGRES \
  --database-name $DV_DATABASE_NAME

3. Configure Develocity with Azure Database for PostgreSQL

Add the following configuration snippet to your Helm values file:

values.yaml
cat << EOF >> values.yaml
database:
  location: user-managed
  connection:
    host: $AZ_POSTGRES_HOSTNAME
    databaseName: $DV_DATABASE_NAME
  credentials:
    superuser:
      username: $AZ_POSTGRES_ADMIN
      password: $AZ_POSTGRES_ADMIN_PASSWORD
EOF
The superuser is only used to set up the database and create migrator and application users. You can avoid using the superuser by setting up the database yourself, as described in the Database options section of Kubernetes Helm Chart Configuration Guide. Please contact Gradle support for help with this.

This action embeds your database superuser credentials in your Helm values file. It must be kept secure. If you prefer to provide the credentials as a Kubernetes secret, consult the Database options section of the Kubernetes Helm Chart Configuration Guide.

4. Upgrade Develocity with your updated configuration file

If you created the Azure Database for PostgreSQL instance as part of the initial installation, you can continue with the installation process in 2. Install Develocity.

If you’re changing an already running Develocity instance, see Changing configuration values in the Develocity Upgrade Guide for instructions on how to upgrade your Develocity instance with updated configuration values.

Appendix B: Storing Build Scans in Azure Blob Storage

This appendix will walk you through using an Azure Blob Storage bucket to store Build Scan® and Build Cache data. By setting up Azure Blob Storage, you will store Build Cache artifacts in Azure Blob Storage instead of the default storage location. See Build Scan object storage in the Develocity Administration Manual for a description of the benefits and limitations.

1. Obtain the required permissions

You need permission to create and manage an Azure storage account and container.

The Storage Blob Data Contributor Azure built-in role granted earlier contains the necessary permissions.

2. Create an Azure storage account

To create an Azure storage account, run the following command:

$ AZ_STORAGE_ACCOUNT=develocitystorageacc (1)
1 The name of the storage account you want to create. The name must be unique across all existing account name in Azure. It must be 3 to 24 characters long and can contain only numbers and lowercase letters.
$ az storage account create --name $AZ_STORAGE_ACCOUNT --resource-group $AZ_RESOURCE_GROUP -l $AZ_LOCATION

See az storage account create Azure CLI documentation for more information about this command.

3. Create an Azure container

Next, create an Azure container for your storage account. You will need the connection string to your storage container. To find your connection string using the Azure CLI, run the following command:

$ AZ_STORAGE_CONNECTION_STRING=$(az storage account show-connection-string --name $AZ_STORAGE_ACCOUNT \
  --resource-group $AZ_RESOURCE_GROUP \
  --query connectionString \
  -o tsv)

To create an Azure container, run the following commands:

$ AZ_STORAGE_CONTAINER=develocity-storage-container
$ az storage container create --name $AZ_STORAGE_CONTAINER --connection-string $AZ_STORAGE_CONNECTION_STRING
If you want to store Build Scans for multiple installations of Develocity in Azure storage, either add a suffix or use the same container with a different scans object prefix.

See az storage container create in the Azure CLI documentation for more information about this command.

4. Update your Helm Values File

Update your values.yaml file to configure Develocity to store Build Scans in Azure Blob Storage. This will also configure it to use Azure Blob Storage for storing Build Cache artifacts.

values.yaml
cat << EOF >> values.yaml
objectStorage:
  type: azure
  azure:
    container: $AZ_STORAGE_CONTAINER
    credentials:
      source: connectionString
      connectionString: "$AZ_STORAGE_CONNECTION_STRING"
EOF

5. Upgrade Develocity with the new configuration

If you created the Azure Blob Storage instance as part of the initial installation, you can continue with the installation process in Installation.

If you have previously installed Develocity, you must upgrade your instance to use the new configuration in your updated `values.yaml' file. See Changing configuration values in the Develocity Upgrade Guide for instructions.

Return to this procedure after the installation/upgrade is finished.

6. Update the Develocity Admin UI

The next step is to update the Admin UI to use the new object storage configuration. Follow the procedure at Build Scan storage configuration in the Develocity Administration Manual to use the new configuration. Develocity prompts you to restart as part of the procedure.

7. Verify Azure Blob Storage is used

Once Develocity has started, you can verify that the Azure configuration is correct by examining the contents of your Azure container.

Develocity will start even if your object storage configuration is incorrect.

First, publish a Build Scan to ingest some data into Develocity, eg. by following Create a Build Scan® in 60 seconds.

Run the following Azure CLI command to view the number of Build Scans and Build Cache artifacts stored in your Azure container:

$ az storage blob list \
  --account-name $AZ_STORAGE_ACCOUNT \(1)
  --container-name $AZ_STORAGE_CONTAINER \(2)
  --connection-string $AZ_STORAGE_CONNECTION_STRING \(3)
  --prefix build-scans \(4)
  --query "length(@)" -o tsv
$ az storage blob list \
  --account-name $AZ_STORAGE_ACCOUNT \(1)
  --container-name $AZ_STORAGE_CONTAINER \(2)
  --connection-string $AZ_STORAGE_CONNECTION_STRING \(3)
  --prefix build-cache \(4)
  --query "length(@)" -o tsv
1 The name of the storage account you created earlier in step 2. Create an Azure storage account.
2 The name of the container you created earlier in step 3. Create an Azure container.
3 The connection string you obtained earlier in step 3. Create an Azure container.
4 Prefix for the Develocity subsystem.

The following successful response indicates that there are currently 204125 Build Scans and 15960 cache artifacts in the container (this may vary depending on your build):

204125
15960