nhyatt/build-containers
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Delete 'build-cosign.jenkins'

Browse Source
This commit is contained in:
Hyatt 2021-05-30 15:28:35 +00:00
parent af4ee2d76f
commit 01b3fe2de5
1 changed files with 0 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
build-cosign.jenkins
View File

@ -1,68 +0,0 @@
def label = "jenkins-${UUID.randomUUID().toString()}"
def localRegistry = "registry.cluster.test-chamber-13.lan"
def gcrRegistry = "gcr.io"
def kanikoRepository = "${localRegistry}/library/kaniko"
def kanikoTag = "latest"
def cosignRepository = "${gcrRegistry}/projectsigstore/cosign"
def cosignTag = "v0.4.0"
def repositoryCreds = "harbor-repository-creds"
podTemplate(
label: label,
name: "pipeline-worker",
yaml: """---
apiVersion: v1
kind: Pod
metadata:
name: pipeline-worker
spec:
containers:
- name: kaniko
imagePullPolicy: Always
image: "${kanikoRepository}:${kanikoTag}"
tty: true
command:
- /busybox/cat
""",
) {
node (label) {
def workspace = pwd()
stage ("Prepare Kaniko") {
container ("kaniko") {
withCredentials([usernameColonPassword(
credentialsId: repositoryCreds,
variable: "dCreds",
)]) {
def dockerJSON = """{
"auths": {
"${localRegistry}": {
"auth": "${dcreds.bytes.encodeBase64().toString()}"
}
}
}"""
sh """
set +x
echo '${dockerJSON}' > /kaniko/.docker/config.json
"""
}
}
}
stage("Build Latest Alpine with CA") {
container("kaniko") {
def DF = """FROM ${localRegistry}/library/alpine:latest as CERT_STORE
FROM ${cosignRepository}:${cosignTag}
COPY --from=CERT_STORE /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
"""
writeFile(file: workspace + "/Dockerfile", text: DF)
sh "/kaniko/executor --cleanup --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${localRegistry}/library/cosign:latest\""
}
}
}
}