nhyatt/build-containers
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update 'build-sonarscanner.jenkins'

Browse Source
This commit is contained in:
Hyatt 2021-05-22 20:12:05 +00:00
parent 46d7e60fe7
commit 2293ef3596
1 changed files with 26 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
build-sonarscanner.jenkins
View File

@ -1,26 +1,8 @@
def label = "jenkins-${UUID.randomUUID().toString()}" def label = "jenkins-${UUID.randomUUID().toString()}"
def repository = "registry.test-chamber-13.lan" def repository = "registry.cluster.test-chamber-13.lan"
def kanikoImage = "${repository}/nhyatt/kaniko:latest" def kanikoImage = "${repository}/library/kaniko:latest"
def repositoryCreds = "quay-repository-creds" def repositoryCreds = "harbor-repository-creds"
def caName = "test-chamber-13.lan.root.crt"
def caContent = """
-----BEGIN CERTIFICATE-----
MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw
JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM
DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow
TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT
ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE
ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/
XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od
Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j
BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC
xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw
UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ
-----END CERTIFICATE-----
"""
podTemplate( podTemplate(
label: label, label: label,
@ -64,25 +46,36 @@ spec:
stage("Kaniko Build & Push") { stage("Kaniko Build & Push") {
container ("kaniko") { container ("kaniko") {
def dockerfile = """ def dockerfile = """
FROM docker.io/sonarsource/sonar-scanner-cli:latest FROM ${registry}/dockerhub/sonarsource/sonar-scanner-cli:latest
USER root USER root
COPY ${caName} /etc/ssl/private/${caName} RUN printf '%s\\n' "-----BEGIN CERTIFICATE-----" \\
"MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\
RUN keytool \\ "JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\
-importcert \\ "DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\
-noprompt \\ "TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\
-alias ${caName} \\ "ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\
-file /etc/ssl/private/${caName} \\ "ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\
-keystore /opt/java/openjdk/lib/security/cacerts \\ "XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\
-storepass "changeit" "Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\
"BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\
"HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\
"xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\
"UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\
"-----END CERTIFICATE-----" > /etc/ssl/private/test-chamber-13.lan.root.crt && \\
keytool \\
-importcert \\
-noprompt \\
-alias ${caName} \\
-file /etc/ssl/private/${caName} \\
-keystore /opt/java/openjdk/lib/security/cacerts \\
-storepass "changeit"
USER scanner-cli USER scanner-cli
""" """
writeFile (file: workspace + "/${caName}", text: caContent)
writeFile (file: workspace + "/Dockerfile", text: dockerfile) writeFile (file: workspace + "/Dockerfile", text: dockerfile)
sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/nhyatt/sonarscanner:latest\"" sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/library/sonarscanner:latest\""
} }
} }
} }