Update 'build-sonarscanner.jenkins'
This commit is contained in:
parent
46d7e60fe7
commit
2293ef3596
@ -1,26 +1,8 @@
|
||||
def label = "jenkins-${UUID.randomUUID().toString()}"
|
||||
|
||||
def repository = "registry.test-chamber-13.lan"
|
||||
def kanikoImage = "${repository}/nhyatt/kaniko:latest"
|
||||
def repositoryCreds = "quay-repository-creds"
|
||||
|
||||
def caName = "test-chamber-13.lan.root.crt"
|
||||
def caContent = """
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw
|
||||
JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM
|
||||
DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow
|
||||
TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT
|
||||
ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE
|
||||
ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/
|
||||
XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od
|
||||
Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j
|
||||
BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
|
||||
HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC
|
||||
xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw
|
||||
UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ
|
||||
-----END CERTIFICATE-----
|
||||
"""
|
||||
def repository = "registry.cluster.test-chamber-13.lan"
|
||||
def kanikoImage = "${repository}/library/kaniko:latest"
|
||||
def repositoryCreds = "harbor-repository-creds"
|
||||
|
||||
podTemplate(
|
||||
label: label,
|
||||
@ -64,25 +46,36 @@ spec:
|
||||
stage("Kaniko Build & Push") {
|
||||
container ("kaniko") {
|
||||
def dockerfile = """
|
||||
FROM docker.io/sonarsource/sonar-scanner-cli:latest
|
||||
FROM ${registry}/dockerhub/sonarsource/sonar-scanner-cli:latest
|
||||
|
||||
USER root
|
||||
|
||||
COPY ${caName} /etc/ssl/private/${caName}
|
||||
|
||||
RUN keytool \\
|
||||
-importcert \\
|
||||
-noprompt \\
|
||||
-alias ${caName} \\
|
||||
-file /etc/ssl/private/${caName} \\
|
||||
-keystore /opt/java/openjdk/lib/security/cacerts \\
|
||||
-storepass "changeit"
|
||||
RUN printf '%s\\n' "-----BEGIN CERTIFICATE-----" \\
|
||||
"MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\
|
||||
"JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\
|
||||
"DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\
|
||||
"TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\
|
||||
"ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\
|
||||
"ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\
|
||||
"XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\
|
||||
"Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\
|
||||
"BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\
|
||||
"HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\
|
||||
"xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\
|
||||
"UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\
|
||||
"-----END CERTIFICATE-----" > /etc/ssl/private/test-chamber-13.lan.root.crt && \\
|
||||
keytool \\
|
||||
-importcert \\
|
||||
-noprompt \\
|
||||
-alias ${caName} \\
|
||||
-file /etc/ssl/private/${caName} \\
|
||||
-keystore /opt/java/openjdk/lib/security/cacerts \\
|
||||
-storepass "changeit"
|
||||
|
||||
USER scanner-cli
|
||||
"""
|
||||
writeFile (file: workspace + "/${caName}", text: caContent)
|
||||
writeFile (file: workspace + "/Dockerfile", text: dockerfile)
|
||||
sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/nhyatt/sonarscanner:latest\""
|
||||
sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/library/sonarscanner:latest\""
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user