From 30a673a7c70088ff47a61ee39310b4f87ced16a9 Mon Sep 17 00:00:00 2001 From: The_Spider Date: Thu, 27 Jan 2022 08:29:19 -0600 Subject: [PATCH] Changes alpine to use supporting functions --- build-alpine.jenkins | 101 ++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 69 deletions(-) diff --git a/build-alpine.jenkins b/build-alpine.jenkins index ccaf48d..ccd3c6b 100644 --- a/build-alpine.jenkins +++ b/build-alpine.jenkins @@ -1,8 +1,4 @@ -def label = "jenkins-${UUID.randomUUID().toString()}" - -def repository = "registry.c.test-chamber-13.lan" -def kanikoImage = "${repository}/library/kaniko:latest" -def repositoryCreds = "harbor-repository-creds" +#!groovy // Notes: // Don't bother trying to sign images with kaniko. It's not supported. @@ -13,73 +9,40 @@ def repositoryCreds = "harbor-repository-creds" // You can sign images with docker, but that requires Docker-in-docker, // and Docker-in docker requires the --priviledged flag to run. -podTemplate( - label: label, - name: "pipeline-worker", - yaml: """--- -apiVersion: v1 -kind: Pod -metadata: - name: pipeline-worker -spec: - containers: - - name: kaniko - imagePullPolicy: Always - image: ${kanikoImage} - tty: true - command: - - /busybox/cat -""", -) { - node (label) { - def workspace = pwd() +def repository = "registry.c.test-chamber-13.lan" +def repositoryCreds = "harbor-repository-creds" - stage ("Prepare Kaniko") { - container ("kaniko") { - withCredentials([usernameColonPassword( - credentialsId: repositoryCreds, - variable: "dCreds", - )]) { - def dockerJSON = """{ - "auths": { - "${repository}": { - "auth": "${dcreds.bytes.encodeBase64().toString()}" - } - } - }""" - sh """ - set +x - echo '${dockerJSON}' > /kaniko/.docker/config.json - """ - } - } - } +def dockerFile = """FROM ${repository}/dockerhub/library/alpine:latest - stage("Build Latest Alpine with CA") { - container("kaniko") { - def DF = """FROM ${repository}/dockerhub/library/alpine:latest +COPY test-chamber-13.lan.root.crt /usr/local/share/ca-certificates/test-chamber-13.lan.root.crt RUN apk add --no-cache --virtual=.packagecache ca-certificates && \\ - printf '%s\\n' "-----BEGIN CERTIFICATE-----" \\ - "MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\ - "JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\ - "DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\ - "TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\ - "ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\ - "ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\ - "XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\ - "Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\ - "BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\ - "HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\ - "xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\ - "UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\ - "-----END CERTIFICATE-----" > /usr/local/share/ca-certificates/test-chamber-13.lan.root.crt && \\ - update-ca-certificates --fresh && \\ - apk del .packagecache + update-ca-certificates --fresh && \\ + apk del .packagecache """ - writeFile(file: workspace + "/Dockerfile", text: DF) - sh "/kaniko/executor --cleanup --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/library/alpine:latest\" --single-snapshot" - } - } - } + +def label = "kubernetes-${UUID.randomUUID().toString()}" +def templateName = "pipeline-worker" +podTemplate( + label: label, + name: templateName, + yaml: functions.podYaml( + repo: repository, + templateName: templateName, + alpine: true, + fedora: true + ) +) { + node (label) { + def workspace = pwd() + + writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getLocalRootCA()) + + functions.buildContainer( + repository: repository, + imageDest: "${repository}/library/alpine:latest", + dockerFile: dockerFile, + repoCreds: repositoryCreds, + ) + } } \ No newline at end of file