From 6499abf05737c66657b79289fe87831aedbc5dd7 Mon Sep 17 00:00:00 2001 From: The_Spider Date: Fri, 1 Apr 2022 17:02:55 -0500 Subject: [PATCH] convert to declarative pipeline --- build-sonarscanner.jenkins | 113 ++++++++++++++++--------------------- 1 file changed, 50 insertions(+), 63 deletions(-) diff --git a/build-sonarscanner.jenkins b/build-sonarscanner.jenkins index 04b8ecf..3cc818b 100644 --- a/build-sonarscanner.jenkins +++ b/build-sonarscanner.jenkins @@ -1,76 +1,63 @@ -def label = "jenkins-${UUID.randomUUID().toString()}" +#!groovy def repository = "registry.c.test-chamber-13.lan" -def kanikoImage = "${repository}/library/kaniko:latest" def repositoryCreds = "harbor-repository-creds" -podTemplate( - label: label, - name: "pipeline-worker", - yaml: """--- -apiVersion: v1 -kind: Pod -spec: - containers: - - name: kaniko - image: ${kanikoImage} - tty: true - command: - - /busybox/cat -""", -) { - node (label) { - def workspace = pwd() +def workspace +def dockerFile - stage ("Prepare Kaniko") { - container ("kaniko") { - withCredentials([usernameColonPassword( - credentialsId: repositoryCreds, - variable: "dCreds", - )]) { - def dockerJSON = """{ - "auths": { - "${repository}": { - "auth": "${dcreds.bytes.encodeBase64().toString()}" - } - } - }""" - sh """ - set +x - echo '${dockerJSON}' > /kaniko/.docker/config.json - """ - } - } - } +def label = "kubernetes-${UUID.randomUUID().toString()}" +def templateName = "pipeline-worker" +pipeline { + agent { + kubernetes { + yaml functions.podYaml( + repo: repository, + templateName: templateName, + kaniko: true + ) + } + } - stage("Kaniko Build & Push") { - container ("kaniko") { - def dockerfile = """ + stages { + stage ('Initalize Jenkins') { + steps { + script { + workspace = pwd() + writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getLocalRootCA()) + def dockerfile = """ FROM ${repository}/dockerhub/sonarsource/sonar-scanner-cli:latest USER root -RUN printf '%s\\n' "-----BEGIN CERTIFICATE-----" \\ - "MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\ - "JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\ - "DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\ - "TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\ - "ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\ - "ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\ - "XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\ - "Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\ - "BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\ - "HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\ - "xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\ - "UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\ - "-----END CERTIFICATE-----" > /usr/local/share/ca-certificates/test-chamber-13.lan.root.crt && \\ - update-ca-certificates --fresh +COPY test-chamber-13.lan.root.crt /usr/local/share/ca-certificates/test-chamber-13.lan.root.crt +RUN update-ca-certificates --fresh USER scanner-cli """ - writeFile (file: workspace + "/Dockerfile", text: dockerfile) - sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/library/sonarscanner:latest\"" - } - } - } -} \ No newline at end of file + } + } + } + + stage ('Build & Push') { + steps { + container ('kaniko') { + script { + declarativeFunctions.buildContainerMultipleDestinations( + dockerFile: dockerFile, + repositoryAccess: [ + [ + repository: repository, + credentials: repositoryCreds + ], + ], + destination: [ + "${repository}/library/sonarscanner:latest", + ] + ) + } + } + } + } + } +}