From 89e016e89198dc2c256bcc5628f32fcb827ea6af Mon Sep 17 00:00:00 2001 From: The_Spider Date: Thu, 27 Jan 2022 12:13:44 -0600 Subject: [PATCH] use new build process --- build-kaniko.jenkins | 96 ++++++++++++++++---------------------------- 1 file changed, 35 insertions(+), 61 deletions(-) diff --git a/build-kaniko.jenkins b/build-kaniko.jenkins index 34785cd..74a8dac 100644 --- a/build-kaniko.jenkins +++ b/build-kaniko.jenkins @@ -1,75 +1,49 @@ -def label = "jenkins-${UUID.randomUUID().toString()}" +#!groovy def repository = "registry.c.test-chamber-13.lan" def repositoryCreds = "harbor-repository-creds" -def dockerKey = "docker-image-signing-key" -def dockerKeyPass = "docker-image-signing-pass" -podTemplate( +def dockerFile = """FROM ${repository}/google/kaniko-project/executor:debug + +COPY ./kaniko-chain.crt /kaniko/ssl/certs/ca-certificates.crt +""" + +def label = "kubernetes-${UUID.randomUUID().toString()}" +def templateName = "pipeline-worker" +podTemplate ( label: label, - name: "pipeline-worker", - yaml: """--- -apiVersion: v1 -kind: Pod -metadata: - name: pipeline-worker -spec: - containers: - - name: kaniko - imagePullPolicy: Always - image: ${repository}/google/kaniko-project/executor:debug - tty: true - command: - - /busybox/sh -""", -) { + name: templateName, + yaml: functions.podYaml( + repo: repository, + templateName: templateName, + [ + [ + name: "kaniko", + image: "${repository}/google/kaniko-project/executor:debug", + command: "/busybox/sh" + ] + ] + ) +){ node (label) { def workspace = pwd() - stage ("Prepare Kaniko") { + writeFile(file: workspace + "/test-chamber-13.lan.root.crt", text: functions.getLocalRootCA()) + + stage ("Add Cert to Kaniko") { container ("kaniko") { - withCredentials([usernameColonPassword( - credentialsId: repositoryCreds, - variable: "dCreds", - )]) { - def dockerJSON = """{ - "auths": { - "${repository}": { - "auth": "${dcreds.bytes.encodeBase64().toString()}" - } - } - }""" - sh """ - set +x - echo '${dockerJSON}' > /kaniko/.docker/config.json - printf '%s\\n' "-----BEGIN CERTIFICATE-----" \\ - "MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\ - "JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\ - "DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\ - "TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\ - "ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\ - "ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\ - "XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\ - "Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\ - "BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\ - "HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\ - "xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\ - "UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\ - "-----END CERTIFICATE-----" >> /kaniko/ssl/certs/ca-certificates.crt - """ - } + sh """ + printf '%s\\n' "${functions.getLocalRootCA)" >> /kaniko/ssl/certs/ca-certificates.crt + cp "/kaniko/ssl/certs/ca-certificates.crt" "${workspace}/kaniko-chain.crt" + """ } } - stage("Build Kaniko with CA") { - container("kaniko") { - def DF = """FROM ${repository}/google/kaniko-project/executor:debug -COPY ./kaniko-chain.crt /kaniko/ssl/certs/ca-certificates.crt -""" - sh "cp /kaniko/ssl/certs/ca-certificates.crt \"${workspace}/kaniko-chain.crt\"" - writeFile(file: workspace + "/Dockerfile", text: DF) - sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/library/kaniko:latest\"" - } - } + functions.buildContainer( + repository: repository, + imageDest: "${repository}/library/kaniko:latest", + dockerFile: dockerFile, + repoCreds: repositoryCreds, + ) } } \ No newline at end of file