diff --git a/build-doh-server.jenkins b/build-doh-server.jenkins index e4a31f4..59e855b 100644 --- a/build-doh-server.jenkins +++ b/build-doh-server.jenkins @@ -1,66 +1,26 @@ -def label = "${UUID.randomUUID().toString()}" -def kanikoImage = "registry.test-chamber-13.lan:5000/nhyatt/kaniko:latest" +def nodeLabel = "${UUID.randomUUID().toString()}" +def repository = "registry.test-chamber-13.lan:8443" +def kanikoImage = "${repository}/nhyatt/kaniko:latest" def repositoryCreds = "quay-repository-creds" -def app_name = "dohserver" - -def dockerfile = """ -FROM golang:alpine AS BUILDER -RUN apk --no-cache add git upx && \\ - go get github.com/m13253/dns-over-https/doh-server && \\ - go get -d -v /go/src/github.com/m13253/dns-over-https/doh-server/... && \\ - go install -v /go/src/github.com/m13253/dns-over-https/doh-server/... && \\ - go build -ldflags="-s -w" -o /go/${app_name} /go/src/github.com/m13253/dns-over-https/doh-server/ && \\ - upx --brute /go/${app_name} - -FROM alpine:latest -RUN apk add --no-cache ca-certificates && \\ - addgroup -S -g 1000 app && \\ - adduser -S app -G app -h /app -u 1000 && \\ - printf '%s\\n' \\ - "-----BEGIN CERTIFICATE-----" \\ - "MIICLTCCAbOgAwIBAgIDAYagMAoGCCqGSM49BAMEME0xCzAJBgNVBAYTAlVTMScw" \\ - "JQYDVQQKDB5UZXN0IENoYW1iZXIgMTMgVHJ1c3QgU2VydmljZXMxFTATBgNVBAMM" \\ - "DFRDMTMgUm9vdCBSMTAgFw0xOTAxMDEwMDAwMDBaGA8yMDUwMDEwMTAwMDAwMFow" \\ - "TTELMAkGA1UEBhMCVVMxJzAlBgNVBAoMHlRlc3QgQ2hhbWJlciAxMyBUcnVzdCBT" \\ - "ZXJ2aWNlczEVMBMGA1UEAwwMVEMxMyBSb290IFIxMHYwEAYHKoZIzj0CAQYFK4EE" \\ - "ACIDYgAE8+/J1ECc0VHxTtGXFLnHJ3NGZ2SW38pp9wI58L5EQbHRLiezYuvkUbI/" \\ - "XGJjLnFdpgjo7W1FFlyhx5ITlCstUX5Sn9bLZiA0+mE0n6b8VwhXwkHlnIeRo7od" \\ - "Zu/OfSFjo2MwYTAdBgNVHQ4EFgQUrGqUJhyRp93wXF645VNtYatRk/AwHwYDVR0j" \\ - "BBgwFoAUrGqUJhyRp93wXF645VNtYatRk/AwDwYDVR0TAQH/BAUwAwEB/zAOBgNV" \\ - "HQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwQDaAAwZQIxAJdgskimDJkf/MGVRrKotmNC" \\ - "xdH/UVQfQppjIR9FAiGeFDr47thclYrzIL6yCkV7nwIwYjf3MbOm/yWblzqe3Uyw" \\ - "UOemMEg3PjcKNsN65W2WVon5HIZx2XVfGRPjf5ZTVWzZ" \\ - "-----END CERTIFICATE-----" > /usr/local/share/ca-certificates/test-chamber-13.lan.crt && \\ - update-ca-certificates - -USER app - -WORKDIR /app - -COPY --from=BUILDER /go/${app_name} /app/ - -ENTRYPOINT ./${app_name} -""" podTemplate( - label: label, - name: "pipeline-runner", + name: "pipelineContainer", + label: nodeLabel, yaml: """--- apiVersion: v1 kind: Pod +metadata: + name: kaniko spec: containers: - name: kaniko - imagePullPolicy: Always image: ${kanikoImage} + imagePullPolicy: Always tty: true command: - /busybox/cat -""", -) { - node (label) { - def workspace = pwd() - +""") { + node (nodeLabel) { stage ("Prepare Kaniko") { container ("kaniko") { withCredentials([usernameColonPassword( @@ -69,7 +29,7 @@ spec: )]) { def dockerJSON = """{ "auths": { - "registry.test-chamber-13.lan:5000": { + "${repository}": { "auth": "${dcreds.bytes.encodeBase64().toString()}" } } @@ -77,7 +37,6 @@ spec: sh """ set +x echo '${dockerJSON}' > /kaniko/.docker/config.json - set -x """ } } @@ -85,9 +44,27 @@ spec: stage('Build Container') { container('kaniko') { + + def dockerfile = """FROM golang:alpine AS BUILDER +RUN apk --no-cache add git upx && \\ + go get github.com/m13253/dns-over-https/doh-server && \\ + go get -d -v /go/src/github.com/m13253/dns-over-https/doh-server/... && \\ + go install -v /go/src/github.com/m13253/dns-over-https/doh-server/... && \\ + go build -ldflags="-s -w" -o /go/dohserver /go/src/github.com/m13253/dns-over-https/doh-server/ && \\ + upx --brute /go/dohserver +FROM ${repository}/nhyatt/alpine:latest +RUN apk add --no-cache && \\ + addgroup -S -g 1000 app && \\ + adduser -S app -G app -h /app -u 1000 +USER app +WORKDIR /app +COPY --from=BUILDER /go/${app_name} /app/ +ENTRYPOINT ./${app_name} +""" + writeFile file: workspace + '/Dockerfile', text: dockerfile - sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"registry.test-chamber-13.lan:5000/nhyatt/${app_name}:latest\"" + sh "/kaniko/executor --context \"${workspace}\" -f \"${workspace}/Dockerfile\" --destination \"${repository}/nhyatt/dohserver:latest\"" } } } -} \ No newline at end of file +}