From 9d3b41f338cd6709d763f64f7c1c39c778c1ab5c Mon Sep 17 00:00:00 2001 From: Amber Date: Sat, 3 Sep 2022 23:28:54 -0400 Subject: [PATCH] Performing better masking on credentials; renaming env variables; cleaning up after Docker agents. --- .groovylintrc.json | 8 ++++++++ Jenkinsfile | 35 ++++++++++++++++++++++------------- 2 files changed, 30 insertions(+), 13 deletions(-) create mode 100644 .groovylintrc.json diff --git a/.groovylintrc.json b/.groovylintrc.json new file mode 100644 index 0000000..dc773c8 --- /dev/null +++ b/.groovylintrc.json @@ -0,0 +1,8 @@ +{ + "extends": "recommended", + "rules": { + "NestedBlockDepth": { + "enabled": false + } + } +} \ No newline at end of file diff --git a/Jenkinsfile b/Jenkinsfile index 395d004..2257f24 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,19 +1,21 @@ pipeline { - agent none environment { HOME = "${env.WORKSPACE}" - DOCKER_REGISTRY = 'https://registry.digitalocean.com' - DOCKER_IMAGE_NAME = 'registry.digitalocean.com/ailuridae-registry/ailuridae.io/everybodymov' - DOCKER_IMAGE = '' + PYTHON_IMAGE = 'python:3.10-slim-bullseye' + CREDENTIALS_ID = 'digital-ocean-ailuridae-registry' + REGISTRY = 'https://registry.digitalocean.com' + IMAGE_NAME = 'registry.digitalocean.com/ailuridae-registry/ailuridae.io/everybodymov' + IMAGE_BUILD = '' } stages { stage('Setup') { agent { docker { - image 'python:3.10-slim-bullseye' + image env.PYTHON_IMAGE + args '--rm' } } steps { @@ -25,7 +27,8 @@ pipeline { stage('Check') { agent { docker { - image 'python:3.10-slim-bullseye' + image env.PYTHON_IMAGE + args '--rm' } } steps { @@ -40,7 +43,7 @@ pipeline { } steps { script { - DOCKER_IMAGE = docker.build("${DOCKER_IMAGE_NAME}") + IMAGE_BUILD = docker.build("${IMAGE_NAME}") } } } @@ -53,10 +56,17 @@ pipeline { } steps { script { - docker.withRegistry(env.DOCKER_REGISTRY, 'digital-ocean-ailuridae-registry') { - DOCKER_IMAGE.push("${BUILD_NUMBER}") - DOCKER_IMAGE.push('latest') - } + // withCredentials annoyingly required to mask token. + withCredentials([usernamePassword( + credentialsId: env.CREDENTIALS_ID, + usernameVariable: 'API_TOKEN_USER', + passwordVariable: 'API_TOKEN_PASS' + )]) { + docker.withRegistry(env.REGISTRY, env.CREDENTIALS_ID) { + IMAGE_BUILD.push("${BUILD_NUMBER}") + IMAGE_BUILD.push('latest') + } + } } } } @@ -69,5 +79,4 @@ pipeline { } } } - -} \ No newline at end of file +}